www.coolmathgames9.com Open in urlscan Pro
108.160.158.68 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.coolmathgames9.com/log/100base2.html
Submission: On August 31 via manual (August 31st 2023, 1:57:49 am UTC) from US — Scanned from CH

Summary HTTP 81 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 14 IPs in 2 countries across 11 domains to perform 81 HTTP transactions. The main IP is 108.160.158.68, located in United States and belongs to PRIVATESYSTEMS, US. The main domain is www.coolmathgames9.com.
TLS certificate: Issued by cPanel, Inc. Certification Authority on July 1st 2023. Valid for: 3 months.

This is the only time www.coolmathgames9.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	108.160.158.68 108.160.158.68	63410 (PRIVATESY...) (PRIVATESYSTEMS)
17	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
4 11	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
23	2a00:1450:400... 2a00:1450:4001:828::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
8	216.58.206.34 216.58.206.34	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
81	14

4 108.160.158.68 (United States)

ASN63410 (PRIVATESYSTEMS, US)
PTR: host.bestvalueshoppingmall.com

www.coolmathgames9.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.lite14.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany) 4 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 216.58.206.34 (United States)

ASN15169 (GOOGLE, US)
PTR: lcfraa-aa-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
40	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 107 tpc.googlesyndication.com — Cisco Umbrella Rank: 150	493 KB
11	doubleclick.net 4 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 40	156 KB
10	gstatic.com www.gstatic.com fonts.gstatic.com	218 KB
9	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1104 www.googleadservices.com — Cisco Umbrella Rank: 149	609 B
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 214	227 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 41	4 KB
3	coolmathgames9.com www.coolmathgames9.com	13 KB
2	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2	1 KB
2	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2547	313 B
1	lite14.us www.lite14.us	1 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 47	90 KB
81	11

	Domain	Requested by
23	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
17	pagead2.googlesyndication.com	www.coolmathgames9.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
11	googleads.g.doubleclick.net	4 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net
8	www.googleadservices.com	www.coolmathgames9.com
6	fonts.gstatic.com	fonts.googleapis.com
4	www.gstatic.com	googleads.g.doubleclick.net
4	www.googletagservices.com	googleads.g.doubleclick.net
3	fonts.googleapis.com	googleads.g.doubleclick.net
3	www.coolmathgames9.com	www.coolmathgames9.com
2	www.google.com	1 redirects tpc.googlesyndication.com
2	region1.google-analytics.com	www.googletagmanager.com
1	www.lite14.us	www.coolmathgames9.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.googletagmanager.com	www.coolmathgames9.com
81	14

This site contains links to these domains. Also see Links.

Domain
www.esteegel.com
www.nigeriannewspapers.pw
www.nigerialocalnews.com

Subject Issuer	Validity	Valid
www.coolmathgames9.com cPanel, Inc. Certification Authority	`2023-07-01` - `2023-09-29`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
lite14.us cPanel, Inc. Certification Authority	`2023-08-22` - `2023-11-20`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh

This page contains 13 frames:

Primary Page: https://www.coolmathgames9.com/log/100base2.html
Frame ID: 378F23406B8752042CB9F44C7FFF79BA
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9816945270938969&output=html&adk=1812271804&adf=3025194257&lmt=1693439863&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x1080_l%7C260x1080_r&format=0x0&url=https%3A%2F%2Fwww.coolmathgames9.com%2Flog%2F100base2.html&ea=0&pra=5&wgl=1&easpi=0&asro=0&asrtr=1&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693447063432&bpp=2&bdt=234&idt=114&shv=r20230829&mjsv=m202308280101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4172577818013&frm=20&pv=2&ga_vid=1930518769.1693447064&ga_sid=1693447064&ga_hid=892869615&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759842%2C44759926%2C42532334%2C44795911&oid=2&pvsid=493524586247545&tmod=1399578026&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=134
Frame ID: A29B51C3D9F7879E5C0A71F4951AA9B1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9816945270938969&output=html&h=250&slotname=1209923437&adk=52358010&adf=994145480&pi=t.ma~as.1209923437&w=970&lmt=1693439863&format=970x250&url=https%3A%2F%2Fwww.coolmathgames9.com%2Flog%2F100base2.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693447063436&bpp=1&bdt=238&idt=137&shv=r20230829&mjsv=m202308280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4172577818013&frm=20&pv=1&ga_vid=1930518769.1693447064&ga_sid=1693447064&ga_hid=892869615&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=330&ady=50&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759842%2C44759926%2C42532334%2C44795911&oid=2&pvsid=493524586247545&tmod=1399578026&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ZXGLRLoaxh&p=https%3A//www.coolmathgames9.com&dtd=141
Frame ID: E9DD16A162921B074BF767FE47F76FEF
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9816945270938969&output=html&h=90&slotname=6942414657&adk=2015494023&adf=3438606592&pi=t.ma~as.6942414657&w=728&lmt=1693439863&format=728x90&url=https%3A%2F%2Fwww.coolmathgames9.com%2Flog%2F100base2.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693447063437&bpp=1&bdt=239&idt=151&shv=r20230829&mjsv=m202308280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x250&nras=1&correlator=4172577818013&frm=20&pv=1&ga_vid=1930518769.1693447064&ga_sid=1693447064&ga_hid=892869615&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=350&ady=530&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759842%2C44759926%2C42532334%2C44795911&oid=2&pvsid=493524586247545&tmod=1399578026&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=BJAgqUBPGz&p=https%3A//www.coolmathgames9.com&dtd=154
Frame ID: C016E31C9620E3B10471FE15AF74ED90
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9816945270938969&output=html&h=314&slotname=3390144467&adk=3331582385&adf=4275680787&pi=t.ma~as.3390144467&w=600&lmt=1693439863&format=600x314&url=https%3A%2F%2Fwww.coolmathgames9.com%2Flog%2F100base2.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693447063437&bpp=1&bdt=239&idt=181&shv=r20230829&mjsv=m202308280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x250%2C728x90&nras=1&correlator=4172577818013&frm=20&pv=1&ga_vid=1930518769.1693447064&ga_sid=1693447064&ga_hid=892869615&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=375&ady=828&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759842%2C44759926%2C42532334%2C44795911&oid=2&pvsid=493524586247545&tmod=1399578026&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoepE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=zAzVuL6shK&p=https%3A//www.coolmathgames9.com&dtd=184
Frame ID: 0F15D96BEC5805DF6D5694CD8B796BD1
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9816945270938969&output=html&h=600&slotname=5713093463&adk=2438949518&adf=2024386618&pi=t.ma~as.5713093463&w=300&lmt=1693439863&format=300x600&url=https%3A%2F%2Fwww.coolmathgames9.com%2Flog%2F100base2.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693447063442&bpp=1&bdt=243&idt=182&shv=r20230829&mjsv=m202308280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x250%2C728x90%2C600x314&nras=1&correlator=4172577818013&frm=20&pv=1&ga_vid=1930518769.1693447064&ga_sid=1693447064&ga_hid=892869615&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1066&ady=432&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759842%2C44759926%2C42532334%2C44795911&oid=2&pvsid=493524586247545&tmod=1399578026&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&fsb=1&xpc=yvqCCAfLRM&p=https%3A//www.coolmathgames9.com&dtd=184
Frame ID: 0EDB55C49A097F1DB888C40B5BA31605
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 1C324E3BA7F1AF45B989B7A36C16C164
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/QWzZRjgqb53KCPJmDiPDE6lnZUdFGzmO3KDfy6MXCng.js
Frame ID: F6A3916ECEFACD299D0DD32BC60F9E53
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/QWzZRjgqb53KCPJmDiPDE6lnZUdFGzmO3KDfy6MXCng.js
Frame ID: 3F630DD2370718F920FA68837DAEDE64
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/QWzZRjgqb53KCPJmDiPDE6lnZUdFGzmO3KDfy6MXCng.js
Frame ID: 0DDBD504D6632655F3819009904F4A41
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/QWzZRjgqb53KCPJmDiPDE6lnZUdFGzmO3KDfy6MXCng.js
Frame ID: 8D50F4BA44517766D8578C6452436D34
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 6AFAF40CB8A10CD761F08EFCA51994D4
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 801AA5696ABF13F5A587C76B5E9A0BDC
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Log base 2 of 100 converter | Evaluate Log2 100 Online

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

81
Requests

95 %
HTTPS

85 %
IPv6

11
Domains

14
Subdomains

14
IPs

2
Countries

1205 kB
Transfer

3068 kB
Size

7
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://www.esteegel.com/zipcode/
Title: Nigeria Postal Code

Search URL Search Domain Scan URL

URL: https://www.nigeriannewspapers.pw/postalcode/
Title: Nigeria zip Code

Search URL Search Domain Scan URL

URL: https://www.nigerialocalnews.com/postalcode/
Title: Naija zip Code

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 51

https://googleads.g.doubleclick.net/pagead/adview?ai=CLuZjl_PvZKLhJ8bOgAfMxLi4DdrAithy7t6fxMUR1u73yYsOEAEggdn-IWCVovSBlAegAbmiyPMpyAEBqAMByAPLBKoEhgJP0DtRVXfubyB_i052K6HO6zVyv8hkig-9u6m2rVAHbtwBzStE527iyCa5_L6v1cJUXD0RTWi4ZTIFKMJ5mKTl15yLmyOz1dt89ZOoAvHnmk74Hrk03FOBIX200NuddfKOxpTZk73lwZEVaNM75GMAPsG4SaNEh-XMtuMIutD9OK38hiRDcM-Fdub3hGjFSfi348GAThV__o6zwX6XfOg0_rUFADYWeaZjGcWsu9e9-RWzSt2zojBOqe63XGOOO8D-b3GmLzq_WeOeAKozrA30jQqwOcjnZU1Dz4cueiKdHZT1I8x_tQO6zTMzwSZ66_qK5ZXSwfoxK7iKAlQI1LyWYD4or2WzwASLrprQtQSIBaWDmJNMkgUECAQYAZIFBAgFGASgBgKAB_bWtugEqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQr4sB0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOpoJzQFodHRwczovL20uaW5zdGFzcmNoLmNvbS9kc2VhcmNoP3V0bV9zb3VyY2U9Z2RuMyZ1dG1fY2FtcGFpZ249MjA2NDU4MTcwOV9fMjA0NDEzMzQxODFfXzIwNDQxMzM0MTgxJnV0bV9jb250ZW50PTM3MjYzNjgyNzg0NDgzNjczN19fX185MDQyMjAwX18xNTE4MzQyMzY2ODNfX2MmcT1vbmxpbmUlMjBib2FyZCUyMG1lZXRpbmclMjBzb2Z0d2FyZSZwaWQ9N181MDA2gAoByAsB2BMNiBQB0BUBgBcBshccChoIABIUcHViLTk4MTY5NDUyNzA5Mzg5NjkYAA&sigh=ESY23Wf2HJc&uach_m=[UACH]&ase=2&cid=CAQSGwBpAlJWi_AdcHjIVJspfhlz-Gp6nbR_Q-EzBRgB&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%22538571140163221844%22,%22debug_reporting%22:true,%22destination%22:%22https://instasrch.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211248210233%22],%224%22:[%2208-31%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%228169494083827478657%22}&andc=true

Request Chain 58

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 63

https://googleads.g.doubleclick.net/pagead/adview?ai=C71uzl_PvZOmdJ7WQ1PIP0s6LuAPTvNfXcrjd59mAEGQQASCB2f4hYJWi9IGUB6ABqtaSqQLIAQmpAmUsfi4iU7I-qAMByAPLhICABKoEiQJP0BEB7bGfgZWpeBxQJkweCqvaU-NkZW-hsNQbrdoczUPPov4yD3YOaWa264xu37bJklnbD47Gd_FQsD_oErznbGVULAw2ahRN-YuyIyY5NUq9Xw1fbL38rLrCPaOqDksStxJIlThWG1FLQYXZ7d9H7gbqnjH9uPr-VkMbhWgtGKbvpZd9GsZGBmQHgmTk6vEJI9qmpPHjDyW9nMHWTOvpr4CTXWaMDOlTJ2Zb73kSETnmVGuPsGanqOTOQUxalFRoTwDmO4pTnX9sEEB1BELjVmkaxhQ4wCYF1oirG2vZyQImGJS188ElmhS3JMv9J7ct7ZXjsOCpx_RkhzupFtjQFrzSCcEtHXUBwASs1NTHiwSIBdzmhc8-kgUECAQYAZIFBAgFGASgBi6AB76p7dYBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQ2pcB0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOpoJH2h0dHBzOi8vd3d3LnJldGVhY2guY29tL3ByZWlzZS-ACgHICwHYEwuIFAfQFQGYFgGAFwGyFxwKGggAEhRwdWItOTgxNjk0NTI3MDkzODk2ORgA&sigh=Ed9shLsfCno&uach_m=[UACH]&ase=2&cid=CAQSGwBpAlJWCHdDc4FAFuCYRlBvJI-n_E_gOvzAxhgB&template_id=5000&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%227780651743915428365%22,%22debug_reporting%22:true,%22destination%22:%22https://reteach.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22623160106%22],%224%22:[%2208-31%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2217367044433884464017%22}&andc=true

Request Chain 67

https://googleads.g.doubleclick.net/pagead/adview?ai=Cv_tOl_PvZI6oKJiliQaE3aGIA9rAithy7t6fxMURvpL8q5cOEAEggdn-IWCVovSBlAegAbmiyPMpyAEBqAMByAPLBKoEhQJP0IJMHBtvgmk2igopyZ3gyxIm0W6wUaVfzHQ-3-hlHu2hOZrZVArxeM1kDI0_WipP7keVxDrZwRBWKvqboxNPe4VWa2oD3zmuDfQUGtVE6Yyp5oH_l1T3F1aqgWZXkQX8VYmAKxQ7XpCk61EldW5ml2i0nPMfwjhR75W26aP40wgnG_o5Dn_aeDazc5Nd__5o904NF1yRzUq7CbwkPw2MyO0f6haDEHWIGoa_SsSsNKdowOq14bUJUFqPNQNtbwpGfsDKLAG19nFsSXcYPEqDSlr2RNzWIAtPwY4gj9hIxrkiMtygtqUmiwPuMXmFo0S2mNNPnfP-_UahxkVRuJK0p-Yk-SvABIuumtC1BIgFpYOYk0ySBQQIBBgBkgUECAUYBIAH9ta26ASoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBDd9wLSCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6mgnOAWh0dHBzOi8vbS5pbnN0YXNyY2guY29tL2RzZWFyY2g_dXRtX3NvdXJjZT1nZG4zJnV0bV9jYW1wYWlnbj0yMDY0NTgxNzA5X18yMDQ0MTMzNDE4MV9fMjA0NDEzMzQxODEmdXRtX2NvbnRlbnQ9MTE2MjAyMzk0ODkyMDIwODIxOF9fX185MDQyMjAwX18xNTE4MzQyMzY2ODNfX2MmcT1vbmxpbmUlMjBib2FyZCUyMG1lZXRpbmclMjBzb2Z0d2FyZSZwaWQ9N181MDA2gAoByAsB2BMNiBQB0BUBgBcBshccChoIABIUcHViLTk4MTY5NDUyNzA5Mzg5NjkYAA&sigh=Y5PeDNpgZ6I&uach_m=[UACH]&ase=2&cid=CAQSGwBpAlJWy7Xld7nQgMycsxnhVb09HLJqw5Z6VBgB&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%223758998692059534788%22,%22debug_reporting%22:true,%22destination%22:%22https://instasrch.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211248210233%22],%224%22:[%2208-31%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%226512180663586720913%22}&andc=true

Request Chain 69

https://googleads.g.doubleclick.net/pagead/adview?ai=CJfSwl_PvZMWzKLGJ-cAPqfqcwAis34naco_unqeeEpyuoKm3EBABIIHZ_iFglaL0gZQHoAG5osjzKcgBCagDAcgDywSqBIUCT9BEohwLIimxeN7yuiX1rDMZVdC1I914mly7i0Vh7mrMKcRxrwAmOO-0VBtHOAvei_ObGgRDFs0QDFS98bA2MIZ7LZNo5tTB4DYPh-tyEYKWX3ISK7QElcuLO7LtkW5_ulZdIYEA8sb8Imbr5Um1Mu5t4gtsCnXMv-rDN-MiquACJqrfJqlYozGiWNFd24dy2XJK-uLiyloDQWT9YpidZ6IB3-CEjCfZW7R_whIsnhXU6vR_6SjQ6Lp6KfrYw5yk34bQdl6FQouNAgV3FslOWmWtX5ej7_1NxJ6anDBcqw0d4IUEZRKD91fJiq412kJSaPDRjcDJ-fQ0s4eCI1enqYy7cWbZwASz9dvytQSIBcC9oIJMkgUECAQYAZIFBAgFGASgBi6AB7X3mtgEqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQ1rgB0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOpoJqAJodHRwczovL3RydWVwYXN0LmNvL2FydGljbGUvMTUyMjY_dXRtX3NvdXJjZT1nZG4zJnV0bV9jYW1wYWlnbj0zNDg5NzAzMjAzX18yMDQwNTgyMTEyMF9fMjA0MDU4MjExMjAmdXRtX2NvbnRlbnQ9MTkzMDIzMjc1MzE1MzM5MDgwODlfX19fOTA0MjIwMF9fMTUxOTA2NjEzOTM5JnV0bV90ZXJtPUtub3dCZTQlMjBkZW1vLEtub3diZTQlMjBTZWN1cml0eSUyMEF3YXJlbmVzcyUyMFRyYWluaW5nLEtub3diZTQlMjBDb21wZXRpdG9ycyxLbm93YmU0JTIwUHJpY2luZyZ0bT10dCZhcD1nYWRzJmFhaWQ9YWRhcFNrUE9xekRxNoAKAcgLAbgT5APYEw2IFAHQFQGAFwGyFxwKGggAEhRwdWItOTgxNjk0NTI3MDkzODk2ORgA&sigh=KTFvJFU0hvQ&uach_m=[UACH]&ase=2&cid=CAQSGwBpAlJW-kYN_zrv5FdYdJi-Fm6F71vMTzTApBgB&template_id=484&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2216209260186584124043%22,%22debug_reporting%22:true,%22destination%22:%22https://truepast.co%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211248210233%22],%224%22:[%2208-31%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%229544436831024927809%22}&andc=true

81 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request 100base2.html Show response
www.coolmathgames9.com/log/ 15 KB
4 KB 1867ms
171ms Document
text/html 108.160.158.68
PRIVATESYSTEMS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.coolmathgames9.com/log/100base2.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.160.158.68 , United States, ASN63410 (PRIVATESYSTEMS, US),
Reverse DNS: host.bestvalueshoppingmall.com
Software: Apache / PHP/5.6.40
Resource Hash: 2e229e57a08b6e865636b692c4f342e916693c3a934825fd6473430220c670a1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

Cache-Control: max-age=2592000
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 3679
Content-Type: text/html; charset=UTF-8
Date: Thu, 31 Aug 2023 01:57:43 GMT
Expires: Sat, 30 Sep 2023 01:57:43 GMT
Keep-Alive: timeout=3, max=100
Pragma: cache
Server: Apache
Vary: Accept-Encoding
X-Powered-By: PHP/5.6.40

GET
H/1.1 200
OK style.css
www.coolmathgames9.com/ 22 KB
6 KB 173ms
172ms Stylesheet
text/css 108.160.158.68
PRIVATESYSTEMS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.coolmathgames9.com/style.css
Requested by: Host: www.coolmathgames9.com
URL: https://www.coolmathgames9.com/log/100base2.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.160.158.68 , United States, ASN63410 (PRIVATESYSTEMS, US),
Reverse DNS: host.bestvalueshoppingmall.com
Software: Apache /
Resource Hash: 3a97fb063e0709f2bef78386a945ae97ce6cbf30f7b8b1b2fa2394395a634201

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.coolmathgames9.com/log/100base2.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 31 Aug 2023 01:57:43 GMT
Content-Encoding: gzip
Last-Modified: Sat, 17 Mar 2018 02:21:34 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=84600, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=99
Content-Length: 5695

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
50 KB 143ms
51ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.coolmathgames9.com
URL: https://www.coolmathgames9.com/log/100base2.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c393fc801b5245cafc8fda6bdf63c29d35caffb63cc5b6c9bea3cc9f4d24f03a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.coolmathgames9.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 01:57:43 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51016
x-xss-protection: 0
server: cafe
etag: 5581355139268878204
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 31 Aug 2023 01:57:43 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 146 KB
50 KB 89ms
47ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9816945270938969

Requested by

Host: www.coolmathgames9.com
URL: https://www.coolmathgames9.com/log/100base2.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9cfd8f82fc60fcfb58556fe517f8b768eb25286ae8b33bc4899026c989218d14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.coolmathgames9.com/
Origin: https://www.coolmathgames9.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 01:57:43 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51194
x-xss-protection: 0
server: cafe
etag: 13278939431178919493
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 31 Aug 2023 01:57:43 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 271 KB
90 KB 99ms
39ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-2P03E8J2KN

Requested by

Host: www.coolmathgames9.com
URL: https://www.coolmathgames9.com/log/100base2.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f054270ca481673940db35fce24480c956521162b47e66767a9f96162d1c00a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.coolmathgames9.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 01:57:43 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 91508
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 31 Aug 2023 01:57:43 GMT

GET
H/1.1 200
OK cookiejs.js Show response
www.coolmathgames9.com/ 10 KB
4 KB 173ms
173ms Script
application/javascript 108.160.158.68
PRIVATESYSTEMS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.coolmathgames9.com/cookiejs.js
Requested by: Host: www.coolmathgames9.com
URL: https://www.coolmathgames9.com/log/100base2.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.160.158.68 , United States, ASN63410 (PRIVATESYSTEMS, US),
Reverse DNS: host.bestvalueshoppingmall.com
Software: Apache /
Resource Hash: 59a89c4dccbb86c5c3d818b4c0a6746bdae41e10287632aaa91cf15f79f91ae1

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.coolmathgames9.com/log/100base2.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 31 Aug 2023 01:57:43 GMT
Content-Encoding: gzip
Last-Modified: Sun, 16 Dec 2018 21:14:48 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=84600, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=100
Content-Length: 3398

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308280101/ 384 KB
130 KB 61ms
61ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308280101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9816945270938969&plah=www.coolmathgames9.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e8e06b9ac9ec749dfca694aa1deab37e572b14e0b5dc2de3567a3612bdbb584c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.coolmathgames9.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 01:57:43 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 133274
x-xss-protection: 0
server: cafe
etag: 8712938786225606231
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 31 Aug 2023 01:57:43 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 403 B
609 B 78ms
30ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.coolmathgames9.com&callback=_gfp_s_&client=ca-pub-9816945270938969

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308280101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9816945270938969&plah=www.coolmathgames9.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2ea1c08ed831f87764a2e41ac6a9a311470bfaeebf5588650ad86046ce658ca0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.coolmathgames9.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 01:57:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 257
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A29B 13 KB
5 KB 344ms
295ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9816945270938969&output=html&adk=1812271804&adf=3025194257&lmt=1693439863&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x1080_l%7C260x1080_r&format=0x0&url=https%3A%2F%2Fwww.coolmathgames9.com%2Flog%2F100base2.html&ea=0&pra=5&wgl=1&easpi=0&asro=0&asrtr=1&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693447063432&bpp=2&bdt=234&idt=114&shv=r20230829&mjsv=m202308280101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4172577818013&frm=20&pv=2&ga_vid=1930518769.1693447064&ga_sid=1693447064&ga_hid=892869615&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759842%2C44759926%2C42532334%2C44795911&oid=2&pvsid=493524586247545&tmod=1399578026&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=134

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d7a86a060151080397a18501b59a1a215e53fd1bdc9e699e8de95ad8ac1c52ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.coolmathgames9.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 5087
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 31 Aug 2023 01:57:43 GMT
expires: Thu, 31 Aug 2023 01:57:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E9DD 119 KB
39 KB 345ms
306ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9816945270938969&output=html&h=250&slotname=1209923437&adk=52358010&adf=994145480&pi=t.ma~as.1209923437&w=970&lmt=1693439863&format=970x250&url=https%3A%2F%2Fwww.coolmathgames9.com%2Flog%2F100base2.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693447063436&bpp=1&bdt=238&idt=137&shv=r20230829&mjsv=m202308280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4172577818013&frm=20&pv=1&ga_vid=1930518769.1693447064&ga_sid=1693447064&ga_hid=892869615&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=330&ady=50&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759842%2C44759926%2C42532334%2C44795911&oid=2&pvsid=493524586247545&tmod=1399578026&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ZXGLRLoaxh&p=https%3A//www.coolmathgames9.com&dtd=141

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d955d7192bcfd25ccde06702c063d11020cec09a03210577f9c5b37b697b66db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.coolmathgames9.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 40043
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 31 Aug 2023 01:57:43 GMT
expires: Thu, 31 Aug 2023 01:57:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C016 102 KB
37 KB 374ms
349ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9816945270938969&output=html&h=90&slotname=6942414657&adk=2015494023&adf=3438606592&pi=t.ma~as.6942414657&w=728&lmt=1693439863&format=728x90&url=https%3A%2F%2Fwww.coolmathgames9.com%2Flog%2F100base2.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693447063437&bpp=1&bdt=239&idt=151&shv=r20230829&mjsv=m202308280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x250&nras=1&correlator=4172577818013&frm=20&pv=1&ga_vid=1930518769.1693447064&ga_sid=1693447064&ga_hid=892869615&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=350&ady=530&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759842%2C44759926%2C42532334%2C44795911&oid=2&pvsid=493524586247545&tmod=1399578026&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=BJAgqUBPGz&p=https%3A//www.coolmathgames9.com&dtd=154

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7ae168f79c3be51946d3427b6b0ea27ca849145170118e2d90b81d9e0752a9c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.coolmathgames9.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 37995
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 31 Aug 2023 01:57:43 GMT
expires: Thu, 31 Aug 2023 01:57:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
259 B 90ms
36ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-2P03E8J2KN&gtm=45je38u0&_p=892869615&cid=1930518769.1693447064&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1693447063&sct=1&seg=0&dl=https%3A%2F%2Fwww.coolmathgames9.com%2Flog%2F100base2.html&dt=Log%20base%202%20of%20100%20converter%20%7C%20Evaluate%20Log2%20100%20Online&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2P03E8J2KN
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.coolmathgames9.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 31 Aug 2023 01:57:43 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.coolmathgames9.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0F15 109 KB
38 KB 474ms
474ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9816945270938969&output=html&h=314&slotname=3390144467&adk=3331582385&adf=4275680787&pi=t.ma~as.3390144467&w=600&lmt=1693439863&format=600x314&url=https%3A%2F%2Fwww.coolmathgames9.com%2Flog%2F100base2.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693447063437&bpp=1&bdt=239&idt=181&shv=r20230829&mjsv=m202308280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x250%2C728x90&nras=1&correlator=4172577818013&frm=20&pv=1&ga_vid=1930518769.1693447064&ga_sid=1693447064&ga_hid=892869615&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=375&ady=828&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759842%2C44759926%2C42532334%2C44795911&oid=2&pvsid=493524586247545&tmod=1399578026&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoepE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=zAzVuL6shK&p=https%3A//www.coolmathgames9.com&dtd=184

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38ebd195ad3ef2fdc32d7c4be1a3510e691a35f14312ace1e9cb0a723a454293

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.coolmathgames9.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 38822
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 31 Aug 2023 01:57:44 GMT
expires: Thu, 31 Aug 2023 01:57:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0EDB 95 KB
36 KB 228ms
228ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9816945270938969&output=html&h=600&slotname=5713093463&adk=2438949518&adf=2024386618&pi=t.ma~as.5713093463&w=300&lmt=1693439863&format=300x600&url=https%3A%2F%2Fwww.coolmathgames9.com%2Flog%2F100base2.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693447063442&bpp=1&bdt=243&idt=182&shv=r20230829&mjsv=m202308280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x250%2C728x90%2C600x314&nras=1&correlator=4172577818013&frm=20&pv=1&ga_vid=1930518769.1693447064&ga_sid=1693447064&ga_hid=892869615&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1066&ady=432&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759842%2C44759926%2C42532334%2C44795911&oid=2&pvsid=493524586247545&tmod=1399578026&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&fsb=1&xpc=yvqCCAfLRM&p=https%3A//www.coolmathgames9.com&dtd=184

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ae96950cb0ecce1504fc6af1f8fce1eabd0404e7309363d220b3ed6c3093aa34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.coolmathgames9.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 36479
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 31 Aug 2023 01:57:43 GMT
expires: Thu, 31 Aug 2023 01:57:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230829/r20110914/client/ Frame 0EDB 2 KB
973 B 99ms
29ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230829/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9816945270938969&output=html&h=600&slotname=5713093463&adk=2438949518&adf=2024386618&pi=t.ma~as.5713093463&w=300&lmt=1693439863&format=300x600&url=https%3A%2F%2Fwww.coolmathgames9.com%2Flog%2F100base2.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693447063442&bpp=1&bdt=243&idt=182&shv=r20230829&mjsv=m202308280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x250%2C728x90%2C600x314&nras=1&correlator=4172577818013&frm=20&pv=1&ga_vid=1930518769.1693447064&ga_sid=1693447064&ga_hid=892869615&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1066&ady=432&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759842%2C44759926%2C42532334%2C44795911&oid=2&pvsid=493524586247545&tmod=1399578026&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&fsb=1&xpc=yvqCCAfLRM&p=https%3A//www.coolmathgames9.com&dtd=184

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 14:19:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41910
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 13 Sep 2023 14:19:13 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230829/r20110914/ Frame 0EDB 23 KB
9 KB 99ms
29ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230829/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1df629c9e3d7999c38bfa18b45032197fd4da30e8e893bf07f5083e1fa9b4390

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 14:19:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41910
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9067
x-xss-protection: 0
server: cafe
etag: 16184311534176170479
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 13 Sep 2023 14:19:13 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230829/r20110914/client/ Frame 0EDB 3 KB
1 KB 108ms
39ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230829/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 00:11:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6346
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Sep 2023 00:11:57 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230829/r20110914/client/ Frame 0EDB 20 KB
8 KB 88ms
19ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230829/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 14:19:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41917
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 13 Sep 2023 14:19:06 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0EDB 181 KB
57 KB 107ms
29ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2dad5ac646a269db9be6741f1c5973a4d0f242d176413662178a5710613934b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 01:57:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57780
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1693394992224923"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 31 Aug 2023 01:57:43 GMT

GET
H2 200 3c1ec1505caf618a1f8c049839112e9c.js Show response
www.gstatic.com/mysidia/ Frame 0EDB 36 KB
15 KB 67ms
20ms Script
text/javascript 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/3c1ec1505caf618a1f8c049839112e9c.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af4c22461aedf382190d0367cfb759d2faf8fb994a917406557d81d48f63344a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 02:09:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 517714
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15058
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 00:31:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 23 Nov 2023 02:09:09 GMT

GET
H2 200 4798227967303601175
tpc.googlesyndication.com/daca_images/simgad/ Frame 0EDB 22 KB
22 KB 108ms
41ms Image
image/jpeg 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/4798227967303601175?w=360&h=720

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

77305ae54a42cad7a718d8d5cb8320295371f10e4f0eeec6ce90ebaf1d80636c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 06:18:39 GMT
x-content-type-options: nosniff
age: 70744
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22521
x-xss-protection: 0
last-modified: Tue, 29 Aug 2023 20:29:55 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 06 Sep 2023 06:18:39 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame E9DD 17 KB
2 KB 82ms
30ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat%3A400%2C500%7CGoogle%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9816945270938969&output=html&h=250&slotname=1209923437&adk=52358010&adf=994145480&pi=t.ma~as.1209923437&w=970&lmt=1693439863&format=970x250&url=https%3A%2F%2Fwww.coolmathgames9.com%2Flog%2F100base2.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693447063436&bpp=1&bdt=238&idt=137&shv=r20230829&mjsv=m202308280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4172577818013&frm=20&pv=1&ga_vid=1930518769.1693447064&ga_sid=1693447064&ga_hid=892869615&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=330&ady=50&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759842%2C44759926%2C42532334%2C44795911&oid=2&pvsid=493524586247545&tmod=1399578026&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ZXGLRLoaxh&p=https%3A//www.coolmathgames9.com&dtd=141

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2cb515af86fc698c98ce8aa09db254cd3ecd02770487fde0c0042ab1202277fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 31 Aug 2023 01:57:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 31 Aug 2023 01:57:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 31 Aug 2023 01:57:44 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230829/r20110914/client/ Frame E9DD 2 KB
926 B 50ms
40ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230829/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 14:19:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41910
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 13 Sep 2023 14:19:13 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230829/r20110914/ Frame E9DD 23 KB
9 KB 47ms
47ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230829/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1df629c9e3d7999c38bfa18b45032197fd4da30e8e893bf07f5083e1fa9b4390

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 14:19:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41910
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9067
x-xss-protection: 0
server: cafe
etag: 16184311534176170479
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 13 Sep 2023 14:19:13 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230829/r20110914/client/ Frame E9DD 3 KB
1 KB 49ms
48ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230829/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 00:11:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6346
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Sep 2023 00:11:57 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230829/r20110914/client/ Frame E9DD 20 KB
8 KB 32ms
22ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230829/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 14:19:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41917
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 13 Sep 2023 14:19:06 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E9DD 181 KB
57 KB 79ms
61ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2dad5ac646a269db9be6741f1c5973a4d0f242d176413662178a5710613934b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 01:57:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57780
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1693394992224923"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 31 Aug 2023 01:57:43 GMT

GET
H2 200 3c1ec1505caf618a1f8c049839112e9c.js Show response
www.gstatic.com/mysidia/ Frame E9DD 36 KB
15 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/3c1ec1505caf618a1f8c049839112e9c.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af4c22461aedf382190d0367cfb759d2faf8fb994a917406557d81d48f63344a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 02:09:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 517714
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15058
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 00:31:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 23 Nov 2023 02:09:09 GMT

GET
H3 200 slotcar_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308280101/ 88 KB
30 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308280101/slotcar_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4065736193564334b31734337a3dda8084b9ef9113e00f9bd27e76284c0e2717

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.coolmathgames9.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 01:57:43 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31048
x-xss-protection: 0
server: cafe
etag: 4502179921269938724
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 31 Aug 2023 01:57:43 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/5749035602647001773/ Frame E9DD 17 KB
17 KB 47ms
46ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5749035602647001773/14763004658117789537?w=600&h=314

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b0be83788ffaab5a9e4b99300e6219dcc920159cac8e574350ba9f73d6c9da8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 26 Aug 2023 10:17:15 GMT
x-content-type-options: nosniff
age: 402028
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17258
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 22:04:18 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 25 Aug 2024 10:17:15 GMT

GET
DATA 200
OK truncated
/ Frame E9DD 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame E9DD 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f64076dc3fae3d629eecb251bb983d563cfcf8dbe73484fbefece834054b4292

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 55ms
54ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_auto_rs&sts=pfno&evt=place&vh=1200&eid=44759875%2C44759842%2C44759926%2C42532334%2C44795911&hl=en&pvc=493524586247545

Requested by

Host: www.coolmathgames9.com
URL: https://www.coolmathgames9.com/log/100base2.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.coolmathgames9.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 31 Aug 2023 01:57:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame C016 17 KB
1 KB 32ms
30ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat%3A400%2C500%7CGoogle%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9816945270938969&output=html&h=90&slotname=6942414657&adk=2015494023&adf=3438606592&pi=t.ma~as.6942414657&w=728&lmt=1693439863&format=728x90&url=https%3A%2F%2Fwww.coolmathgames9.com%2Flog%2F100base2.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693447063437&bpp=1&bdt=239&idt=151&shv=r20230829&mjsv=m202308280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x250&nras=1&correlator=4172577818013&frm=20&pv=1&ga_vid=1930518769.1693447064&ga_sid=1693447064&ga_hid=892869615&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=350&ady=530&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759842%2C44759926%2C42532334%2C44795911&oid=2&pvsid=493524586247545&tmod=1399578026&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=BJAgqUBPGz&p=https%3A//www.coolmathgames9.com&dtd=154

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2cb515af86fc698c98ce8aa09db254cd3ecd02770487fde0c0042ab1202277fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 31 Aug 2023 01:57:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 31 Aug 2023 01:57:00 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 31 Aug 2023 01:57:44 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230829/r20110914/client/ Frame C016 2 KB
931 B 24ms
22ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230829/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 14:19:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41911
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 13 Sep 2023 14:19:13 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230829/r20110914/ Frame C016 23 KB
9 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230829/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1df629c9e3d7999c38bfa18b45032197fd4da30e8e893bf07f5083e1fa9b4390

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 14:19:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41911
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9067
x-xss-protection: 0
server: cafe
etag: 16184311534176170479
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 13 Sep 2023 14:19:13 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230829/r20110914/client/ Frame C016 3 KB
1 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230829/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 00:11:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6347
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Sep 2023 00:11:57 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230829/r20110914/client/ Frame C016 20 KB
8 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230829/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 14:19:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41918
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 13 Sep 2023 14:19:06 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C016 181 KB
57 KB 46ms
44ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2dad5ac646a269db9be6741f1c5973a4d0f242d176413662178a5710613934b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 01:57:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57780
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1693394992224923"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 31 Aug 2023 01:57:44 GMT

GET
H3 200 3c1ec1505caf618a1f8c049839112e9c.js Show response
www.gstatic.com/mysidia/ Frame C016 36 KB
15 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/3c1ec1505caf618a1f8c049839112e9c.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af4c22461aedf382190d0367cfb759d2faf8fb994a917406557d81d48f63344a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 02:09:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 517715
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15058
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 00:31:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 23 Nov 2023 02:09:09 GMT

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 1C32 143 B
228 B 23ms
22ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9816945270938969&output=html&h=90&slotname=6942414657&adk=2015494023&adf=3438606592&pi=t.ma~as.6942414657&w=728&lmt=1693439863&format=728x90&url=https%3A%2F%2Fwww.coolmathgames9.com%2Flog%2F100base2.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693447063437&bpp=1&bdt=239&idt=151&shv=r20230829&mjsv=m202308280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x250&nras=1&correlator=4172577818013&frm=20&pv=1&ga_vid=1930518769.1693447064&ga_sid=1693447064&ga_hid=892869615&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=350&ady=530&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759842%2C44759926%2C42532334%2C44795911&oid=2&pvsid=493524586247545&tmod=1399578026&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=BJAgqUBPGz&p=https%3A//www.coolmathgames9.com&dtd=154
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 2970
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 31 Aug 2023 01:08:14 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame C016 161 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 29e4c24a2fa1b6c2218b217e252a8d838cb65819a3b959a73c1a3565067ec0d9

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame E9DD 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 938c4b4bc5aaee6158288e9eb57c0ee82ee07b2f6a112a77bfb6dd96f04431d1

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 0EDB 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 08bdd40efdf9e4f07df8ab3782d5cc335837c1c1edae101282d6d18d271f678e

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 css
fonts.googleapis.com/ Frame 0F15 6 KB
779 B 31ms
30ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9816945270938969&output=html&h=314&slotname=3390144467&adk=3331582385&adf=4275680787&pi=t.ma~as.3390144467&w=600&lmt=1693439863&format=600x314&url=https%3A%2F%2Fwww.coolmathgames9.com%2Flog%2F100base2.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693447063437&bpp=1&bdt=239&idt=181&shv=r20230829&mjsv=m202308280101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x250%2C728x90&nras=1&correlator=4172577818013&frm=20&pv=1&ga_vid=1930518769.1693447064&ga_sid=1693447064&ga_hid=892869615&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=375&ady=828&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759842%2C44759926%2C42532334%2C44795911&oid=2&pvsid=493524586247545&tmod=1399578026&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoepE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=zAzVuL6shK&p=https%3A//www.coolmathgames9.com&dtd=184

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 31 Aug 2023 01:57:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 31 Aug 2023 01:16:32 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 31 Aug 2023 01:57:44 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230829/r20110914/client/ Frame 0F15 2 KB
892 B 21ms
21ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230829/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 14:19:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41911
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 13 Sep 2023 14:19:13 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230829/r20110914/ Frame 0F15 23 KB
9 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230829/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1df629c9e3d7999c38bfa18b45032197fd4da30e8e893bf07f5083e1fa9b4390

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 14:19:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41911
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9067
x-xss-protection: 0
server: cafe
etag: 16184311534176170479
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 13 Sep 2023 14:19:13 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230829/r20110914/client/ Frame 0F15 3 KB
1 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230829/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 00:11:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6347
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Sep 2023 00:11:57 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230829/r20110914/client/ Frame 0F15 20 KB
8 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230829/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 14:19:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41918
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 13 Sep 2023 14:19:06 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0F15 181 KB
56 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2dad5ac646a269db9be6741f1c5973a4d0f242d176413662178a5710613934b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 01:57:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57780
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1693394992224923"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 31 Aug 2023 01:57:44 GMT

GET
H3 200 3c1ec1505caf618a1f8c049839112e9c.js Show response
www.gstatic.com/mysidia/ Frame 0F15 36 KB
15 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/3c1ec1505caf618a1f8c049839112e9c.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af4c22461aedf382190d0367cfb759d2faf8fb994a917406557d81d48f63344a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 02:09:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 517715
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15058
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 00:31:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 23 Nov 2023 02:09:09 GMT

GET
DATA 200
OK truncated
/ Frame C016 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cb4c7bf8efbdc4ad25773e1d6d34df27a71fd8574347b488ec056e879d65bcb8

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 0EDB
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CLuZjl_PvZKLhJ8bOgAfMxLi4DdrAithy7t6fxMUR1u73yYsOEAEggdn-IWCVovSBlAegAbmiyPMpyAEBqAMByAPLBKoEhgJP0DtRVXfubyB_i052K6HO6zVyv8hkig-9u6m2rVAHbtwBzSt...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%22538571140163221844%22,%22debug_reporting%22:true,%22destination%22:%22https://instasrch.com%22,%22event_report_window%22:%...

0
0

97ms
53ms

Fetch
text/css

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%22538571140163221844%22,%22debug_reporting%22:true,%22destination%22:%22https://instasrch.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211248210233%22],%224%22:[%2208-31%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%228169494083827478657%22}&andc=true

Requested by

Host: www.coolmathgames9.com
URL: https://www.coolmathgames9.com/log/100base2.html

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 01:57:44 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"538571140163221844","debug_reporting":true,"destination":"https://instasrch.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11248210233"],"4":["08-31"],"6":["true"]},"priority":"500","source_event_id":"8169494083827478657"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 31 Aug 2023 01:57:44 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 31 Aug 2023 01:57:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"538571140163221844","debug_reporting":true,"destination":"https://instasrch.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11248210233"],"4":["08-31"],"6":["true"]},"priority":"500","source_event_id":"8169494083827478657"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame C016 33 KB
34 KB 72ms
19ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat%3A400%2C500%7CGoogle%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 05:14:28 GMT
x-content-type-options: nosniff
age: 74596
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 29 Aug 2024 05:14:28 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/ Frame C016 30 KB
30 KB 109ms
57ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat%3A400%2C500%7CGoogle%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 26 Aug 2023 06:58:18 GMT
x-content-type-options: nosniff
age: 413966
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30928
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 25 Aug 2024 06:58:18 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/8242226707638574722/ Frame 0F15 2 KB
2 KB 21ms
20ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8242226707638574722/14763004658117789537?w=200&h=200

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

75f3b8253c28f998cffb152330eea7c772f5316a8189b205570ad819b392b235

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Aug 2023 16:10:34 GMT
x-content-type-options: nosniff
age: 294430
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1641
x-xss-protection: 0
last-modified: Tue, 25 Jul 2023 09:58:45 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 26 Aug 2024 16:10:34 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/14876829427450551283/ Frame 0F15 19 KB
19 KB 22ms
22ms Image
image/jpeg 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14876829427450551283/14763004658117789537?w=400&h=209

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c65f067c8632212c72fdfe3be7cb782b94c6d1443138c9b2fa16379439cb7eb8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Aug 2023 20:13:36 GMT
x-content-type-options: nosniff
age: 279848
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19225
x-xss-protection: 0
last-modified: Tue, 25 Jul 2023 09:58:45 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 26 Aug 2024 20:13:36 GMT

GET
DATA 200
OK truncated
/ Frame 0F15 221 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 QWzZRjgqb53KCPJmDiPDE6lnZUdFGzmO3KDfy6MXCng.js Show response
pagead2.googlesyndication.com/bg/ Frame F6A3 38 KB
14 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QWzZRjgqb53KCPJmDiPDE6lnZUdFGzmO3KDfy6MXCng.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

416cd946382a6f9dca08f2660e23c313a9676547451b398edca0dfcba3170a78

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 14:29:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 127675
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14803
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 28 Aug 2024 14:29:49 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 1C32
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

40ms
39ms

Document
text/html

2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 31 Aug 2023 01:57:44 GMT
expires: Thu, 31 Aug 2023 01:57:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 31 Aug 2023 01:57:44 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/ Frame E9DD 30 KB
30 KB 87ms
66ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat%3A400%2C500%7CGoogle%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 26 Aug 2023 06:58:18 GMT
x-content-type-options: nosniff
age: 413966
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30928
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 25 Aug 2024 06:58:18 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame E9DD 33 KB
33 KB 64ms
43ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat%3A400%2C500%7CGoogle%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 05:14:28 GMT
x-content-type-options: nosniff
age: 74596
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 29 Aug 2024 05:14:28 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 115ms
54ms Preflight
text/html 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 31 Aug 2023 01:57:44 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 0F15 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b597905d038ce209c8efff207b625ed159078c9b47c20e477b668e88e9c49ae4

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame E9DD
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=C71uzl_PvZOmdJ7WQ1PIP0s6LuAPTvNfXcrjd59mAEGQQASCB2f4hYJWi9IGUB6ABqtaSqQLIAQmpAmUsfi4iU7I-qAMByAPLhICABKoEiQJP0BEB7bGfgZWpeBxQJkweCqvaU-NkZW-hsNQ...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%227780651743915428365%22,%22debug_reporting%22:true,%22destination%22:%22https://reteach.com%22,%22event_report_window%22:%2...

0
0

56ms
55ms

Fetch
text/css

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%227780651743915428365%22,%22debug_reporting%22:true,%22destination%22:%22https://reteach.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22623160106%22],%224%22:[%2208-31%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2217367044433884464017%22}&andc=true

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 01:57:44 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"7780651743915428365","debug_reporting":true,"destination":"https://reteach.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["623160106"],"4":["08-31"],"6":["true"]},"priority":"500","source_event_id":"17367044433884464017"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 31 Aug 2023 01:57:44 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 31 Aug 2023 01:57:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"7780651743915428365","debug_reporting":true,"destination":"https://reteach.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["623160106"],"4":["08-31"],"6":["true"]},"priority":"500","source_event_id":"17367044433884464017"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 0F15 15 KB
16 KB 20ms
20ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 19:52:03 GMT
x-content-type-options: nosniff
age: 21941
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 29 Aug 2024 19:52:03 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 0F15 15 KB
15 KB 20ms
20ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 14:21:37 GMT
x-content-type-options: nosniff
age: 128167
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 28 Aug 2024 14:21:37 GMT

GET
H3 200 QWzZRjgqb53KCPJmDiPDE6lnZUdFGzmO3KDfy6MXCng.js Show response
pagead2.googlesyndication.com/bg/ Frame 3F63 38 KB
14 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QWzZRjgqb53KCPJmDiPDE6lnZUdFGzmO3KDfy6MXCng.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

416cd946382a6f9dca08f2660e23c313a9676547451b398edca0dfcba3170a78

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 14:29:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 127675
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14803
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 28 Aug 2024 14:29:49 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame C016
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=Cv_tOl_PvZI6oKJiliQaE3aGIA9rAithy7t6fxMURvpL8q5cOEAEggdn-IWCVovSBlAegAbmiyPMpyAEBqAMByAPLBKoEhQJP0IJMHBtvgmk2igopyZ3gyxIm0W6wUaVfzHQ-3-hlHu2hOZr...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%223758998692059534788%22,%22debug_reporting%22:true,%22destination%22:%22https://instasrch.com%22,%22event_report_window%22:...

0
0

55ms
55ms

Fetch
text/css

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%223758998692059534788%22,%22debug_reporting%22:true,%22destination%22:%22https://instasrch.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211248210233%22],%224%22:[%2208-31%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%226512180663586720913%22}&andc=true

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 01:57:44 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"3758998692059534788","debug_reporting":true,"destination":"https://instasrch.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11248210233"],"4":["08-31"],"6":["true"]},"priority":"500","source_event_id":"6512180663586720913"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 31 Aug 2023 01:57:44 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 31 Aug 2023 01:57:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"3758998692059534788","debug_reporting":true,"destination":"https://instasrch.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11248210233"],"4":["08-31"],"6":["true"]},"priority":"500","source_event_id":"6512180663586720913"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 QWzZRjgqb53KCPJmDiPDE6lnZUdFGzmO3KDfy6MXCng.js Show response
pagead2.googlesyndication.com/bg/ Frame 0DDB 38 KB
14 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QWzZRjgqb53KCPJmDiPDE6lnZUdFGzmO3KDfy6MXCng.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

416cd946382a6f9dca08f2660e23c313a9676547451b398edca0dfcba3170a78

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 14:29:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 127675
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14803
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 28 Aug 2024 14:29:49 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 0F15
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CJfSwl_PvZMWzKLGJ-cAPqfqcwAis34naco_unqeeEpyuoKm3EBABIIHZ_iFglaL0gZQHoAG5osjzKcgBCagDAcgDywSqBIUCT9BEohwLIimxeN7yuiX1rDMZVdC1I914mly7i0Vh7mrMKcR...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2216209260186584124043%22,%22debug_reporting%22:true,%22destination%22:%22https://truepast.co%22,%22event_report_window%22:%...

0
0

55ms
54ms

Fetch
text/css

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2216209260186584124043%22,%22debug_reporting%22:true,%22destination%22:%22https://truepast.co%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211248210233%22],%224%22:[%2208-31%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%229544436831024927809%22}&andc=true

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 01:57:44 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"16209260186584124043","debug_reporting":true,"destination":"https://truepast.co","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11248210233"],"4":["08-31"],"6":["true"]},"priority":"500","source_event_id":"9544436831024927809"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 31 Aug 2023 01:57:44 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 31 Aug 2023 01:57:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"16209260186584124043","debug_reporting":true,"destination":"https://truepast.co","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11248210233"],"4":["08-31"],"6":["true"]},"priority":"500","source_event_id":"9544436831024927809"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK light-bottom.css
www.lite14.us/ 3 KB
1 KB 2192ms
168ms Stylesheet
text/css 108.160.158.68
PRIVATESYSTEMS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lite14.us/light-bottom.css
Requested by: Host: www.coolmathgames9.com
URL: https://www.coolmathgames9.com/cookiejs.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.160.158.68 , United States, ASN63410 (PRIVATESYSTEMS, US),
Reverse DNS: host.bestvalueshoppingmall.com
Software: Apache /
Resource Hash: 93cac703fe9f70d2b8cb24d19885a2ebb022443d0fbe661e40fe2a44be5bb34a

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.coolmathgames9.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 31 Aug 2023 01:57:46 GMT
Content-Encoding: gzip
Last-Modified: Sat, 17 Mar 2018 01:31:09 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=100
Content-Length: 922

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 36ms
36ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230829&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fa08c060a3d668322c63765e9f227ddfe2968645ed960e4701acd7bfe221558d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.coolmathgames9.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 01:57:44 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11662
x-xss-protection: 0

GET
H3 200 QWzZRjgqb53KCPJmDiPDE6lnZUdFGzmO3KDfy6MXCng.js Show response
pagead2.googlesyndication.com/bg/ Frame 8D50 38 KB
14 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QWzZRjgqb53KCPJmDiPDE6lnZUdFGzmO3KDfy6MXCng.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

416cd946382a6f9dca08f2660e23c313a9676547451b398edca0dfcba3170a78

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 14:29:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 127675
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14803
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 28 Aug 2024 14:29:49 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 59ms
58ms Preflight
text/html 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 31 Aug 2023 01:57:44 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 31ms
31ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.coolmathgames9.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 01:57:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 31 Aug 2023 01:57:44 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 57ms
57ms Preflight
text/html 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 31 Aug 2023 01:57:44 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H3 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 54ms
54ms Preflight
text/html 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 31 Aug 2023 01:57:44 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6AFA 13 KB
5 KB 21ms
20ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.coolmathgames9.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 4933
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 31 Aug 2023 00:35:31 GMT
expires: Fri, 30 Aug 2024 00:35:31 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 801A 829 B
996 B 39ms
38ms Document
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b723356232ff8a1ba171b07c222e1ec7a00f0d5fb7482f340367c14736a3f4c7

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-6iX1MwFVT5GRf9YErEq-UA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.coolmathgames9.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 539
content-security-policy: script-src 'report-sample' 'nonce-6iX1MwFVT5GRf9YErEq-UA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 31 Aug 2023 01:57:44 GMT
expires: Thu, 31 Aug 2023 01:57:44 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 QWzZRjgqb53KCPJmDiPDE6lnZUdFGzmO3KDfy6MXCng.js Show response
pagead2.googlesyndication.com/bg/ Frame 6AFA 38 KB
14 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QWzZRjgqb53KCPJmDiPDE6lnZUdFGzmO3KDfy6MXCng.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

416cd946382a6f9dca08f2660e23c313a9676547451b398edca0dfcba3170a78

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 14:29:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 127675
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14803
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 28 Aug 2024 14:29:49 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 801A 0
0 54ms
54ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230829&jk=493524586247545&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 6AFA 0
10 B 20ms
20ms Image
text/plain 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?hNZV0A
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 01:57:44 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 0EDB 42 B
64 B 57ms
57ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvfvOCZCKnUAZxQnA3xNU3U4FiAVs_5Invxkb79ORZSwD0t5ot83dXpEOX6zpXUa5f7CXPhxN0h-JomrQUK5XlJudZTJ1N2lYa4QVT9TVQuqjabE7r4nAqJjVqVj_O4BhuVgUeGUD_MQkB8&sai=AMfl-YRyl-SB0w1000OVaP5NqP3UXBSR5TM1bYltt2K2vPEbyhwhE29fEq7AjYgyUTZ2RITI1JYZI2CR6N2M&sig=Cg0ArKJSzIZrv_XQ6J9yEAE&cid=CAQSGwBpAlJWi_AdcHjIVJspfhlz-Gp6nbR_Q-EzBRgB&id=lidar2&mcvt=1000&p=0,0,600,300&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&v=20230830&bin=7&avms=nio&bs=0,0&mc=0.68&if=1&vu=1&app=0&itpl=22&adk=2438949518&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1693447063626&rpt=570&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 31 Aug 2023 01:57:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 58ms
57ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230829&jk=493524586247545&bg=!hIelh8jNAAYHwnCgJ8I7ADQBe5WfOALLr_VQIumB9NlHluNHaenAqXMcWCRCKSk30424Pisrth-ql1xBu2JGKIALtUq9AgAAAE5SAAAAC2gBBwoAQ8I_VL59KtkB4CHBeoi7_JhDC3PLzcAp2vhud8oLE6fKRRiNpFLdgNrHplEWUgTdLYsouN09pepwdHp8NQ0ubSaagsyZArRYT3FRBVXuG4m0StiP7MgxKX2xpd4ifahKbhgVwDMclG6zDKeMzZ_-CllI4mIAttUz6cgRlkO3HdhAMmqYq8kZZ_SFwtgmwJ-c3UejJ9_eXodXMwq5cIMjYzaACWibMxozufhKJaE0QgzkHbeu9oHuG5hGE0uEMdwOsmGC3OffODmPSGCcuA1wVBgVwFDL1RKjLJXwq6sxhdQWyhhmAiEuT6XALda0JsNXL0LH7F-1NAGHm16itwZmbF0Sk4nrMW-FbFh_UEhZqs0bwFJwBcAI9MJ8hS7ldGIelJcth8jTMezGx5NeDR4zu3B2wIstCYdHvFKhbFClv0nEWRUVVZeZ_aNwpAdIs0zOp5ozIgSAE78gP73Ss5iXVNysyWIzdzbk2ADcVFN4hZzk-NYwrSEO1RVv9uFsFwh53UhKzgS4c_2fjdSPrywCm_EzG8pv4tfv69MIDotXQl7kDgDP1dpqatssvC0lzhm_EfX7BNvZq49tp2ATX2jtyWnGkAnoqWM-y3nDVmUf8rpmfxTEFjNNHe-ZKz2O1PeH8phzvU-oyIc3SVxJWgRf20iof1K8Xssaqx_cgAY7oTjdvUwf-PZtqmRA4yjSDUdnssLMk2Or8oA1LUiBZ_e1G19gwCcCCcayNcyrXI5I4t9Jih-c4RVtz72qu-_w9aJbdoTLenLUrxt4SdVgol9mc3PaHswXucwuKL2Xu7atPeUJLHk-Byn-EUMyDo4ZuUlRCvRK4Ndp8uKe2fz1RBc4pp-l5E_6IFio03uG4TM7AlZ9zkx_MsT2YAmceuHdAQyQl4DyciMuB9DXLxh5xAjNWv8Iqd2Cii48r1RAB8Yib9xRN3_IPtffB9DJqB7ejSlby3-eT1h6TO1kxrZvucnoOCtaLR57knH6yZ37IaKa0hs4ADUkCJOVBB4pog
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.coolmathgames9.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame E9DD 42 B
64 B 57ms
57ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvx-Wssym1dP7tU4Ol2ESP6n9EfF2WgUIoYHdHysJYiwHCtHgXuMOXvwlfTH8RudC9s5Mk428nguKIGHoPDvjwYjl0fZqM4Zw3DoEyU6byrXxfiD1hVXJHYmclNSzV-k83yRrzTOt0R7-rA&sai=AMfl-YS6CI6IiNJZy2moBPqfZQzMUEe9nWczdQk1qqrOpfD3JwEXXUpBxM1Ka_M6XNxr0Ywg6LwtPJ4tQXo-&sig=Cg0ArKJSzN_rtFbDUw-vEAE&cid=CAQSGwBpAlJWCHdDc4FAFuCYRlBvJI-n_E_gOvzAxhgB&id=lidar2&mcvt=1000&p=0,0,250,970&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230830&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=52358010&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1693447063579&rpt=809&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 31 Aug 2023 01:57:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C016 42 B
64 B 59ms
59ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstyKa7cmPhBYJlU6Hnu3P02ojPgYa2LYw1cr5u9Fx15TICTBiV51yNvbSzna8p2BM2hXMMH2r1G39BrD-oD9xCmkgJY4OsbxvEVNPUAZSys8J1zjyDbywzOFcYVjhNFs_GAEkH4qjiWABDE&sai=AMfl-YQcTabSeLijZC6YDrEZ3y0e7UXALxF6QQjhuGWujgHmSC-6G2C4lKzyE7AsG2Vx-B8wdq5zacN7f5gv&sig=Cg0ArKJSzAa2x4iyUQcVEAE&cid=CAQSGwBpAlJWy7Xld7nQgMycsxnhVb09HLJqw5Z6VBgB&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230830&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2015494023&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1693447063592&rpt=838&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 31 Aug 2023 01:57:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 0F15 42 B
64 B 57ms
57ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvcyo1y_zn-zMgRPRlEt_jXnw6ZwVfaEHPy9JNjvTH28q7Zslwgz2qs3h8dGQRXDQnA1ae1OfZ105cfzUw2fx0FMGyt7Mm9WMcuLiYXcGsy0Br0OaTLYst4qtTxdLyH_j9mN06Q_f8K6S9h&sai=AMfl-YSO6OCoHO2zdW4ON2EaFoJshSI_f1vt-jnJkdlg_2wdP3jnGvosHjh9gFJaSgKzLYe_UylKJ-VA4UVc&sig=Cg0ArKJSzLJUngtdjrIIEAE&cid=CAQSGwBpAlJW-kYN_zrv5FdYdJi-Fm6F71vMTzTApBgB&id=lidar2&mcvt=1000&p=0,0,314,600&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230830&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3331582385&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1693447063622&rpt=828&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 31 Aug 2023 01:57:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 36ms
34ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-2P03E8J2KN&gtm=45je38u0&_p=892869615&cid=1930518769.1693447064&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEI&sid=1693447063&sct=1&seg=0&dl=https%3A%2F%2Fwww.coolmathgames9.com%2Flog%2F100base2.html&dt=Log%20base%202%20of%20100%20converter%20%7C%20Evaluate%20Log2%20100%20Online&_s=2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2P03E8J2KN
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.coolmathgames9.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 31 Aug 2023 01:57:49 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.coolmathgames9.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

53 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.coolmathgames9.com/	1970-01-21 00:00:07	Name: _ga Value: GA1.1.1930518769.1693447064
.coolmathgames9.com/	1970-01-20 23:45:43	Name: __gads Value: ID=2810f8c13fb80399-22faeab662de00c6:T=1693447063:RT=1693447063:S=ALNI_Marp_ZO5IWr8AvBkvMMaBQhmHTSfA
.coolmathgames9.com/	1970-01-20 23:45:43	Name: __gpi Value: UID=00000c6b99caba39:T=1693447063:RT=1693447063:S=ALNI_MZ_FYAwMAZA-C2vn43DJyKhHpySjA
.doubleclick.net/	1970-01-20 23:45:43	Name: IDE Value: AHWqTUkFLnuyWN_IAvncUUpTXJq7X_IQacH9_E-mWOZUZfd276O-GMDcCDTkbTLcDKQ
.doubleclick.net/	1970-01-20 14:24:10	Name: DSID Value: NO_DATA
.coolmathgames9.com/	1970-01-21 00:00:07	Name: _ga_2P03E8J2KN Value: GS1.1.1693447063.1.0.1693447064.0.0.0
.googleadservices.com/	1970-01-20 16:33:43	Name: ar_debug Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
region1.google-analytics.com
tpc.googlesyndication.com
www.coolmathgames9.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.lite14.us
108.160.158.68
2001:4860:4802:34::36
216.58.206.34
2a00:1450:4001:803::2003
2a00:1450:4001:80e::2004
2a00:1450:4001:813::2002
2a00:1450:4001:827::2002
2a00:1450:4001:828::2001
2a00:1450:4001:828::2002
2a00:1450:4001:828::2003
2a00:1450:4001:82a::2002
2a00:1450:4001:82f::2008
2a00:1450:4001:830::200a
08bdd40efdf9e4f07df8ab3782d5cc335837c1c1edae101282d6d18d271f678e
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1df629c9e3d7999c38bfa18b45032197fd4da30e8e893bf07f5083e1fa9b4390
29e4c24a2fa1b6c2218b217e252a8d838cb65819a3b959a73c1a3565067ec0d9
2cb515af86fc698c98ce8aa09db254cd3ecd02770487fde0c0042ab1202277fe
2dad5ac646a269db9be6741f1c5973a4d0f242d176413662178a5710613934b3
2e229e57a08b6e865636b692c4f342e916693c3a934825fd6473430220c670a1
2ea1c08ed831f87764a2e41ac6a9a311470bfaeebf5588650ad86046ce658ca0
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
38ebd195ad3ef2fdc32d7c4be1a3510e691a35f14312ace1e9cb0a723a454293
3a97fb063e0709f2bef78386a945ae97ce6cbf30f7b8b1b2fa2394395a634201
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
4065736193564334b31734337a3dda8084b9ef9113e00f9bd27e76284c0e2717
416cd946382a6f9dca08f2660e23c313a9676547451b398edca0dfcba3170a78
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
59a89c4dccbb86c5c3d818b4c0a6746bdae41e10287632aaa91cf15f79f91ae1
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
75f3b8253c28f998cffb152330eea7c772f5316a8189b205570ad819b392b235
77305ae54a42cad7a718d8d5cb8320295371f10e4f0eeec6ce90ebaf1d80636c
7ae168f79c3be51946d3427b6b0ea27ca849145170118e2d90b81d9e0752a9c8
938c4b4bc5aaee6158288e9eb57c0ee82ee07b2f6a112a77bfb6dd96f04431d1
93cac703fe9f70d2b8cb24d19885a2ebb022443d0fbe661e40fe2a44be5bb34a
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
9cfd8f82fc60fcfb58556fe517f8b768eb25286ae8b33bc4899026c989218d14
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
ae96950cb0ecce1504fc6af1f8fce1eabd0404e7309363d220b3ed6c3093aa34
af4c22461aedf382190d0367cfb759d2faf8fb994a917406557d81d48f63344a
b0be83788ffaab5a9e4b99300e6219dcc920159cac8e574350ba9f73d6c9da8c
b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2
b597905d038ce209c8efff207b625ed159078c9b47c20e477b668e88e9c49ae4
b723356232ff8a1ba171b07c222e1ec7a00f0d5fb7482f340367c14736a3f4c7
c393fc801b5245cafc8fda6bdf63c29d35caffb63cc5b6c9bea3cc9f4d24f03a
c65f067c8632212c72fdfe3be7cb782b94c6d1443138c9b2fa16379439cb7eb8
cb4c7bf8efbdc4ad25773e1d6d34df27a71fd8574347b488ec056e879d65bcb8
d7a86a060151080397a18501b59a1a215e53fd1bdc9e699e8de95ad8ac1c52ba
d955d7192bcfd25ccde06702c063d11020cec09a03210577f9c5b37b697b66db
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8e06b9ac9ec749dfca694aa1deab37e572b14e0b5dc2de3567a3612bdbb584c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f054270ca481673940db35fce24480c956521162b47e66767a9f96162d1c00a2
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f64076dc3fae3d629eecb251bb983d563cfcf8dbe73484fbefece834054b4292
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
fa08c060a3d668322c63765e9f227ddfe2968645ed960e4701acd7bfe221558d

www.coolmathgames9.com Open in urlscan Pro 108.160.158.68 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

81 Requests

95 %HTTPS

85 %IPv6

11 Domains

14 Subdomains

14 IPs

2 Countries

1205 kBTransfer

3068 kBSize

7 Cookies

3 Outgoing links

Redirected requests

81 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.coolmathgames9.com Open in urlscan Pro
108.160.158.68 Public Scan

Screenshot
Live screenshot

Full Image

81
Requests

95 %
HTTPS

85 %
IPv6

11
Domains

14
Subdomains

14
IPs

2
Countries

1205 kB
Transfer

3068 kB
Size

7
Cookies

81 HTTP transactions
8 data transactions