site13.policyplayer.com Open in urlscan Pro
104.21.87.142  Public Scan

2 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

26 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H3	200	Primary Request / Show response site13.policyplayer.com/	23 KB 7 KB	602ms 536ms	Document text/html	104.21.87.142 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://site13.policyplayer.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.87.142 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash da8d6caeabc4110a5116a4375cd410328f9f178dfa376ca2b019082d1f901629 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 8f0ff24a8e3139c3-YYZ content-encoding zstd content-type text/html date Thu, 12 Dec 2024 18:58:33 GMT last-modified Thu, 12 Dec 2024 13:11:40 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} priority u=0,i report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hGndDgtSpjxrPMkcaqbFSlfgsNNJS8rxzgSWh3ufwSkw0bC8G2sdkcz1N86LrEQUA%2FfN3mRdwAOBgIQ95OLsxf%2FFY3t24020KXxFdyVZVqEhLSgN4fzckhRW3rtfBisnXAWNNcsxhGXdrQ%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare server-timing cfL4;desc="?proto=QUIC&rtt=21529&min_rtt=19291&rtt_var=6317&sent=12&recv=10&lost=0&retrans=0&sent_bytes=4183&recv_bytes=4492&delivery_rate=499&cwnd=12000&unsent_bytes=0&cid=d61d6a5ee578b4f7&ts=547&x=1" cfExtPri cfHdrFlush;dur=0 vary Accept-Encoding
GET H3	200	gpt.js Show response securepubads.g.doubleclick.net/tag/js/	104 KB 33 KB	176ms 63ms	Script text/javascript	142.250.80.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/tag/js/gpt.js Requested by Host: site13.policyplayer.com URL: https://site13.policyplayer.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.80.98 Plainview, United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s36-in-f2.1e100.net Software cafe / Resource Hash a42b7e9892a0242d35f24ec5f675759b991cf1d8827e4fbec67b1d084317ff2d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://site13.policyplayer.com/ Response headers content-encoding br etag 604 / 20069 / m202412090101 / config-hash: 5483269404502077320 x-content-type-options nosniff expires Thu, 12 Dec 2024 18:58:33 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" date Thu, 12 Dec 2024 18:58:33 GMT content-type text/javascript; charset=UTF-8 vary Accept-Encoding content-disposition attachment; filename="f.txt" cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * cross-origin-resource-policy cross-origin access-control-allow-origin * content-length 33564 x-xss-protection 0 server cafe
GET H2	200	firebase-app.js Show response www.gstatic.com/firebasejs/8.4.3/	21 KB 7 KB	188ms 69ms	Script text/javascript	142.250.80.99 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/firebasejs/8.4.3/firebase-app.js Requested by Host: site13.policyplayer.com URL: https://site13.policyplayer.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.80.99 Plainview, United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s36-in-f3.1e100.net Software sffe / Resource Hash 1d3cc3c58d05b610ac35646da2ff63e24204e239c6b9021c0b3106295feddb26 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://site13.policyplayer.com/ Response headers content-encoding gzip age 536927 report-to {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]} x-content-type-options nosniff expires Sat, 06 Dec 2025 13:49:46 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Fri, 06 Dec 2024 13:49:46 GMT last-modified Thu, 29 Apr 2021 21:06:52 GMT content-type text/javascript; charset=UTF-8 vary Accept-Encoding cache-control public, max-age=31536000 cross-origin-opener-policy same-origin-allow-popups; report-to="firebase-js" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js accept-ranges bytes access-control-allow-origin * content-length 6763 x-xss-protection 0 server sffe
GET H2	200	firebase-messaging.js Show response www.gstatic.com/firebasejs/8.4.3/	40 KB 11 KB	152ms 34ms	Script text/javascript	142.250.80.99 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/firebasejs/8.4.3/firebase-messaging.js Requested by Host: site13.policyplayer.com URL: https://site13.policyplayer.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.80.99 Plainview, United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s36-in-f3.1e100.net Software sffe / Resource Hash a8d6389e6811b9fea7ff683cb31a57a6e0b29781407d7f5d45994aae1b5725b7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://site13.policyplayer.com/ Response headers content-encoding gzip age 96642 report-to {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]} x-content-type-options nosniff expires Thu, 11 Dec 2025 16:07:51 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Wed, 11 Dec 2024 16:07:51 GMT last-modified Thu, 29 Apr 2021 21:06:56 GMT content-type text/javascript; charset=UTF-8 vary Accept-Encoding cache-control public, max-age=31536000 cross-origin-opener-policy same-origin-allow-popups; report-to="firebase-js" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js accept-ranges bytes access-control-allow-origin * content-length 10908 x-xss-protection 0 server sffe
GET H2	200	firebase-analytics.js Show response www.gstatic.com/firebasejs/8.4.3/	35 KB 11 KB	186ms 68ms	Script text/javascript	142.250.80.99 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/firebasejs/8.4.3/firebase-analytics.js Requested by Host: site13.policyplayer.com URL: https://site13.policyplayer.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.80.99 Plainview, United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s36-in-f3.1e100.net Software sffe / Resource Hash e7c0459e0f05e41ff894a1973b2d203434282aff8daf4605c3021d1cd61eaf12 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://site13.policyplayer.com/ Response headers content-encoding gzip age 596007 report-to {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]} x-content-type-options nosniff expires Fri, 05 Dec 2025 21:25:06 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Thu, 05 Dec 2024 21:25:06 GMT last-modified Thu, 29 Apr 2021 21:06:56 GMT content-type text/javascript; charset=UTF-8 vary Accept-Encoding cache-control public, max-age=31536000 cross-origin-opener-policy same-origin-allow-popups; report-to="firebase-js" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js accept-ranges bytes access-control-allow-origin * content-length 10774 x-xss-protection 0 server sffe
GET H2	200	service-worker.js Show response kids.policyplayer.com/	10 KB 3 KB	1272ms 34ms	Script application/x-javascript	172.67.169.226 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://kids.policyplayer.com/service-worker.js Requested by Host: site13.policyplayer.com URL: https://site13.policyplayer.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.169.226 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c2aa7547c5697d104493a37442139fac24532f27c73c421f1a846ac4cff878e8 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://site13.policyplayer.com/ Response headers content-encoding zstd cf-cache-status HIT etag W/"27b0-671b465d-27865e2acd32859c;br" age 455924 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2uBHvuvFPQ4iDCqAnZpy9YmAmfKAQedzy%2FyOaH6Xn%2FUmn5IeD51O6H5dlrlam7zv%2BYQkd0WwKc9uBpcygE%2BBpOgXfITf8U%2BPjDuuQZl6V%2F24YjWvzmokowbqEUppjM%2FHUpDRCMFhJ54%3D"}],"group":"cf-nel","max_age":604800} expires Sat, 14 Dec 2024 12:19:50 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=TCP&rtt=18439&min_rtt=18194&rtt_var=3267&sent=11&recv=13&lost=0&retrans=0&sent_bytes=5661&recv_bytes=2297&delivery_rate=212509&cwnd=242&unsent_bytes=0&cid=017ac9c82e83dfc7&ts=179&x=0" date Thu, 12 Dec 2024 18:58:34 GMT content-type application/x-javascript last-modified Fri, 25 Oct 2024 07:18:53 GMT vary Accept-Encoding platform hostinger content-security-policy upgrade-insecure-requests cache-control public, max-age=604800 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8f0ff255fe8836b2-YYZ x-turbo-charged-by LiteSpeed server cloudflare panel hpanel
GET H2	200	firebase-messaging-sw.js Show response kids.policyplayer.com/	3 KB 2 KB	1267ms 31ms	Script application/x-javascript	172.67.169.226 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://kids.policyplayer.com/firebase-messaging-sw.js Requested by Host: site13.policyplayer.com URL: https://site13.policyplayer.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.169.226 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 45d9ad47ca2df62b0b14d9b11554ff933eac67dbff8234077de132283d80cf9c Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://site13.policyplayer.com/ Response headers content-encoding zstd cf-cache-status HIT etag W/"a09-671b465d-d0ef8874ce352e22;br" age 314931 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=k8DM1QCJtZ%2FtMUe1YUy6UJy1xW0AzkKIimGSMgpZvr18%2FR21QZ3m%2Fm1ryge3GgKH6KRBW2%2BCVB7s4ds0CDzmP%2FlxKeaUBXuOhV9MV8GYTpv7IRrUHNi72Txg87iO5yXCiI8Y7UdZDkM%3D"}],"group":"cf-nel","max_age":604800} expires Mon, 16 Dec 2024 03:29:43 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=TCP&rtt=18439&min_rtt=18194&rtt_var=3267&sent=8&recv=13&lost=0&retrans=0&sent_bytes=4034&recv_bytes=2297&delivery_rate=212509&cwnd=242&unsent_bytes=0&cid=017ac9c82e83dfc7&ts=175&x=0" date Thu, 12 Dec 2024 18:58:34 GMT content-type application/x-javascript last-modified Fri, 25 Oct 2024 07:18:53 GMT vary Accept-Encoding platform hostinger content-security-policy upgrade-insecure-requests cache-control public, max-age=604800 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8f0ff255fe8936b2-YYZ x-turbo-charged-by LiteSpeed server cloudflare panel hpanel
GET H3	200	f.txt Show response site13.policyplayer.com/securepubads.g.doubleclick.net/tag/js/	107 KB 37 KB	289ms 288ms	Script text/plain	104.21.87.142 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://site13.policyplayer.com/securepubads.g.doubleclick.net/tag/js/f.txt Requested by Host: site13.policyplayer.com URL: https://site13.policyplayer.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.87.142 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 935bef0fde9c5cfc36cf95bfbd2b4eb29c7262b6c264eb7abfc2cd6101fea55f Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://site13.policyplayer.com/ Response headers server cloudflare nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding zstd cf-cache-status DYNAMIC etag W/"1ab35-672f5c02-3fc01e;br" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=T1f5984DHWNxBcJV8fsjecnctmIkSC0hsNFR3sOm7W7SpfirZHC7YMAhao5%2BNK2RDm3X9wyQMx71R%2BSaZHv930l1nl%2BJ3kbTFEAx637DAqjSSByzjbZYjST8R%2FsHOYjcMdBFnhfOT7VxPw%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8f0ff2563b0d39c3-YYZ alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=23041&min_rtt=19291&rtt_var=5772&sent=23&recv=18&lost=2&retrans=2&sent_bytes=14399&recv_bytes=5404&delivery_rate=91428&cwnd=8400&unsent_bytes=0&cid=d61d6a5ee578b4f7&ts=2164&x=1", cfExtPri, cfHdrFlush;dur=0 date Thu, 12 Dec 2024 18:58:34 GMT content-type text/plain last-modified Sat, 09 Nov 2024 12:56:34 GMT vary Accept-Encoding priority u=3,i=?0
GET H3	200	auth.php Show response www.freevisitorcounters.com/	2 KB 2 KB	328ms 257ms	Script application/javascript	104.21.89.181 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.freevisitorcounters.com/auth.php?id=639caba1c9c40ae80a0ccd50617b2af7d03dc5c0 Requested by Host: site13.policyplayer.com URL: https://site13.policyplayer.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.89.181 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b263d02ebf80e988c2ef1d4b4b53e07e9ee202f1dccf67611f13ad07e1260391 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://site13.policyplayer.com/ Response headers nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding gzip cf-cache-status DYNAMIC report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tc95Apa6Li7KyY%2FBXBbGDnatIsj7sTaNnE6DlsWdOXwcJj%2F38YC71qB%2B4F7yfMwbRgZ7VZEdK%2Fox2tacbFRhsX5YdbeljyWx%2Bd93srZPGTjoIEC4wZWOYgOfRJeMuPvtA1bn7SjG9a4zeWdhrRw%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8f0ff24eb98caad0-YYZ alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=27727&min_rtt=19950&rtt_var=11028&sent=12&recv=11&lost=0&retrans=0&sent_bytes=5120&recv_bytes=4746&delivery_rate=413&cwnd=12000&unsent_bytes=0&cid=03f486b9452e63cf&ts=286&x=1", cfExtPri, cfHdrFlush;dur=0 date Thu, 12 Dec 2024 18:58:33 GMT content-type application/javascript vary Accept-Encoding server cloudflare priority u=1,i=?0
GET H3	200	0 Show response www.freevisitorcounters.com/en/home/counter/1276623/t/	222 B 948 B	323ms 252ms	Script application/javascript	104.21.89.181 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.freevisitorcounters.com/en/home/counter/1276623/t/0 Requested by Host: site13.policyplayer.com URL: https://site13.policyplayer.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.89.181 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7b603ea10cbe1ac5d6734af32def236a8be7b14d72b222b5c331409dc3f0940d Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://site13.policyplayer.com/ Response headers nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding gzip cf-cache-status DYNAMIC report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=D%2FVA18XbY9tC8Lgtra4cqEyz%2FVW%2FSVqmA7k3J1TN7%2B%2FmpkPVOyrH8sDXBEeSC0osKdzV4sNGSZrnxL0yhHCdW0ZsRwpIAE28%2FukrFGk1svE3lz1Zwj9VEv61RzHIRMZYIcoijKjSyWkSgCYPDhI%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8f0ff24eb990aad0-YYZ alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=27727&min_rtt=19950&rtt_var=11028&sent=11&recv=11&lost=0&retrans=0&sent_bytes=4149&recv_bytes=4746&delivery_rate=413&cwnd=12000&unsent_bytes=0&cid=03f486b9452e63cf&ts=276&x=1", cfExtPri, cfHdrFlush;dur=0 date Thu, 12 Dec 2024 18:58:33 GMT content-type application/javascript vary Accept-Encoding server cloudflare priority u=1,i=?0
GET H3	200	pubads_impl.js Show response securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/	492 KB 153 KB	131ms 131ms	Script text/javascript	142.250.80.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.80.98 Plainview, United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s36-in-f2.1e100.net Software cafe / Resource Hash 04d85fdaa240e9c6964c1b3afe75b8802720a8d9a98e6c35f346f599b1113af4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://site13.policyplayer.com/ Response headers content-encoding br etag 5395541545685299795 age 5462 x-content-type-options nosniff expires Fri, 12 Dec 2025 17:27:32 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" date Thu, 12 Dec 2024 17:27:32 GMT content-disposition attachment; filename="f.txt" content-type text/javascript; charset=UTF-8 vary Accept-Encoding cache-control public, immutable, max-age=31536000 timing-allow-origin * cross-origin-resource-policy cross-origin access-control-allow-origin * content-length 156760 x-xss-protection 0 server cafe
POST		checknotificationcode push.policyplayer.com/api/User/	0 0
OPTIONS		checknotificationcode push.policyplayer.com/api/User/ Frame	0 0
GET H3	200	0 www.freevisitorcounters.com/en/counter/render/1276623/t/	3 KB 4 KB	151ms 150ms	Image image/png	104.21.89.181 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.freevisitorcounters.com/en/counter/render/1276623/t/0 Requested by Host: site13.policyplayer.com URL: https://site13.policyplayer.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.89.181 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4371cbfcc558305b5b7707dd7f1e89b7fef1d70dd977cdeb10df08d2e9f39fe9 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://site13.policyplayer.com/ Response headers nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-cache-status DYNAMIC report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mbiiCu3rAlfVR2azjfYM55rOSWVGdoLBtkwaaloEGhJ51vW2mAIf5RfrSbs%2FihRbPmOW6KtQikQ%2FjOmiM75nZqNLUMDlrJzy7GghcavHympTVnShSyGE0LM16IVU6idBkpi4Osw9%2Bn75%2BOb7qLs%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8f0ff2564a70aad0-YYZ alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=31743&min_rtt=19950&rtt_var=14137&sent=15&recv=14&lost=0&retrans=0&sent_bytes=6755&recv_bytes=5192&delivery_rate=87909&cwnd=12000&unsent_bytes=0&cid=03f486b9452e63cf&ts=1387&x=1", cfExtPri, cfHdrFlush;dur=0 content-length 3325 date Thu, 12 Dec 2024 18:58:34 GMT content-type image/png server cloudflare priority u=3,i
GET H3	200	gpt securepubads.g.doubleclick.net/pagead/managed/dict/m202412050101/	63 KB 22 KB	42ms 40ms	Other text/plain	142.250.80.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/managed/dict/m202412050101/gpt Requested by Host: site13.policyplayer.com URL: https://site13.policyplayer.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.80.98 Plainview, United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s36-in-f2.1e100.net Software cafe / Resource Hash 3afadb2c1b557e72372f35ddac45c9638faa3de842363f36e560ab7d1045b32a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer Response headers content-encoding br etag 4443559573512225521 age 43196 x-content-type-options nosniff expires Fri, 13 Dec 2024 06:58:38 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" date Thu, 12 Dec 2024 06:58:38 GMT content-type text/plain; charset=UTF-8 vary Accept-Encoding cache-control public, max-age=86400, stale-while-revalidate=7200 timing-allow-origin * cross-origin-resource-policy cross-origin access-control-allow-origin * content-length 22952 x-xss-protection 0 server cafe use-as-dictionary match="/gampad/ads", id="m202412050101"
GET H3	200	topics_frame.html securepubads.g.doubleclick.net/static/topics/ Frame 5A3B	0 0	105ms 32ms	Document text/html	142.250.80.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/static/topics/topics_frame.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.80.98 Plainview, United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s36-in-f2.1e100.net Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://site13.policyplayer.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers accept-ranges bytes age 2435 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=3000, stale-while-revalidate=3600 content-encoding br content-length 29117 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Thu, 12 Dec 2024 18:18:00 GMT expires Thu, 12 Dec 2024 19:08:00 GMT last-modified Mon, 09 Dec 2024 20:44:42 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	2 KB 478 B	202ms 202ms	Fetch text/plain	142.250.80.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=694688379552361&correlator=1814954074224367&output=ldjh&gdfp_req=1&vrg=202412090101&ptt=17&impl=fifs&iu_parts=21952429235%3A22463289378%2CBe_policyplayer_336x280%2Cbe_policyplayer_rewarded_ad&enc_prev_ius=%2F0%2F1%2C%2F0%2F2&prev_iu_szs=336x280%2C1x1&ifi=1&sfv=1-0-40&ists=1&fas=0%2C11&rbvs=1&sc=1&cookie_enabled=1&abxe=1&dt=1734029914966&lmt=1734009100&adxs=632%2C-9&adys=98%2C-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C-1&ucis=1%7C2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fsite13.policyplayer.com%2F&vis=1&psz=1584x280%7C0x-1&msz=1584x280%7C0x-1&fws=0%2C2&ohw=0%2C0&topics=9&tps=9&htps=10&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1734029913256&idt=1635&adks=3443843584%2C2092154707&frm=20&eoidce=1&td=1&egid=49964&tan=74c74f27-c914-41b8-828b-b34b54b74588%2C74c74f27-c914-41b8-828b-b34b54b74589&tdf=2 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.80.98 Plainview, United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s36-in-f2.1e100.net Software cafe / Resource Hash 497a132cac28bbbb2421f7b94ed14c5aa6b912a6715e564239f7635c7902ac79 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://site13.policyplayer.com/ Response headers content-encoding dcb google-lineitem-id -2,-2 observe-browsing-topics ?1 x-content-type-options nosniff google-mediationtag-id -2 google-mediationgroup-id -2,-2 expires Fri, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" date Thu, 12 Dec 2024 18:58:35 GMT content-type text/plain; charset=UTF-8 google-creative-id -2,-2 cache-control no-cache, must-revalidate timing-allow-origin * pragma no-cache cross-origin-resource-policy cross-origin access-control-allow-credentials true access-control-allow-origin https://site13.policyplayer.com content-length 447 x-xss-protection 0 server cafe
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	763 B 369 B	84ms 82ms	Fetch text/plain	142.250.80.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=694688379552361&correlator=1814954074224367&output=ldjh&gdfp_req=1&vrg=202412090101&ptt=17&impl=fifs&iu_parts=22895628911%2Conly01&enc_prev_ius=%2F0%2F1&prev_iu_szs=768x1024%7C468x60%7C300x600%7C300x1050%7C300x250&ifi=3&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1734029914979&lmt=1734009100&adxs=416&adys=1377&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fsite13.policyplayer.com%2F&vis=1&psz=1584x60&msz=1584x60&fws=0&ohw=0&topics=9&tps=9&htps=10&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1734029913256&idt=1635&adks=739862583&frm=20&eoidce=1&td=1&egid=49964&tan=74c74f27-c914-41b8-828b-b34b54b7458a&tdf=2 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.80.98 Plainview, United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s36-in-f2.1e100.net Software cafe / Resource Hash 307da37e9f6e32ae2e9ec6adf1e347cb05277fe1a9c03594e3f580fe191b3076 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://site13.policyplayer.com/ Response headers content-encoding dcb google-lineitem-id -2 x-content-type-options nosniff google-mediationtag-id -2 google-mediationgroup-id -2 expires Fri, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" date Thu, 12 Dec 2024 18:58:35 GMT content-type text/plain; charset=UTF-8 google-creative-id -2 cache-control no-cache, must-revalidate timing-allow-origin * pragma no-cache cross-origin-resource-policy cross-origin access-control-allow-credentials true access-control-allow-origin https://site13.policyplayer.com content-length 339 x-xss-protection 0 server cafe
GET H2	200	container.html 95c67ce357fbf95b7d631e8b97cef6f2.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C7B1	0 0	914ms 72ms	Document text/html	142.250.176.193 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://95c67ce357fbf95b7d631e8b97cef6f2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.176.193 , United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s37-in-f1.1e100.net Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://site13.policyplayer.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private, max-age=300 content-encoding br content-length 2653 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Thu, 12 Dec 2024 18:58:35 GMT expires Thu, 12 Dec 2024 18:58:35 GMT last-modified Thu, 03 Nov 2022 19:10:08 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	sodar Show response ep1.adtrafficquality.google/getconfig/	17 KB 13 KB	126ms 59ms	XHR application/json	142.250.80.66 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ep1.adtrafficquality.google/getconfig/sodar?sv=200&tid=gpt&tv=m202412090101&st=env Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.80.66 Plainview, United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s35-in-f2.1e100.net Software cafe / Resource Hash 1b1a9f64357e82dc182065a1951af4bb584bc6ff7c9d090413c9a3b3a7b21b7b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://site13.policyplayer.com/ Response headers timing-allow-origin * content-encoding br cross-origin-resource-policy cross-origin x-content-type-options nosniff access-control-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-length 13213 date Thu, 12 Dec 2024 18:58:36 GMT x-xss-protection 0 content-type application/json; charset=UTF-8 content-disposition attachment; filename="f.txt" server cafe
GET H3	200	matomo.php stats.symptoma.com/	43 B 718 B	601ms 302ms	Image image/gif	104.26.14.220 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://stats.symptoma.com/matomo.php?idsite=1&rec=1&action_name=Chatbot&url=https://www.symptoma.com/chatbot&urlref= Protocol H3 Security QUIC, , AES_128_GCM Server 104.26.14.220 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/8.1.19 Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://site13.policyplayer.com/ Response headers cache-control no-store nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-cache-status DYNAMIC report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Rjm7hLUHlYS3keFRHgQ4s0OhlUkzT8UYNJTO0r7Wi9ZCMnXvqlRnVd6EHgbpcOJPpVao3ldx4c4YGMBK%2BYWRMvGhOpEMoiS4agYncWQHTT1akp00uJR4iVnMovEFWsh1trSNoQ%3D%3D"}],"group":"cf-nel","max_age":604800} referrer-policy origin cf-ray 8f0ff260f98bab78-YYZ alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=23942&min_rtt=19382&rtt_var=9173&sent=19&recv=13&lost=4&retrans=5&sent_bytes=7639&recv_bytes=5855&delivery_rate=440&cwnd=8400&unsent_bytes=0&cid=d087f08d4ccb423d&ts=558&x=1", cfExtPri, cfHdrFlush;dur=0 date Thu, 12 Dec 2024 18:58:36 GMT content-type image/gif x-powered-by PHP/8.1.19 server cloudflare priority u=3,i
GET H3	404	favicon.ico site13.policyplayer.com/	1 KB 1 KB	537ms 536ms	Other text/html	104.21.87.142 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://site13.policyplayer.com/favicon.ico Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.87.142 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 679e7e62b81267c93d0778083ae0fd0efe24172ff0ac581835b54165b3d9ed43 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://site13.policyplayer.com/ Response headers cache-control private, no-cache, max-age=0 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding zstd cf-cache-status BYPASS pragma no-cache report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hA6%2FwCgxu3LOJaFXgKc3c3xmNQtqbIKiPISsuCnlmUOfvGoVswyIPBGa8wT%2BZN4d5bRvOV6wQ%2F7vkeF6Xu5xWk2ec7fuKUQ2b0yhTui84lauy6cSdhBRIE6FaFJUvyXDV4SOn9DE2Gmx4w%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8f0ff25f1d0439c3-YYZ alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=38857&min_rtt=19213&rtt_var=18574&sent=69&recv=43&lost=3&retrans=3&sent_bytes=57760&recv_bytes=7027&delivery_rate=343312&cwnd=6720&unsent_bytes=0&cid=d61d6a5ee578b4f7&ts=3835&x=1", cfExtPri, cfHdrFlush;dur=0 date Thu, 12 Dec 2024 18:58:36 GMT content-type text/html vary Accept-Encoding server cloudflare priority u=1,i
GET H2	200	sodar2.js Show response ep2.adtrafficquality.google/sodar/	18 KB 7 KB	224ms 105ms	Script text/javascript	142.250.65.225 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ep2.adtrafficquality.google/sodar/sodar2.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.65.225 Plainview, United States, ASN15169 (GOOGLE, US), Reverse DNS lga25s73-in-f1.1e100.net Software sffe / Resource Hash ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://site13.policyplayer.com/ Response headers content-encoding gzip etag "1727224258380615" report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} x-content-type-options nosniff expires Thu, 12 Dec 2024 18:58:36 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Thu, 12 Dec 2024 18:58:36 GMT content-type text/javascript vary Accept-Encoding cache-control private, max-age=3000 cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin accept-ranges bytes content-length 6445 x-xss-protection 0 server sffe
GET H2	200	runner.html ep2.adtrafficquality.google/sodar/sodar2/232/ Frame 0CE7	0 0	470ms 66ms	Document text/html	142.250.65.225 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html Requested by Host: ep2.adtrafficquality.google URL: https://ep2.adtrafficquality.google/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.65.225 Plainview, United States, ASN15169 (GOOGLE, US), Reverse DNS lga25s73-in-f1.1e100.net Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://site13.policyplayer.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers accept-ranges bytes age 1131 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=3000 content-encoding gzip content-length 5005 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Thu, 12 Dec 2024 18:39:46 GMT expires Thu, 12 Dec 2024 19:29:46 GMT last-modified Mon, 23 Sep 2024 18:12:21 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	aframe www.google.com/recaptcha/api2/ Frame 937B	0 0	130ms 53ms	Document text/html	142.251.40.100 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/aframe Requested by Host: ep2.adtrafficquality.google URL: https://ep2.adtrafficquality.google/sodar/sodar2.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.40.100 Queens, United States, ASN15169 (GOOGLE, US), Reverse DNS lga25s79-in-f4.1e100.net Software ESF / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-X6ww16X96qHSWX1U2v1mQg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://site13.policyplayer.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private, max-age=300 content-encoding gzip content-security-policy script-src 'report-sample' 'nonce-X6ww16X96qHSWX1U2v1mQg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-opener-policy-report-only same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d" cross-origin-resource-policy cross-origin date Thu, 12 Dec 2024 18:58:36 GMT expires Thu, 12 Dec 2024 18:58:36 GMT report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]} server ESF x-content-type-options nosniff x-xss-protection 0
GET		sodar ep1.adtrafficquality.google/pagead/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

push.policyplayer.com

URL

https://push.policyplayer.com/api/User/checknotificationcode

Domain

push.policyplayer.com

URL

https://push.policyplayer.com/api/User/checknotificationcode

Domain

ep1.adtrafficquality.google

URL

https://ep1.adtrafficquality.google/pagead/sodar?id=sodar2&v=232&t=2&li=gpt_m202412090101&jk=694688379552361&bg=!9_Sl9LvNAAbtGp3CzRo7ADQBe5WfOER0bL_vMuPhpk3NGhLfqZavlyOFU_bqOSJ7yKHto-s4nmPaPQZu8tb3rSccVLWJAgAAAZhSAAAAA2gBB34ANmRfrLn-y_W9UpuL0D2MeYFzn8OC-f5WCf9zAU2hExJsY69Wmu7aUSxnib8Tk1g9TKdn6GuPr5kCkGwAloRmJAFnluYcfytyT8mgpAnnwz8sahu6FZmxe59YcKiBnL_FnSCFpSoRCzd_l2h3dpy65fCg-x2MHqmem_h2xnbCLBIW9qzvZeGAmE6ETFmtNwqkI104JKgisg3usjQLgjQb6BPaY1TGxHYajC5oXjya7gfBtCOJ0OYpcVobCtaheB8bJi1JfyQ4Q09V6uD3_ZJsmeKkyRu-1ytILiKM77Jbx3dUNPgNf65viXPcyfpWm8a-Q8HX_BfHcvp7bdHkJl01jsgeOvxdXhx1tXNByvmLrgdogoUH6dMBgAez4wKDyT72ZxzSe5XXsnyKIKFWLrc_RhxevgVeM92NXxbKDawpAUxTv7mppaaPr8Ungd5UrF3LKtiSZeJ2enu2EmRYtkYbTC3G4hUDRwvsF75m33bJY_RGfsRIMwNtueZIkqLLK9TjCAI4uc5i2MaO8qU1UcZBJxHXndaQIX85G5lVuG3vNd3pAe8RAmU0bOqk-tKRB75LNUto8yNGrjejgXZH6o3CgLJxLlAJMhQhcKnBOEasYR3vm5auzK14OOcWzXSR4U-x-cYiPDmMg_oR2UE0X3GNfaYRSG0w07Eo1CZqD7OKUV1DdnByDFAfkJcY283ybzL28QRcgx7p8kHqV_CAZ-MKd6bcMdLM0NN8cF3K_mp_K7IkHOy0u-ikDnczWMWM58JpeUVAgod_yL_mXEggHoqfCvcJ06ak-85djPsfVWxiGqWnZ_YcLrwBK20I6uRSMG16D9ZiwTfQr84bFTSe5Be1Y6JYJD3UjlkewZE1Po0ldWh_RBCZQUHhxzw23BmIk1MRdbFHv6ujK1RT6OVm32RPdHafJdY-IQ6UixHjSDiyQ82RVBm_rz6drbrx

48 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| googletag object| rewardedSlot function| dismissRewardedAd function| displayModal object| firebase object| ggeac object| google_tag_data object| google_js_reporting_queue string| urlcurrent string| WebsiteCode string| WebsiteName function| callnotification function| checknotificationcode function| opennotification function| isMobileDevice function| getBrowser function| getOperatingSystem function| notificationupdate function| updatenotification2 function| openmypushNewWindow function| openpoup2 function| openpoup function| notificationdata function| callnotification_amp function| checknotificationcode_amp function| notificationdata_amp function| onMessageReceivedSubscribe function| onMessageReceivedSubscriptionState function| onMessageReceivedUnsubscribe function| broadcastReply function| clicknotification function| trimTrailingSlash string| ctrHref string| ctrHref2 function| eInDoc function| lCheck boolean| linkfound object| google_reactive_ads_global_state object| google_tag_topics_state number| google_unique_id object| els object| el string| linktext object| linkToHide object| GoogleGcLKhOms object| google_image_requests

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.doubleclick.net/	1970-01-21 01:40:30	Name: test_cookie Value: CheckForPermission
			.policyplayer.com/	1970-01-21 11:02:05	Name: __gads Value: ID=ceb38b5922663e52:T=1734029915:RT=1734029915:S=ALNI_MZFTEWcEBWpRCmQU9MCu2Kckoi9lQ
			.policyplayer.com/	1970-01-21 11:02:05	Name: __gpi Value: UID=00000db417949d1c:T=1734029915:RT=1734029915:S=ALNI_MY2gql2DJZMJnykamo2uA24E-Q6DA
			.policyplayer.com/	1970-01-21 05:59:41	Name: __eoi Value: ID=a1fc658325db496c:T=1734029915:RT=1734029915:S=AA-AfjZAVcbOT1DY6Hjf2ltdrP4F

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://site13.policyplayer.com/ Message: Access to fetch at 'https://push.policyplayer.com/api/User/checknotificationcode' from origin 'https://site13.policyplayer.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: Redirect is not allowed for a preflight request.
network	error	URL: https://push.policyplayer.com/api/User/checknotificationcode Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://site13.policyplayer.com/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

95c67ce357fbf95b7d631e8b97cef6f2.safeframe.googlesyndication.com
ep1.adtrafficquality.google
ep2.adtrafficquality.google
kids.policyplayer.com
push.policyplayer.com
securepubads.g.doubleclick.net
site13.policyplayer.com
stats.symptoma.com
www.freevisitorcounters.com
www.google.com
www.gstatic.com
ep1.adtrafficquality.google
push.policyplayer.com
104.21.87.142
104.21.89.181
104.26.14.220
142.250.176.193
142.250.65.225
142.250.80.66
142.250.80.98
142.250.80.99
142.251.40.100
172.67.169.226
04d85fdaa240e9c6964c1b3afe75b8802720a8d9a98e6c35f346f599b1113af4
1b1a9f64357e82dc182065a1951af4bb584bc6ff7c9d090413c9a3b3a7b21b7b
1d3cc3c58d05b610ac35646da2ff63e24204e239c6b9021c0b3106295feddb26
307da37e9f6e32ae2e9ec6adf1e347cb05277fe1a9c03594e3f580fe191b3076
3afadb2c1b557e72372f35ddac45c9638faa3de842363f36e560ab7d1045b32a
4371cbfcc558305b5b7707dd7f1e89b7fef1d70dd977cdeb10df08d2e9f39fe9
45d9ad47ca2df62b0b14d9b11554ff933eac67dbff8234077de132283d80cf9c
497a132cac28bbbb2421f7b94ed14c5aa6b912a6715e564239f7635c7902ac79
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
679e7e62b81267c93d0778083ae0fd0efe24172ff0ac581835b54165b3d9ed43
7b603ea10cbe1ac5d6734af32def236a8be7b14d72b222b5c331409dc3f0940d
935bef0fde9c5cfc36cf95bfbd2b4eb29c7262b6c264eb7abfc2cd6101fea55f
a42b7e9892a0242d35f24ec5f675759b991cf1d8827e4fbec67b1d084317ff2d
a8d6389e6811b9fea7ff683cb31a57a6e0b29781407d7f5d45994aae1b5725b7
b263d02ebf80e988c2ef1d4b4b53e07e9ee202f1dccf67611f13ad07e1260391
c2aa7547c5697d104493a37442139fac24532f27c73c421f1a846ac4cff878e8
da8d6caeabc4110a5116a4375cd410328f9f178dfa376ca2b019082d1f901629
e7c0459e0f05e41ff894a1973b2d203434282aff8daf4605c3021d1cd61eaf12
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99