epicvidxpress.top Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://epicvidxpress.top/
Effective URL:
https://epicvidxpress.top/
Submission: On January 05 via api (January 5th 2024, 12:01:05 pm UTC) from US — Scanned from NL

Summary HTTP 100 Redirects Behaviour Indicators

Summary

This website contacted 18 IPs in 3 countries across 13 domains to perform 100 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is epicvidxpress.top.
TLS certificate: Issued by GTS CA 1P5 on December 21st 2023. Valid for: 3 months.

This is the only time epicvidxpress.top was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 18	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 8	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
4	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
24	2606:4700::68... 2606:4700::6812:d20	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:4001:81c::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:400d:802::2003	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:81c::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400e:4::8	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
2	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
100	18

18 2a06:98c1:3121::3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

epicvidxpress.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2606:4700::6812:d20 (United States)

ASN13335 (CLOUDFLARENET, US)

icons.gamescdn.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.gamescdn.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

2a48ddfbf39fe56ba666c456fa5b8c49.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:400d:802::2003 (Ireland)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

redirector.gvt1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400e:4::8 (Ireland)

ASN15169 (GOOGLE, US)

r3---sn-5hne6nsd.gvt1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	gamescdn.top icons.gamescdn.top — Cisco Umbrella Rank: 314818 img.gamescdn.top — Cisco Umbrella Rank: 206707	493 KB
22	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 140 2a48ddfbf39fe56ba666c456fa5b8c49.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 185	227 KB
18	epicvidxpress.top 1 redirects epicvidxpress.top	75 KB
12	gstatic.com www.gstatic.com csi.gstatic.com fonts.gstatic.com	124 KB
10	doubleclick.net 1 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 269 googleads.g.doubleclick.net — Cisco Umbrella Rank: 68	263 KB
4	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 1695	334 B
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 115	3 KB
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 173
2	gvt1.com 1 redirects redirector.gvt1.com — Cisco Umbrella Rank: 4305 r3---sn-5hne6nsd.gvt1.com	728 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 114	184 KB
1	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 323	33 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 271	65 KB
1	google.com www.google.com — Cisco Umbrella Rank: 6	1 KB
100	13

	Domain	Requested by
18	epicvidxpress.top	1 redirects epicvidxpress.top
17	img.gamescdn.top
14	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com epicvidxpress.top 2a48ddfbf39fe56ba666c456fa5b8c49.safeframe.googlesyndication.com
8	securepubads.g.doubleclick.net	1 redirects epicvidxpress.top securepubads.g.doubleclick.net
7	icons.gamescdn.top
6	www.gstatic.com	epicvidxpress.top 2a48ddfbf39fe56ba666c456fa5b8c49.safeframe.googlesyndication.com
5	csi.gstatic.com	www.gstatic.com
5	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com epicvidxpress.top
4	region1.google-analytics.com	www.googletagmanager.com
3	fonts.googleapis.com	2a48ddfbf39fe56ba666c456fa5b8c49.safeframe.googlesyndication.com epicvidxpress.top
3	2a48ddfbf39fe56ba666c456fa5b8c49.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	googleads.g.doubleclick.net
2	www.googleadservices.com
2	www.googletagmanager.com	epicvidxpress.top www.googletagmanager.com
1	fonts.gstatic.com	fonts.googleapis.com
1	r3---sn-5hne6nsd.gvt1.com	2a48ddfbf39fe56ba666c456fa5b8c49.safeframe.googlesyndication.com
1	redirector.gvt1.com	1 redirects
1	cdn.ampproject.org	2a48ddfbf39fe56ba666c456fa5b8c49.safeframe.googlesyndication.com
1	www.googletagservices.com	epicvidxpress.top
1	www.google.com	tpc.googlesyndication.com
100	20

This site contains no links.

Subject Issuer	Validity	Valid
epicvidxpress.top GTS CA 1P5	`2023-12-21` - `2024-03-20`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
gamescdn.top GTS CA 1P5	`2023-11-17` - `2024-02-15`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh

This page contains 8 frames:

Primary Page: https://epicvidxpress.top/
Frame ID: F931CE6FF941CB06584984E848579D80
Requests: 58 HTTP requests in this frame

Frame: https://2a48ddfbf39fe56ba666c456fa5b8c49.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: F1B4A513663F22C2C7815CC1D8407515
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 7390248DA739B0297A1B3060EF364318
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4FBCCBC728255A41BED6F69BD8CE4F47
Requests: 2 HTTP requests in this frame

Frame: https://2a48ddfbf39fe56ba666c456fa5b8c49.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 0AEFAE13CA8E29532DFEF1A8EAAF1BDC
Requests: 5 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Frame ID: 3297B6497E49199E8657AB03EA0067A0
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js
Frame ID: 8FF779830815E851E34EF78BA25185E9
Requests: 1 HTTP requests in this frame

Frame: https://2a48ddfbf39fe56ba666c456fa5b8c49.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 4922A26C7BEAC67E41ECE0908FC2672F
Requests: 24 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Play Free H5 Games On Mobile

Page URL History Show full URLs

http://epicvidxpress.top/ HTTP 301
https://epicvidxpress.top/ Page URL

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

100
Requests

97 %
HTTPS

94 %
IPv6

13
Domains

20
Subdomains

18
IPs

3
Countries

2195 kB
Transfer

3871 kB
Size

7
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://epicvidxpress.top/ HTTP 301
https://epicvidxpress.top/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 88

https://redirector.gvt1.com/videoplayback?id=510dfb01281471a4&itag=18&source=web_video_ads&requiressl=yes&cmo=secure_transport=yes&ip=0.0.0.0&ipbits=0&expire=1704463260&sparams=ip,ipbits,expire,id,itag,source,requiressl&signature=70CEE396D9A19FD49F7511E0B13659775E2B29B2.084084B62F21C917D2DA2957E2591AD201E5A447&key=ck2 HTTP 302
https://r3---sn-5hne6nsd.gvt1.com/videoplayback?id=510dfb01281471a4&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1704463260&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,requiressl,source&signature=646B00026287FC3EDF99A462096851D52C7DE203.4AA7505C49B6F879AE9CBEC74CB89565EA5F9B2D&key=cms1&cms_redirect=yes&mh=nm&mip=2001:1af8:4700:a069:35::3&mm=28&mn=sn-5hne6nsd&ms=nvh&mt=1704454978&mv=u&mvi=3&pl=57

Request Chain 95

https://securepubads.g.doubleclick.net/pagead/adview?ai=CL1CPfO-XZbjPHPWh1PIPytK9sAevrbiZbNzN6-vpEIOsjb2RDhABIJLQ4pcBYJGEgID4F6AB7ubB-QPIAQmpAgfENCuTWrI-4AIAqAMByAMKqgSWAk_QH8e-V9zomuV0iPTKoIJ310Z0XpCPjL8UnrGTgG1xVkehI6VLYDKtKHUHAfr7vfx6Y7J90PtS_W5Rk1dfSTEtaMiswCLCS55AdYFoW8wYzgvALHBiEyUWMxn9T7sMMEPyGvaFtOAQ2U44GHI7WsP6mqdwtjr4Hsl8m4dMrU0RikENpkYAZC_WwZhZoW6NlKTED76bQPjNF3ZwhZykxDbLHLkr7IhGgT8A95GcZsqOyCzHBUP8g0vcSomhU2kgxPMKUNfWzfucW0JDpMgyBhcsjgMO2vWslnkkyXSk7YIEvatl_lBmwBXO5_cnItgt4_l7pfQPLmZ7y7loGCce5E7VPuJh7xCKzLDhKHwOKUCOgqhjabG0wASB8qKLlQTgBAGIBciO1LZDkgUECAQYAZIFBAgFGASgBi6AB_qYvgaoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHBBCA1hLSCB8IgOGAEBABGB0yAqoCOgKAQEi9_cE6WN_Y_M-ZxoMDmgkZaHR0cHM6Ly93d3cuZ29zaWRlc2lnbi5ubIAKA8gLAaIMCCoGCgSsurEC4g0TCMOA_c-ZxoMDFfUQVQgdSmkPdrgTnBvYEw3QFQGAFwGyFx8KHQgAEhRwdWItMzc0NjAzNzUyNTMwOTA0ORi99IwB&sigh=4vJVXp8_fIc&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTgAvHhf_vaKKOiQpn4RG7Ezje91f5CczEXzIuFDWcLbywmEBHdL8-kWw5LBvMc3GMgjyVUv845fh2VnDmfT0D2gQ7Y8SWwzYlgmHPSAiKxgB&template_id=3484&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2210285172116558542267%22,%22debug_reporting%22:true,%22destination%22:%22https://gosidesign.nl%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221060139886%22],%2222%22:[%22true%22],%224%22:[%2201-05%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%229894403901381160593%22}&andc=true

100 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
epicvidxpress.top/
Redirect Chain

http://epicvidxpress.top/
https://epicvidxpress.top/

5 KB
2 KB

401ms
344ms

Document
text/html

2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://epicvidxpress.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c6817017ea726813a03949e064003f0913f4b21e50cb7b44cd11be68bab3f2cf

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 840b905b8988f0bf-CDG
content-encoding: br
content-type: text/html
date: Fri, 05 Jan 2024 12:00:58 GMT
last-modified: Thu, 04 Jan 2024 12:17:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EfzyL1BCyMi7YraOuSdRa%2Fe5Q99zar6Ox44hcwVNT7oSo4L4Cb3rteL75FJPAvsFGfks6%2FNVUBNu4fqDKgcMsNldkOt0DUB5dzrPgsSFRnAi6M7LH6WAb9%2BzWqjJdhD91RIlZcYvna%2FKuhwrKrJ3sA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

Redirect headers

CF-RAY: 840b905a98bb96d2-SJC
Cache-Control: max-age=3600
Connection: keep-alive
Date: Fri, 05 Jan 2024 12:00:58 GMT
Expires: Fri, 05 Jan 2024 13:00:58 GMT
Location: https://epicvidxpress.top/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zkp1FQ5nuKiDrSwEgyT%2FTWjtsyBRA%2FJey39FnN%2BA3Pc%2FRVSLMuhJ%2FrNMoHAReyt1dBKsOxpwL92Y%2FRoxWOjhS5r8YibzrIjsxZKnTOeED2vItb8c5YP%2FB1fsPBBhoxW30TwIj%2BbkRQoPj976AvuMFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400

GET
H2 200 jquery-weui.min.css
epicvidxpress.top/css/ 55 KB
8 KB 192ms
189ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://epicvidxpress.top/css/jquery-weui.min.css
Requested by: Host: epicvidxpress.top
URL: https://epicvidxpress.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4217d79c81940cb5c94fbcbc0ea862f63ceea169b26cebd2819fd6e8016ff398

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 12:00:58 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Thu, 04 Jan 2024 12:17:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6596a1e8-dae0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wDnU6sbWG9u8Wsnoi24Xw5A682%2FtQVokBMe%2BHIZrhPBuFKST949bYWPgnBDuKmb3wMht0fYnX68cRv8ZvbYLB%2BOaOejVd%2BiyjtWilxAhN2MZDydZR5R%2BJGxvSAujQIoNwdVG3Du%2FW5ygkAyNfFBuiA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000
cf-ray: 840b905dbd9af0bf-CDG
alt-svc: h3=":443"; ma=86400

GET
H2 200 weui.min.css
epicvidxpress.top/css/ 50 KB
12 KB 193ms
191ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://epicvidxpress.top/css/weui.min.css
Requested by: Host: epicvidxpress.top
URL: https://epicvidxpress.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dd0e864bd7605658db1930286ef3ade510f8e61bacf8300b2e55ebd652cf6015

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 12:00:58 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Thu, 04 Jan 2024 12:17:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6596a1e8-c759"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KZ7jI67wpmDWn2ZsGDyI%2F9OYKfvKNDi24O9kFXCTOzPCXE8duMHXfNLBiwEfim3Aii0Vc7sWwkPoty8g%2B%2Bf7eYmpugBA6YHxdM%2BxK%2FZXC5vlsBhz68JSjV4ZsrwzCvcUgEKKPG7BHFuHqI7Z0eERJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000
cf-ray: 840b905dcda0f0bf-CDG
alt-svc: h3=":443"; ma=86400

GET
H2 200 style.css
epicvidxpress.top/css/ 8 KB
2 KB 630ms
628ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://epicvidxpress.top/css/style.css
Requested by: Host: epicvidxpress.top
URL: https://epicvidxpress.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 03a9732a284ff72c3d00943622ed6373e3bb5e191e29a34067ac2ceda1ea82a3

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 12:00:59 GMT
content-encoding: br
cf-cache-status: REVALIDATED
cf-bgj: minify
last-modified: Thu, 04 Jan 2024 12:17:44 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=9498
etag: W/"6596a1e8-251a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BdDq%2FNT3hwy3v%2F%2FoTsqyFjMIxex%2FH3CSWA4ihgv5ZBT%2FN%2B78qWBNBGSIKd9Rm2Om%2Blrx4njvexaToLUeglrddst%2BODyGVSk%2BMzDRruHlxr6AM5%2BBMIUoKnsU8QTIcNjcVGA8ekhUDRLUJH3bqlkgyg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000
cf-ray: 840b905dcda2f0bf-CDG
alt-svc: h3=":443"; ma=86400

GET
H2 200 self.css
epicvidxpress.top/css/ 48 KB
11 KB 781ms
780ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://epicvidxpress.top/css/self.css
Requested by: Host: epicvidxpress.top
URL: https://epicvidxpress.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f5fe697231799e673cc4c803efdd485944bd2801821c14dc197d227b53b6e3e2

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 12:00:59 GMT
content-encoding: br
cf-cache-status: REVALIDATED
cf-bgj: minify
last-modified: Thu, 04 Jan 2024 12:17:44 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=67507
etag: W/"6596a1e8-107b3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jpyl8NeRIw92Kb3SciqUPb4WddnJo4ROtdQxGXJcucB2xZcfojYxYiLlJhKOdWcBAJRlS7I%2BrFN1HAhptHFhUpmYbyTil%2FLfAVp5%2B9ywQb0VWMUR8WIEAy88ACpMmcS7YVBD0kHCTpahM6Melrb%2FRw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000
cf-ray: 840b905dcda3f0bf-CDG
alt-svc: h3=":443"; ma=86400

GET
H2 200 iconfont.css
epicvidxpress.top/css/ 553 B
717 B 203ms
201ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://epicvidxpress.top/css/iconfont.css
Requested by: Host: epicvidxpress.top
URL: https://epicvidxpress.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f116dab807b0851d1ed064614bb23ccb0ae6eca2ffe0e55772338f74523e6d04

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 12:00:58 GMT
content-encoding: br
cf-cache-status: REVALIDATED
cf-bgj: minify
last-modified: Thu, 04 Jan 2024 12:17:44 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=688
etag: W/"6596a1e8-2b0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u6pBDU4r5cYkp%2F%2FLorZ4ct8iULTCWausUkfnkrgLB0daPFbk4SzifOZVC5fIiqmGIjZrhuYqQrUM%2BQ6v64VoK%2FnlyZUsYKNKhNSO%2FsIul93sBUzwYnGUxdieS551dVhG7Ij8w88S9NjxilwZhQwIUg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000
cf-ray: 840b905dcda6f0bf-CDG
alt-svc: h3=":443"; ma=86400

GET
H2 200 logo.png
epicvidxpress.top/img/ 6 KB
7 KB 194ms
193ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://epicvidxpress.top/img/logo.png
Requested by: Host: epicvidxpress.top
URL: https://epicvidxpress.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 95232335bdfd81a894d671bfc27dbe02b625b2f55db681a0371cb64641f77e28

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 12:00:58 GMT
cf-cache-status: REVALIDATED
last-modified: Thu, 04 Jan 2024 12:17:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6596a1e8-190e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=INEIX%2BZCQvrgx%2B9nfF9uSVKlC6HE%2Bzr1xOGA0ht9HW0WkMgxAtz88v4%2F6xkxBZgpgDY7xFzy5OIanqEltFdlWioie6G4HKPALWyjUBfKN0mNCPNJiOcn9vrjdfE51cgPPxJicqSG%2BRljEh1iZy92GQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 840b905dcda8f0bf-CDG
alt-svc: h3=":443"; ma=86400
content-length: 6414

GET
H2 200 history_ic.png
epicvidxpress.top/img/ 2 KB
2 KB 204ms
203ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://epicvidxpress.top/img/history_ic.png
Requested by: Host: epicvidxpress.top
URL: https://epicvidxpress.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48679aa4e044572045a5b00006dd7da050406d75f3c258f14430fbcd21143e5d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 12:00:58 GMT
cf-cache-status: REVALIDATED
last-modified: Thu, 04 Jan 2024 12:17:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6596a1e8-698"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TJ3LfoaVnThtD%2Bzpr6i0KDi8O25QDy4fsLnW8vYWPk0a6O%2B0tOiYSkAPgOm15jgXlX4uug4d9I1BAKvDa3lMDzJBf6A5M5sBaCL3FOY2NtV8axvyJmNl1ZdADaTE2hjW4zr%2F%2BmfrNEb6pxe7tsrRTw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 840b905dcdaaf0bf-CDG
alt-svc: h3=":443"; ma=86400
content-length: 1688

GET
H2 200 classification_ic.png
epicvidxpress.top/img/ 712 B
1 KB 583ms
582ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://epicvidxpress.top/img/classification_ic.png
Requested by: Host: epicvidxpress.top
URL: https://epicvidxpress.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b2b97daa2380d8a23680dfe47ccf05bae6fe46776c27252e407c0883a9b8a8c0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 12:00:59 GMT
cf-cache-status: REVALIDATED
last-modified: Thu, 04 Jan 2024 12:17:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6596a1e8-2c8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ckdvj6CqEECHTI3DH05HmkDpo2XQh%2BHlhdc5P74J8UxQZ0phsT%2Bkf2wZ%2FVnppsBQmT%2BTWjJQFHu3y0NiNK4L51WcvoE1nAy96vYQR74JXcX5pX%2BHN3u%2B8ZkZE7TUFspTcBWznICuVGCPvtcjkefczQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 840b905dcdadf0bf-CDG
alt-svc: h3=":443"; ma=86400
content-length: 712

GET
H2 200 hot_ic.png
epicvidxpress.top/img/ 2 KB
2 KB 209ms
208ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://epicvidxpress.top/img/hot_ic.png
Requested by: Host: epicvidxpress.top
URL: https://epicvidxpress.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ffeec111a9a35e15a6388676b81ce7543deb5f3d4306399abebe5fd2f72f5928

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 12:00:58 GMT
cf-cache-status: REVALIDATED
last-modified: Thu, 04 Jan 2024 12:17:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6596a1e8-779"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tcXPmcQ7pd7uNDLxU%2FgqvHGhP3fpU1sMRzRRqu4s%2BuPqqmH%2B95VQvEwmYccRi46pgBriOxgCpMPfWfC12e%2Bk6TdDhD60PbjstV4TrdPjnN42iC5CCAfmLNbcEmGcbr3L9xjk25ivlLmxYt1Fx8vibw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 840b905dcdb1f0bf-CDG
alt-svc: h3=":443"; ma=86400
content-length: 1913

GET
H2 200 new_ic.png
epicvidxpress.top/img/ 2 KB
2 KB 195ms
194ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://epicvidxpress.top/img/new_ic.png
Requested by: Host: epicvidxpress.top
URL: https://epicvidxpress.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c821299d2781dddc4b2c65be12e2fbc5bac2a2f0261b147213118b89e279268

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 12:00:58 GMT
cf-cache-status: REVALIDATED
last-modified: Thu, 04 Jan 2024 12:17:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6596a1e8-6e4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xwSGqV39pb0heQmWtzBj7YPsa8bI46KMaylFgGlBDqK5L9ajvlpUliwWDngMB%2BhLmUmKAaeTlmpJGKtS785Db%2BtLU6aA8U7Gn10bc%2BIxgKj5fyNaZZF4UxoLr0OGkWhrrFQYv%2BQv94bR8bZcoV3Pvw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 840b905dcdb4f0bf-CDG
alt-svc: h3=":443"; ma=86400
content-length: 1764

GET
H2 200 email-decode.min.js Show response
epicvidxpress.top/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 51ms
50ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://epicvidxpress.top/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: epicvidxpress.top
URL: https://epicvidxpress.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 12:00:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 19 Dec 2023 14:09:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6581a422-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sk4t%2BYM4vP0UySNhAwftIXCfwD2yUF1%2FXLidJjG7pBUqDcV0BjMEMqJBcD807eg1KfWxjtIje%2FRPQj0dBs1fwNiUJX3H%2FAAW3azTHtarRzYNWWfJZmUIMpZoEsFDP4IfqYjVNU%2BPLoVHbMZ8SLSvdw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 840b905dede1f0bf-CDG
expires: Sun, 07 Jan 2024 12:00:58 GMT

GET
H2 200 rocket-loader.min.js Show response
epicvidxpress.top/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 52ms
51ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://epicvidxpress.top/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: epicvidxpress.top
URL: https://epicvidxpress.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 12:00:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 19 Dec 2023 14:09:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6581a422-302c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9L1oiFB35ot0HGZMsX%2BLGja640U%2B%2B8kKfgyDQKsIb62xKdAIUAWGWIBFTlEk7bIVOGoOyrttuVyS%2BPPxBG9dbYdh4cJ63gdHQ%2Fp%2B2pSi7phnDl6pjkPna9lnSM0gwbw3SzaBoCPz8AOgsMlfCuaoBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 840b905dede3f0bf-CDG
expires: Sun, 07 Jan 2024 12:00:58 GMT

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7861d93d06289bda52f2433d5ff400696bbb42ba1f6244d23edcaabf4bd523e6

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
H3 200 iconfont.woff2
epicvidxpress.top/font/ 1 KB
1 KB 632ms
631ms Font
font/woff2 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://epicvidxpress.top/font/iconfont.woff2?t=1675872004004
Requested by: Host: epicvidxpress.top
URL: https://epicvidxpress.top/css/iconfont.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e2c1c288a0340f9a2b10517d1eece34605ff15ceb0ac8fe3e48d9ad6d9bd7712

Request headers

Referer: https://epicvidxpress.top/css/iconfont.css
Origin: https://epicvidxpress.top
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 12:00:59 GMT
cf-cache-status: REVALIDATED
last-modified: Thu, 04 Jan 2024 12:17:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6596a1e8-414"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6yXqlnl5qP7Cp%2ByxCB1Jp4sWPmpt2sQ3vQkY6Vlrd1R%2BIh1WEW%2BDLrgu8s3osWipWNpuMcN1ZZ2V4luZ41STSgdF0c5RFe8hb936bnAUwakBo%2Bc%2BC9bgudMkdGBzcGGOkzZWeAyqOoY6BxBlCZrP9g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 840b9062afe9699b-FRA
alt-svc: h3=":443"; ma=86400
content-length: 1044

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 89 KB
29 KB 154ms
106ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: epicvidxpress.top
URL: https://epicvidxpress.top/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

611f7b2548a11963f63d9994b153cdd1398d5c002e32796bfcb7447bcf900735

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 12:00:59 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28779
x-xss-protection: 0
server: cafe
etag: 629 / 19727 / m202401020101 / config-hash: 11989567167898113008
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 05 Jan 2024 12:00:59 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 277 KB
92 KB 116ms
47ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-WLZL2VXMY6

Requested by

Host: epicvidxpress.top
URL: https://epicvidxpress.top/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

32b91d5ec02be7ce67c27600475672174cdac50359fcac8ea859ff99026a361b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 12:00:59 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93970
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 05 Jan 2024 12:00:59 GMT

GET
H3 200 index.js Show response
epicvidxpress.top/js/ 4 KB
2 KB 190ms
190ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://epicvidxpress.top/js/index.js
Requested by: Host: epicvidxpress.top
URL: https://epicvidxpress.top/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 329a3ac535ea6351a75f9874f54f30e0399f4ed157ed3359b1dfa927715c0138

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 12:00:59 GMT
content-encoding: br
cf-cache-status: REVALIDATED
cf-bgj: minify
last-modified: Thu, 04 Jan 2024 12:17:44 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=4565
etag: W/"6596a1e8-11d5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u9iMB3DL%2FE38p0e6MLeLkDPGcFHzgDkyChdXfuGkW7ZOTH%2FjdN0mSni%2B%2FUzgxt11Fh0f%2BLT7baK5detPeZtaU0nS8WrNDmZEVKKIDngSkeefjw1cr7y2PFNLLz%2B3w7Wp9u3gQJDSgMQmrIuVGJGwQA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 840b9062bfee699b-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 data.js Show response
epicvidxpress.top/js/ 39 KB
13 KB 709ms
709ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://epicvidxpress.top/js/data.js
Requested by: Host: epicvidxpress.top
URL: https://epicvidxpress.top/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c8cca5b91e945e4f7e73fa2b6e1e196e890c26b4d06fc2ebf410a212436c41c9

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 12:01:00 GMT
content-encoding: br
cf-cache-status: REVALIDATED
cf-bgj: minify
last-modified: Thu, 04 Jan 2024 12:17:44 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=40001
etag: W/"6596a1e8-9c41"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nYiLMtrear2gbm0LgsPdwEXsBKEzVAVZ4NMRXvvqB7ddXKo28efAMlgN8WImJ2zbpChIH7iI9aijCoMGEnPkHt3nPTALAwqGRPCLOhan6sh1WIkv%2FCMfIQPXreqWHUt88Z7p8sXC4ahS5gfbW%2FpuzA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 840b9062bfef699b-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/ 436 KB
137 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8538fa1e11fa1334100b86b0c251b8ffa0b51f5db3e732c23963053686a93dc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 11:32:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1726
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 140253
x-xss-protection: 0
server: cafe
etag: 11435206252018266965
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 04 Jan 2025 11:32:13 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 109 B
97 B 97ms
57ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=epicvidxpress.top

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

97673b17dbfe222c6e3cb6ac91acd9e29423b0df11e0b346d3334f51f45853f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 12:01:00 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72
x-xss-protection: 0
expires: Fri, 05 Jan 2024 12:01:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
246 B 55ms
19ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-WLZL2VXMY6&gtm=45je4130v9174282890&_p=1704456059927&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1694924171.1704456060&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1704456059&sct=1&seg=0&dl=https%3A%2F%2Fepicvidxpress.top%2F&dt=Play%20Free%20H5%20Games%20On%20Mobile&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=2292
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WLZL2VXMY6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Jan 2024 12:01:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://epicvidxpress.top
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 277 KB
92 KB 41ms
41ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-DWX6Q6TDMK&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WLZL2VXMY6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

db44d8504bfbf14188282273e766e931080ff6f79fdaa7c22131180e08f095a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 12:00:59 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93838
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 05 Jan 2024 12:00:59 GMT

GET
H2 200 casual.svg
icons.gamescdn.top/ 1 KB
727 B 80ms
27ms Image
image/svg+xml 2606:4700::6812:d20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icons.gamescdn.top/casual.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1a45780e45a6bd202925017e88874504340d358954255f856b9dda2d1b91a76a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 12:01:00 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 15 Feb 2023 14:08:05 GMT
server: cloudflare
age: 5025
etag: W/"63ece745-5d6"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000
cf-ray: 840b90679de8bbe6-FRA
expires: Sat, 04 Jan 2025 12:01:00 GMT

GET
H2 200 arcade.svg
icons.gamescdn.top/ 2 KB
855 B 80ms
28ms Image
image/svg+xml 2606:4700::6812:d20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icons.gamescdn.top/arcade.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b972da1f9da0a7237139330c766844fb6b62defe8795c06e8549842aaa0d67e6

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 12:01:00 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 15 Feb 2023 14:08:05 GMT
server: cloudflare
age: 218
etag: W/"63ece745-76f"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000
cf-ray: 840b90679de4bbe6-FRA
expires: Sat, 04 Jan 2025 12:01:00 GMT

GET
H2 200 action.svg
icons.gamescdn.top/ 2 KB
1 KB 78ms
26ms Image
image/svg+xml 2606:4700::6812:d20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icons.gamescdn.top/action.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e48674b241f95ad53f6658a3f4250964ad6d79634b4143c27776e2d111990e93

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 12:01:00 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 15 Feb 2023 14:08:05 GMT
server: cloudflare
age: 1773
etag: W/"63ece745-8ad"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000
cf-ray: 840b90679de3bbe6-FRA
expires: Sat, 04 Jan 2025 12:01:00 GMT

GET
H2 200 shooting.svg
icons.gamescdn.top/ 2 KB
888 B 82ms
30ms Image
image/svg+xml 2606:4700::6812:d20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icons.gamescdn.top/shooting.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ab6d62afefb8b82d4dc908c6ae42f243484be1f61a6edda9861264531fed55be

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 12:01:00 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 15 Feb 2023 14:08:05 GMT
server: cloudflare
age: 6164
etag: W/"63ece745-745"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000
cf-ray: 840b90679de5bbe6-FRA
expires: Sat, 04 Jan 2025 12:01:00 GMT

GET
H2 200 Hypercasual.svg
icons.gamescdn.top/ 1 KB
709 B 84ms
32ms Image
image/svg+xml 2606:4700::6812:d20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icons.gamescdn.top/Hypercasual.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1a45780e45a6bd202925017e88874504340d358954255f856b9dda2d1b91a76a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 12:01:00 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 15 Feb 2023 14:08:05 GMT
server: cloudflare
age: 5025
etag: W/"63ece745-5d6"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000
cf-ray: 840b90679de6bbe6-FRA
expires: Sat, 04 Jan 2025 12:01:00 GMT

GET
H2 200 racing.svg
icons.gamescdn.top/ 2 KB
878 B 81ms
29ms Image
image/svg+xml 2606:4700::6812:d20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icons.gamescdn.top/racing.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4dcaeddd646fbacc2222460871c640fd6aaf14665e48707b9c7d0175c93b13b6

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 12:01:00 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 15 Feb 2023 14:08:05 GMT
server: cloudflare
age: 1327
etag: W/"63ece745-60c"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000
cf-ray: 840b90679de2bbe6-FRA
expires: Sat, 04 Jan 2025 12:01:00 GMT

GET
H2 200 puzzle.svg
icons.gamescdn.top/ 1 KB
786 B 27ms
26ms Image
image/svg+xml 2606:4700::6812:d20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icons.gamescdn.top/puzzle.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 651ed70430e4737f1f0e1a434885775eff39dd4c2ca12aabfef27c8420d57118

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 12:01:00 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 15 Feb 2023 14:08:05 GMT
server: cloudflare
age: 676
etag: W/"63ece745-5da"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000
cf-ray: 840b9067be12bbe6-FRA
expires: Sat, 04 Jan 2025 12:01:00 GMT

GET placeholder-img.png
epicvidxpress.top/img/ 0
0

GET
H3 200 hot_ic2.png
epicvidxpress.top/img/ 2 KB
3 KB 199ms
199ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://epicvidxpress.top/img/hot_ic2.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5ce837de165c4c112d0b7f68db8f99d0aef1a0f07beb96190e879553f2c50c46

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 12:01:00 GMT
cf-cache-status: REVALIDATED
last-modified: Thu, 04 Jan 2024 12:17:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6596a1e8-8b7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ISdAECAl5VsndQZyvhdZafTbx3XXOEblc3XJ4cbLehIdzFKWyHGp1E7e5AaiV7vbtPLwqonrr7fdPw3Q2er2OV7cYIc7TAjsL%2BVREoSMc8ftQ%2BvAuikZ8AGtvhft%2By%2FKXhcOCPJiJLfv%2FJkCcgww%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 840b906749d5699b-FRA
alt-svc: h3=":443"; ma=86400
content-length: 2231

GET
H2 200 Shot_Trigger.jpg
img.gamescdn.top/ 26 KB
26 KB 97ms
46ms Image
image/jpeg 2606:4700::6812:d20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.gamescdn.top/Shot_Trigger.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 05389fc73eefe0b2c5890c9795577f9928e5a79269814f439c5ad2f236f0b376

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 12:01:00 GMT
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
last-modified: Sun, 13 Aug 2023 08:20:00 GMT
server: cloudflare
age: 1040
cf-polished: origSize=26654
etag: "64d89230-681e"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 840b90679c9f3a68-FRA
content-length: 26646
expires: Sat, 04 Jan 2025 12:01:00 GMT

GET
H2 200 Bubble-Pop-Shoot.jpg
img.gamescdn.top/ 22 KB
22 KB 78ms
27ms Image
image/webp 2606:4700::6812:d20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.gamescdn.top/Bubble-Pop-Shoot.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bdf4435732ca3ed3cf58319b21f06687291769c50aadf9307308643509b4d8a5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 12:01:00 GMT
cf-cache-status: HIT
age: 5002
cf-polished: origFmt=png, origSize=24473
content-disposition: inline; filename="Bubble-Pop-Shoot.webp"
content-length: 22272
cf-bgj: imgq:100,h2pri
last-modified: Fri, 03 Nov 2023 03:31:22 GMT
server: cloudflare
etag: "6544698a-5f99"
vary: Accept
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 840b90679ca13a68-FRA
expires: Sat, 04 Jan 2025 12:01:00 GMT

GET
H2 200 TufWar.png
img.gamescdn.top/ 23 KB
23 KB 79ms
28ms Image
image/png 2606:4700::6812:d20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.gamescdn.top/TufWar.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8eea61d19aa7b20d21b6399accd3ffd71bba489a914d16918d6dc5f247ee3f18

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 12:01:00 GMT
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
last-modified: Mon, 21 Aug 2023 14:55:51 GMT
server: cloudflare
age: 2575
cf-polished: origSize=23695
etag: "64e37af7-5c8f"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 840b90679ca03a68-FRA
content-length: 23270
expires: Sat, 04 Jan 2025 12:01:00 GMT

GET
H2 200 Millon-Star.jpg
img.gamescdn.top/ 25 KB
25 KB 80ms
29ms Image
image/webp 2606:4700::6812:d20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.gamescdn.top/Millon-Star.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2409a2c102ce0e6785c1189d06c2f2290c50942399f152bf5789b83e7ccd4040

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 12:01:00 GMT
cf-cache-status: HIT
age: 4775
cf-polished: origFmt=png, origSize=28085
content-disposition: inline; filename="Millon-Star.webp"
content-length: 25250
cf-bgj: imgq:100,h2pri
last-modified: Fri, 03 Nov 2023 03:31:22 GMT
server: cloudflare
etag: "6544698a-6db5"
vary: Accept
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 840b90679c9e3a68-FRA
expires: Sat, 04 Jan 2025 12:01:00 GMT

GET
H2 200 Shoot-Bubble-Extreme.jpg
img.gamescdn.top/ 26 KB
27 KB 30ms
29ms Image
image/webp 2606:4700::6812:d20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.gamescdn.top/Shoot-Bubble-Extreme.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cad52abe3cbc69d127f3edc0c0572fb98632d6eb224ee789a97aefcac74cbc6f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 12:01:00 GMT
cf-cache-status: HIT
age: 4867
cf-polished: origFmt=png, origSize=29382
content-disposition: inline; filename="Shoot-Bubble-Extreme.webp"
content-length: 27118
cf-bgj: imgq:100,h2pri
last-modified: Fri, 03 Nov 2023 03:31:22 GMT
server: cloudflare
etag: "6544698a-72c6"
vary: Accept
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 840b9067bcb03a68-FRA
expires: Sat, 04 Jan 2025 12:01:00 GMT

GET
H2 200 BattleRoYale.png
img.gamescdn.top/ 26 KB
26 KB 30ms
30ms Image
image/png 2606:4700::6812:d20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.gamescdn.top/BattleRoYale.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f6f98694f7389af1070549544728075f0941676b00d2a8932551f632d15c3c97

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 12:01:00 GMT
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
last-modified: Mon, 21 Aug 2023 14:55:51 GMT
server: cloudflare
age: 6309
cf-polished: origSize=27560
etag: "64e37af7-6ba8"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 840b9067bcb23a68-FRA
content-length: 26848
expires: Sat, 04 Jan 2025 12:01:00 GMT

GET
H2 200 Zumbla-Deluxe.jpg
img.gamescdn.top/ 37 KB
37 KB 30ms
29ms Image
image/webp 2606:4700::6812:d20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.gamescdn.top/Zumbla-Deluxe.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9f38e2ea23de8b6a4211d06f9cc7ab9d9a6648089807932d37955535567a5b17

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 12:01:00 GMT
cf-cache-status: HIT
age: 4263
cf-polished: origFmt=png, origSize=40335
content-disposition: inline; filename="Zumbla-Deluxe.webp"
content-length: 37996
cf-bgj: imgq:100,h2pri
last-modified: Fri, 03 Nov 2023 03:31:22 GMT
server: cloudflare
etag: "6544698a-9d8f"
vary: Accept
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 840b9067bcb33a68-FRA
expires: Sat, 04 Jan 2025 12:01:00 GMT

GET
H2 200 Knife_Hit_Up.jpg
img.gamescdn.top/ 24 KB
24 KB 31ms
30ms Image
image/jpeg 2606:4700::6812:d20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.gamescdn.top/Knife_Hit_Up.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c6019cbd552c7084cd15a88c1e0e6cf6037ccfb48a671e4a84d2355305cde74d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 12:01:00 GMT
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
last-modified: Sun, 13 Aug 2023 08:20:00 GMT
server: cloudflare
age: 4381
cf-polished: origSize=24076
etag: "64d89230-5e0c"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 840b9067bcb43a68-FRA
content-length: 24068
expires: Sat, 04 Jan 2025 12:01:00 GMT

GET
H2 200 Bubble-Legend.jpg
img.gamescdn.top/ 31 KB
31 KB 48ms
47ms Image
image/webp 2606:4700::6812:d20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.gamescdn.top/Bubble-Legend.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3057d28b021d09ed610a53bec6a454d9c52e533b42de3a7bd98785e18b6ef6bd

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 12:01:00 GMT
cf-cache-status: HIT
age: 4292
cf-polished: origFmt=png, origSize=33081
content-disposition: inline; filename="Bubble-Legend.webp"
content-length: 31328
cf-bgj: imgq:100,h2pri
last-modified: Fri, 03 Nov 2023 03:31:22 GMT
server: cloudflare
etag: "6544698a-8139"
vary: Accept
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 840b9067bcb53a68-FRA
expires: Sat, 04 Jan 2025 12:01:00 GMT

GET
H2 200 Kitten-Hide-And-Seek.png
img.gamescdn.top/ 34 KB
34 KB 49ms
48ms Image
image/webp 2606:4700::6812:d20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.gamescdn.top/Kitten-Hide-And-Seek.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f95947207b92a2bbc58bc796f047170d841ca463b1e5111afb4357236638b069

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 12:01:00 GMT
cf-cache-status: HIT
age: 6254
cf-polished: origFmt=png, origSize=37526
content-disposition: inline; filename="Kitten-Hide-And-Seek.webp"
content-length: 34434
cf-bgj: imgq:100,h2pri
last-modified: Mon, 21 Aug 2023 14:55:51 GMT
server: cloudflare
etag: "64e37af7-9296"
vary: Accept
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 840b9067bcb63a68-FRA
expires: Sat, 04 Jan 2025 12:01:00 GMT

GET
H2 200 Popsicle_Stack.png
img.gamescdn.top/ 18 KB
18 KB 48ms
48ms Image
image/png 2606:4700::6812:d20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.gamescdn.top/Popsicle_Stack.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c3bac454398b9ab6b0b7f6ca6a4c373a6283518c42f5c1666c440d57a1b3c9ed

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 12:01:00 GMT
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
last-modified: Mon, 21 Aug 2023 14:55:51 GMT
server: cloudflare
age: 785
cf-polished: status=not_needed
etag: "64e37af7-4832"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 840b9067bcb73a68-FRA
content-length: 18482
expires: Sat, 04 Jan 2025 12:01:00 GMT

GET
H2 200 Zumba-Shooter.jpg
img.gamescdn.top/ 30 KB
30 KB 49ms
48ms Image
image/webp 2606:4700::6812:d20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.gamescdn.top/Zumba-Shooter.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 36a0a6c8008edba3f4e4395cac75825207ff3aaccab1942043c07eac4c544490

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 12:01:00 GMT
cf-cache-status: HIT
age: 5159
cf-polished: origFmt=png, origSize=32921
content-disposition: inline; filename="Zumba-Shooter.webp"
content-length: 30306
cf-bgj: imgq:100,h2pri
last-modified: Fri, 03 Nov 2023 03:31:22 GMT
server: cloudflare
etag: "6544698a-8099"
vary: Accept
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 840b9067bcb83a68-FRA
expires: Sat, 04 Jan 2025 12:01:00 GMT

GET
H2 200 Train_Snake.jpg
img.gamescdn.top/ 20 KB
20 KB 49ms
49ms Image
image/jpeg 2606:4700::6812:d20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.gamescdn.top/Train_Snake.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 05df3cad76a1402f69aa2760864c0cd926d0851fb519f99c383436fe9d935afb

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 12:01:00 GMT
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
last-modified: Mon, 21 Aug 2023 14:55:51 GMT
server: cloudflare
age: 934
cf-polished: origSize=20041
etag: "64e37af7-4e49"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 840b9067bcb93a68-FRA
content-length: 20033
expires: Sat, 04 Jan 2025 12:01:00 GMT

GET
H2 200 Overlook-Tank.jpg
img.gamescdn.top/ 35 KB
35 KB 49ms
49ms Image
image/webp 2606:4700::6812:d20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.gamescdn.top/Overlook-Tank.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 124cb2f0e41be1fd24ebed287f3f4b68b352e175682309e762e5be6e85d00af0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 12:01:00 GMT
cf-cache-status: HIT
age: 3167
cf-polished: origFmt=png, origSize=37119
content-disposition: inline; filename="Overlook-Tank.webp"
content-length: 35798
cf-bgj: imgq:100,h2pri
last-modified: Fri, 03 Nov 2023 03:31:22 GMT
server: cloudflare
etag: "6544698a-90ff"
vary: Accept
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 840b9067bcba3a68-FRA
expires: Sat, 04 Jan 2025 12:01:00 GMT

GET
H2 200 Mighty_Mouse_Dash.jpg
img.gamescdn.top/ 29 KB
29 KB 50ms
49ms Image
image/jpeg 2606:4700::6812:d20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.gamescdn.top/Mighty_Mouse_Dash.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b067331ad1876e66c4d8326689e20dbae9756d951e8df5c32352213c9041dd33

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 12:01:00 GMT
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
last-modified: Mon, 21 Aug 2023 14:55:51 GMT
server: cloudflare
age: 5729
cf-polished: origSize=29742
etag: "64e37af7-742e"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 840b9067bcbb3a68-FRA
content-length: 29626
expires: Sat, 04 Jan 2025 12:01:00 GMT

GET
H2 200 UnblockTheBall.jpg
img.gamescdn.top/ 48 KB
48 KB 48ms
48ms Image
image/jpeg 2606:4700::6812:d20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.gamescdn.top/UnblockTheBall.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eba9b16c03039a33cee52098bc6e98ef6db42f6dfd73375b4a57d467f6c472cb

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 12:01:00 GMT
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
last-modified: Mon, 21 Aug 2023 14:55:51 GMT
server: cloudflare
age: 5812
cf-polished: origSize=48870
etag: "64e37af7-bee6"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 840b9067bcbd3a68-FRA
content-length: 48862
expires: Sat, 04 Jan 2025 12:01:00 GMT

GET
H2 200 MergeBlock2048.jpg
img.gamescdn.top/ 33 KB
33 KB 49ms
49ms Image
image/jpeg 2606:4700::6812:d20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.gamescdn.top/MergeBlock2048.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 27ed0c369b9828c02eaad94ce961e1f5600074534b5b6755dd5ce40b97da3245

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 12:01:00 GMT
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
last-modified: Mon, 21 Aug 2023 14:55:51 GMT
server: cloudflare
age: 1935
cf-polished: origSize=34047
etag: "64e37af7-84ff"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 840b9067bcbf3a68-FRA
content-length: 34039
expires: Sat, 04 Jan 2025 12:01:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 18ms
17ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-DWX6Q6TDMK&gtm=45je4130v9117603054&_p=1704456059927&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1694924171.1704456060&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1704456060&sct=1&seg=0&dl=https%3A%2F%2Fepicvidxpress.top%2F&dt=Play%20Free%20H5%20Games%20On%20Mobile&en=page_view&_fv=1&_ss=1&_ee=1&tfd=2375
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DWX6Q6TDMK&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Jan 2024 12:01:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://epicvidxpress.top
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 184 KB
51 KB 452ms
451ms Fetch
text/plain 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4457737963636539&correlator=4071996255242876&eid=31079957%2C31080197%2C31079527%2C31061690&output=ldjh&gdfp_req=1&vrg=202401020101&ptt=17&impl=fif&iu_parts=22847376752%2Cepicvidxpress.top-f%2Cepicvidxpress.top-inter-01&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&ists=1&fas=8&sc=1&cookie_enabled=1&abxe=1&dt=1704456060061&lmt=1704370664&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fepicvidxpress.top%2F&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1694924171.1704456060&ga_sid=1704456060&ga_hid=1669269513&ga_fc=true&dlt=1704456058505&idt=1510&adks=2435914972&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2fe2f71f1264bb6e7e75300c6033e01c3bfa6906bdfb8b52af44e1f159d819c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 12:01:00 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51885
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://epicvidxpress.top
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 114 KB
32 KB 871ms
869ms Fetch
text/plain 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4457737963636539&correlator=4071996255242876&eid=31079957%2C31080197%2C31079527%2C31061690&output=ldjh&gdfp_req=1&vrg=202401020101&ptt=17&impl=fif&iu_parts=22847376752%2Cepicvidxpress.top-f%2Cepicvidxpress.top-300x250-01&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&ifi=2&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1704456060065&lmt=1704370664&adxs=650&adys=83&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fepicvidxpress.top%2F&vis=1&psz=1600x288&msz=1600x250&fws=4&ohw=1600&ga_vid=1694924171.1704456060&ga_sid=1704456060&ga_hid=1669269513&ga_fc=true&dlt=1704456058505&idt=1510&adks=3917228526&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e0ac2d7c621ca4a369aa66c1671bff5aad25e4c8646a6893bfc712f12ac1d8aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 12:01:00 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33230
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://epicvidxpress.top
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 119ms
70ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202401020101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

58b0a3cd52f5153bcb4618dff7d7ae18cdb8172ecffd1fd1cb3299ada1399a0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 12:01:00 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12255
x-xss-protection: 0

GET
H2 200 container.html Show response
2a48ddfbf39fe56ba666c456fa5b8c49.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F1B4 6 KB
3 KB 107ms
31ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://2a48ddfbf39fe56ba666c456fa5b8c49.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 05 Jan 2024 12:01:00 GMT
expires: Sat, 04 Jan 2025 12:01:00 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_page_level_ads.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/ 40 KB
14 KB 31ms
30ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl_page_level_ads.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d1fee0e275eff6d223e9845ca7aee343e0f4ea7b74b8e33b3b37088e559fce0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 14:07:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78816
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13827
x-xss-protection: 0
server: cafe
etag: 14489142153891184122
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Fri, 03 Jan 2025 14:07:24 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 95ms
30ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 12:01:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 05 Jan 2024 12:01:00 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7390 13 KB
5 KB 21ms
19ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 40466
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 05 Jan 2024 00:46:34 GMT
expires: Sat, 04 Jan 2025 00:46:34 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 4FBC 829 B
1 KB 76ms
29ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

fb914ac5557187fecf29dbaa36ccff8393133e8eff5ebdedcc610f5775f3a719

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-6OeeEzkyXxEHJz4wBb2RAw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-6OeeEzkyXxEHJz4wBb2RAw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 05 Jan 2024 12:01:00 GMT
expires: Fri, 05 Jan 2024 12:01:00 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 7390 39 KB
15 KB 83ms
20ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 11:09:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3077
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 04 Jan 2025 11:09:43 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 4FBC 0
0 66ms
56ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202401020101&jk=4457737963636539&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 7390 0
10 B 20ms
19ms Image
text/plain 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?ur104A
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 12:01:00 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 container.html Show response
2a48ddfbf39fe56ba666c456fa5b8c49.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0AEF 6 KB
3 KB 24ms
23ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://2a48ddfbf39fe56ba666c456fa5b8c49.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 05 Jan 2024 12:01:00 GMT
expires: Sat, 04 Jan 2025 12:01:00 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame 0AEF 4 KB
1 KB 76ms
29ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: 2a48ddfbf39fe56ba666c456fa5b8c49.safeframe.googlesyndication.com
URL: https://2a48ddfbf39fe56ba666c456fa5b8c49.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://2a48ddfbf39fe56ba666c456fa5b8c49.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 05 Jan 2024 12:01:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 05 Jan 2024 10:42:22 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 05 Jan 2024 12:01:00 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 3297 6 KB
779 B 65ms
30ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: epicvidxpress.top
URL: https://epicvidxpress.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://2a48ddfbf39fe56ba666c456fa5b8c49.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 05 Jan 2024 12:01:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 05 Jan 2024 10:43:41 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 05 Jan 2024 12:01:00 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/ Frame 3297 2 KB
822 B 20ms
20ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: epicvidxpress.top
URL: https://epicvidxpress.top/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://2a48ddfbf39fe56ba666c456fa5b8c49.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 14:37:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77013
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 18 Jan 2024 14:37:27 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240103/r20110914/ Frame 3297 23 KB
9 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240103/r20110914/abg_lite_fy2021.js

Requested by

Host: epicvidxpress.top
URL: https://epicvidxpress.top/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://2a48ddfbf39fe56ba666c456fa5b8c49.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 14:37:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77013
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9276
x-xss-protection: 0
server: cafe
etag: 3558958386372919956
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 18 Jan 2024 14:37:27 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/ Frame 3297 3 KB
1 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/window_focus_fy2021.js

Requested by

Host: epicvidxpress.top
URL: https://epicvidxpress.top/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://2a48ddfbf39fe56ba666c456fa5b8c49.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 14:37:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77013
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 18 Jan 2024 14:37:27 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/ Frame 3297 20 KB
8 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: epicvidxpress.top
URL: https://epicvidxpress.top/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2f764c969a82705ba7838239087f5ff9b33e978b6bae2657e299b6b14c30ad7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://2a48ddfbf39fe56ba666c456fa5b8c49.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 10:12:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6500
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8523
x-xss-protection: 0
server: cafe
etag: 16500369019378894752
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 19 Jan 2024 10:12:40 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3297 204 KB
65 KB 162ms
79ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: epicvidxpress.top
URL: https://epicvidxpress.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8941597d26275d5e8775ac804bffb1d86f749d0cfe471777800a4543e4b65603

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://2a48ddfbf39fe56ba666c456fa5b8c49.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 12:01:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65775
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1704286440049996"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 05 Jan 2024 12:01:00 GMT

GET
H2 200 f9d9b65dbd646119ce96bad0f484d579.js Show response
www.gstatic.com/mysidia/ Frame 3297 37 KB
16 KB 69ms
20ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: epicvidxpress.top
URL: https://epicvidxpress.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://2a48ddfbf39fe56ba666c456fa5b8c49.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 01 Jan 2024 13:56:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 338657
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15460
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 22:13:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 31 Mar 2024 13:56:43 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240103/r20110914/elements/html/ Frame 0AEF 22 KB
9 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240103/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: 2a48ddfbf39fe56ba666c456fa5b8c49.safeframe.googlesyndication.com
URL: https://2a48ddfbf39fe56ba666c456fa5b8c49.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a519c62e734157227e61ce5209158e1b7b484b5f2b68e3ccaed1ffe444de36d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://2a48ddfbf39fe56ba666c456fa5b8c49.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 14:50:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76242
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9422
x-xss-protection: 0
server: cafe
etag: 10624764489894593518
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 18 Jan 2024 14:50:18 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 0AEF 205 B
519 B 71ms
26ms Image
image/png 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: 2a48ddfbf39fe56ba666c456fa5b8c49.safeframe.googlesyndication.com
URL: https://2a48ddfbf39fe56ba666c456fa5b8c49.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://2a48ddfbf39fe56ba666c456fa5b8c49.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 22:20:28 GMT
x-content-type-options: nosniff
age: 49232
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 03 Jan 2025 22:20:28 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 0AEF 604 B
695 B 72ms
27ms Image
image/png 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: 2a48ddfbf39fe56ba666c456fa5b8c49.safeframe.googlesyndication.com
URL: https://2a48ddfbf39fe56ba666c456fa5b8c49.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://2a48ddfbf39fe56ba666c456fa5b8c49.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 22:26:16 GMT
x-content-type-options: nosniff
age: 48884
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 03 Jan 2025 22:26:16 GMT

GET
H3 200 a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js Show response
pagead2.googlesyndication.com/bg/ Frame 8FF7 50 KB
19 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js

Requested by

Host: epicvidxpress.top
URL: https://epicvidxpress.top/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6bf1da233645c84549609f619670d4d3e946ac61d516fd53e597c10ad100608a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://2a48ddfbf39fe56ba666c456fa5b8c49.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 08:10:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 273050
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19601
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 01 Jan 2025 08:10:10 GMT

GET
H3 200 container.html Show response
2a48ddfbf39fe56ba666c456fa5b8c49.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4922 6 KB
3 KB 20ms
19ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://2a48ddfbf39fe56ba666c456fa5b8c49.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 05 Jan 2024 12:01:00 GMT
expires: Sat, 04 Jan 2025 12:01:00 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 e21910fd923a6283b5d44b2382eabc86.js Show response
www.gstatic.com/mysidia/ Frame 4922 9 KB
4 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/e21910fd923a6283b5d44b2382eabc86.js?tag=client_fast_engine_2019

Requested by

Host: 2a48ddfbf39fe56ba666c456fa5b8c49.safeframe.googlesyndication.com
URL: https://2a48ddfbf39fe56ba666c456fa5b8c49.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

27d5ba2175dc395614adb2c69fe9f4bff9abddef3a7c6e3e30a68587f428a37b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://2a48ddfbf39fe56ba666c456fa5b8c49.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 01:04:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 298601
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4064
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 22:13:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 01 Apr 2024 01:04:19 GMT

GET
H2 200 7ca5503b6f68308c9181edc3b7183bce.js Show response
www.gstatic.com/mysidia/ Frame 4922 146 KB
54 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/7ca5503b6f68308c9181edc3b7183bce.js?tag=video_mra/web_raspberry_ms

Requested by

Host: 2a48ddfbf39fe56ba666c456fa5b8c49.safeframe.googlesyndication.com
URL: https://2a48ddfbf39fe56ba666c456fa5b8c49.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55dd9eed726a8798e11f15fcce5cd244bb49ecc3d2c89086b9b2c77dfc257773

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://2a48ddfbf39fe56ba666c456fa5b8c49.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 04:32:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 26936
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54810
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 22:13:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 04 Apr 2024 04:32:04 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 4922 21 KB
1 KB 29ms
29ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500%2C700

Requested by

Host: 2a48ddfbf39fe56ba666c456fa5b8c49.safeframe.googlesyndication.com
URL: https://2a48ddfbf39fe56ba666c456fa5b8c49.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d888389dfe8da504b233c3698d941ebbf649bfd865d100e4f5b18c28b95a944a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://2a48ddfbf39fe56ba666c456fa5b8c49.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 05 Jan 2024 12:01:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 05 Jan 2024 10:38:07 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 05 Jan 2024 12:01:00 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/v0/ Frame 4922 110 KB
33 KB 132ms
45ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-analytics-0.1.js

Requested by

Host: 2a48ddfbf39fe56ba666c456fa5b8c49.safeframe.googlesyndication.com
URL: https://2a48ddfbf39fe56ba666c456fa5b8c49.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

10a9496c968fb01e420759b953e1c683c7620261d4d04ae9a290d42dd63d4455

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://2a48ddfbf39fe56ba666c456fa5b8c49.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Fri, 05 Jan 2024 12:01:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32187
x-xss-protection: 0
server: sffe
etag: "f62e83b3b94bc414"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 05 Jan 2024 12:01:01 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/ Frame 4922 2 KB
822 B 20ms
20ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: 2a48ddfbf39fe56ba666c456fa5b8c49.safeframe.googlesyndication.com
URL: https://2a48ddfbf39fe56ba666c456fa5b8c49.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://2a48ddfbf39fe56ba666c456fa5b8c49.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 14:37:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77014
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 18 Jan 2024 14:37:27 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240103/r20110914/ Frame 4922 23 KB
9 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240103/r20110914/abg_lite_fy2021.js

Requested by

Host: 2a48ddfbf39fe56ba666c456fa5b8c49.safeframe.googlesyndication.com
URL: https://2a48ddfbf39fe56ba666c456fa5b8c49.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://2a48ddfbf39fe56ba666c456fa5b8c49.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 14:37:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77014
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9276
x-xss-protection: 0
server: cafe
etag: 3558958386372919956
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 18 Jan 2024 14:37:27 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/ Frame 4922 3 KB
1 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/window_focus_fy2021.js

Requested by

Host: 2a48ddfbf39fe56ba666c456fa5b8c49.safeframe.googlesyndication.com
URL: https://2a48ddfbf39fe56ba666c456fa5b8c49.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://2a48ddfbf39fe56ba666c456fa5b8c49.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 14:37:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77014
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 18 Jan 2024 14:37:27 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/ Frame 4922 20 KB
8 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 2a48ddfbf39fe56ba666c456fa5b8c49.safeframe.googlesyndication.com
URL: https://2a48ddfbf39fe56ba666c456fa5b8c49.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2f764c969a82705ba7838239087f5ff9b33e978b6bae2657e299b6b14c30ad7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://2a48ddfbf39fe56ba666c456fa5b8c49.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 10:12:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6500
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8523
x-xss-protection: 0
server: cafe
etag: 16500369019378894752
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 19 Jan 2024 10:12:40 GMT

GET
H2 200 f9d9b65dbd646119ce96bad0f484d579.js Show response
www.gstatic.com/mysidia/ Frame 4922 37 KB
15 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: 2a48ddfbf39fe56ba666c456fa5b8c49.safeframe.googlesyndication.com
URL: https://2a48ddfbf39fe56ba666c456fa5b8c49.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://2a48ddfbf39fe56ba666c456fa5b8c49.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 01 Jan 2024 13:56:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 338658
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15460
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 22:13:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 31 Mar 2024 13:56:43 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 58ms
57ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202401020101&jk=4457737963636539&bg=!xsWlxYrNAAY3kmNgF5I7ADQBe5WfOLNkLA3Iz7zaFt8zOLMbhJvufDsC-ZO0uP0pvInLT9_8cqoVoJKKiEvps4L6NxVRAgAAADJSAAAAAWgBBwoAIuJZjVKYblwFN_qyy8lHDEiO96vbx5r9ih0hQnXRrq1kFIKZArKfyIW7-NJns7S5s3cqiqrPVw_8pSpKoyUi9SgcE1gNmLbt07ffQ_KZ0pF9xCEIfngtM3oz7_u7UdAdBzNj3gX011CsDFgeCU4grU4OQOpfGDwQcXx1Dsu2ZVG6ta4ueTkuTpzFgP3lLumyFz6xze6AlmotIewGE0BferE5zL_zc6o-J0_wNv0V2PGtsMe_25C2kwG0r46S32yBwV1vQBBX0ndauHBJYtDCsAX3TD1daKXtFFuT0ImNwHEKaHwTS6s46SRxMWfwcSpH7X1NAEIFDus1WHPjiSc7yqCd641sH_M2X0nbDLDxDy5mzIdAIibH3j33QF666vrF9XQLrS1ZrBDAlEzwALNcnK3hU-NALFnh7TN84dHJ0SsnwsdGrj13240Q5hdEiltiDda1m9KQvDRGQUwwxdhp6UMFcpVXgqyK56221SXWwQZxzXshSdAxLQqBzMaHg65BeGuvNXSHHIbHVeINjQCrZMtg5qUOpkts6aGDQqVMSQdzpFat0y_6YSadFxoT20XATAgxDHrneBpYaBM4Uy8TenE0Tw3gG03gRUcOHfmyEy0S41c7NcllyTthUKSg7mvQohA_hEEJnxRm8uvrfnWysMUh3wy1HWLGA1rHxHjcCCBc_9fYPzxabdr8BxP7jSr7VMvxXA2bXkMR3an_HAafuSkcC9_85JkF-FPlsGMSHgsWLRyyEjZl1YTa7Q21NHeeeM-ni2UJF5Wf3BTwfO3wN4CQr3RHTK4_JyoTMj_VnqPuDDJNUcj9dpqCJuwEYD7bMbukC1uBdKXyKGcwgH5z1es02Pb8NXZNFjN480dSu6hcWnS-FCknKN-hcSyuKK7kv6Ta5p0Pm8NPH4E1JDn5GeJDE-sewU1NEv8LFLQMEXehZVuk793uxfFLMLGZhk1k7OX9pQXrhzM
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/1856816249274088883/ Frame 4922 2 KB
2 KB 20ms
20ms Image
image/jpeg 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1856816249274088883/14763004658117789537?w=100&h=100&tw=1&q=75

Requested by

Host: 2a48ddfbf39fe56ba666c456fa5b8c49.safeframe.googlesyndication.com
URL: https://2a48ddfbf39fe56ba666c456fa5b8c49.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e7e5c0747f275579862e6ad01ad34cfcf8f686d707080b94f1b1794e8be05d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://2a48ddfbf39fe56ba666c456fa5b8c49.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Fri, 03 Jan 2025 21:39:30 GMT
date: Thu, 04 Jan 2024 21:39:30 GMT
x-content-type-options: nosniff
age: 51691
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1928
x-xss-protection: 0
last-modified: Fri, 19 Aug 2022 10:40:00 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
DATA 200
OK truncated
/ Frame 4922 216 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 81cacd6b187878c8eb795e61e66c648ee76c410dafc63852de35290c1e56f9f1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H2 204 csi
csi.gstatic.com/ Frame 4922 0
54 B 168ms
67ms Ping
image/gif 2a00:1450:400d:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lr0l4pre&c=7334582726855&slotId=3667291363427.5&qqid=CLj9k9CZxoMDFfUQVQgdSmkPdg&sei=44752538%2C75259414%2C420706098&nsei=44714510%2C44729911%2C44730425%2C44730426%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=rda&ulv=1&ua_e=1
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/7ca5503b6f68308c9181edc3b7183bce.js?tag=video_mra/web_raspberry_ms
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400d:802::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://2a48ddfbf39fe56ba666c456fa5b8c49.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Jan 2024 12:01:01 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/6723226110736500675/ Frame 4922 111 KB
111 KB 79ms
78ms Image
image/jpeg 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6723226110736500675/14763004658117789537

Requested by

Host: 2a48ddfbf39fe56ba666c456fa5b8c49.safeframe.googlesyndication.com
URL: https://2a48ddfbf39fe56ba666c456fa5b8c49.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d43cc8bc9ef109d38cd66460dc6c3e853070dbb067d70448c9dc0ff30d9fa41d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://2a48ddfbf39fe56ba666c456fa5b8c49.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

allow-fenced-frame-automatic-beacons: true
date: Fri, 05 Jan 2024 12:01:01 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113353
x-xss-protection: 0
last-modified: Fri, 19 Aug 2022 10:40:03 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 04 Jan 2025 12:01:01 GMT

GET
H3

206

videoplayback
r3---sn-5hne6nsd.gvt1.com/ Frame 4922
Redirect Chain

https://redirector.gvt1.com/videoplayback?id=510dfb01281471a4&itag=18&source=web_video_ads&requiressl=yes&cmo=secure_transport=yes&ip=0.0.0.0&ipbits=0&expire=1704463260&sparams=ip,ipbits,expire,id,...
https://r3---sn-5hne6nsd.gvt1.com/videoplayback?id=510dfb01281471a4&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1704463260&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,m...

727 KB
727 KB

59ms
14ms

Media
video/mp4

2a00:1450:400e:4::8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r3---sn-5hne6nsd.gvt1.com/videoplayback?id=510dfb01281471a4&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1704463260&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,requiressl,source&signature=646B00026287FC3EDF99A462096851D52C7DE203.4AA7505C49B6F879AE9CBEC74CB89565EA5F9B2D&key=cms1&cms_redirect=yes&mh=nm&mip=2001:1af8:4700:a069:35::3&mm=28&mn=sn-5hne6nsd&ms=nvh&mt=1704454978&mv=u&mvi=3&pl=57

Requested by

Host: 2a48ddfbf39fe56ba666c456fa5b8c49.safeframe.googlesyndication.com
URL: https://2a48ddfbf39fe56ba666c456fa5b8c49.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

2a00:1450:400e:4::8 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

dfaadf1b4a2467226eca2424d6025d32d3b3eb404922b49ae53e7c98fa8fd3c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://2a48ddfbf39fe56ba666c456fa5b8c49.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

client-protocol: quic
date: Fri, 05 Jan 2024 12:01:01 GMT
x-content-type-options: nosniff
last-modified: Thu, 08 Jun 2023 11:42:23 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
Content-Range: bytes 0-744790/744791
cache-control: private, max-age=6899
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 744791
expires: Fri, 05 Jan 2024 12:01:01 GMT

Redirect headers

pragma: no-cache
date: Fri, 05 Jan 2024 12:01:01 GMT
x-content-type-options: nosniff
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://r3---sn-5hne6nsd.gvt1.com/videoplayback?id=510dfb01281471a4&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1704463260&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,requiressl,source&signature=646B00026287FC3EDF99A462096851D52C7DE203.4AA7505C49B6F879AE9CBEC74CB89565EA5F9B2D&key=cms1&cms_redirect=yes&mh=nm&mip=2001:1af8:4700:a069:35::3&mm=28&mn=sn-5hne6nsd&ms=nvh&mt=1704454978&mv=u&mvi=3&pl=57
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 712
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 4922 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 68e8b48c8436c872a110764de5c6d920ed936f3a68cb133e50a5338e93bc8c09

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 4922 33 KB
34 KB 67ms
20ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://2a48ddfbf39fe56ba666c456fa5b8c49.safeframe.googlesyndication.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 04:01:15 GMT
x-content-type-options: nosniff
age: 287986
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 01 Jan 2025 04:01:15 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 4922 0
54 B 137ms
67ms Ping
image/gif 2a00:1450:400d:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lr0l4prj&c=7334582726855&slotId=3667291363427.5&qqid=CLj9k9CZxoMDFfUQVQgdSmkPdg&umsem=0&ape=1&ple=1&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fwww.gstatic.com%252Fmysidia%252Fe21910fd923a6283b5d44b2382eabc86.js%253Ftag%253Dclient_fast_engine_2019&encoded_body_size=0&transfer_size=0
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/7ca5503b6f68308c9181edc3b7183bce.js?tag=video_mra/web_raspberry_ms
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400d:802::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://2a48ddfbf39fe56ba666c456fa5b8c49.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Jan 2024 12:01:01 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 4922 0
234 B 136ms
67ms Ping
image/gif 2a00:1450:400d:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=3~lr0l4psf&c=7334582726855&slotId=3667291363427.5&qqid=CLj9k9CZxoMDFfUQVQgdSmkPdg&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fwww.gstatic.com%252Fmysidia%252F7ca5503b6f68308c9181edc3b7183bce.js%253Ftag%253Dvideo_mra%252Fweb_raspberry_ms&encoded_body_size=0&transfer_size=0
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/7ca5503b6f68308c9181edc3b7183bce.js?tag=video_mra/web_raspberry_ms
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400d:802::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://2a48ddfbf39fe56ba666c456fa5b8c49.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Jan 2024 12:01:01 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 4922 0
54 B 137ms
68ms Ping
image/gif 2a00:1450:400d:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=4~lr0l4psg&c=7334582726855&slotId=3667291363427.5&qqid=CLj9k9CZxoMDFfUQVQgdSmkPdg&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fwww.gstatic.com%252Fmysidia%252Ff9d9b65dbd646119ce96bad0f484d579.js%253Ftag%253Dmysidia_one_click_handler_one_afma_2019&encoded_body_size=0&transfer_size=0
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/7ca5503b6f68308c9181edc3b7183bce.js?tag=video_mra/web_raspberry_ms
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400d:802::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://2a48ddfbf39fe56ba666c456fa5b8c49.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Jan 2024 12:01:01 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H3 204 adview
securepubads.g.doubleclick.net/pagead/ Frame 0
0 55ms
55ms Preflight
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/adview?ai=CL1CPfO-XZbjPHPWh1PIPytK9sAevrbiZbNzN6-vpEIOsjb2RDhABIJLQ4pcBYJGEgID4F6AB7ubB-QPIAQmpAgfENCuTWrI-4AIAqAMByAMKqgSWAk_QH8e-V9zomuV0iPTKoIJ310Z0XpCPjL8UnrGTgG1xVkehI6VLYDKtKHUHAfr7vfx6Y7J90PtS_W5Rk1dfSTEtaMiswCLCS55AdYFoW8wYzgvALHBiEyUWMxn9T7sMMEPyGvaFtOAQ2U44GHI7WsP6mqdwtjr4Hsl8m4dMrU0RikENpkYAZC_WwZhZoW6NlKTED76bQPjNF3ZwhZykxDbLHLkr7IhGgT8A95GcZsqOyCzHBUP8g0vcSomhU2kgxPMKUNfWzfucW0JDpMgyBhcsjgMO2vWslnkkyXSk7YIEvatl_lBmwBXO5_cnItgt4_l7pfQPLmZ7y7loGCce5E7VPuJh7xCKzLDhKHwOKUCOgqhjabG0wASB8qKLlQTgBAGIBciO1LZDkgUECAQYAZIFBAgFGASgBi6AB_qYvgaoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHBBCA1hLSCB8IgOGAEBABGB0yAqoCOgKAQEi9_cE6WN_Y_M-ZxoMDmgkZaHR0cHM6Ly93d3cuZ29zaWRlc2lnbi5ubIAKA8gLAaIMCCoGCgSsurEC4g0TCMOA_c-ZxoMDFfUQVQgdSmkPdrgTnBvYEw3QFQGAFwGyFx8KHQgAEhRwdWItMzc0NjAzNzUyNTMwOTA0ORi99IwB&sigh=4vJVXp8_fIc&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTgAvHhf_vaKKOiQpn4RG7Ezje91f5CczEXzIuFDWcLbywmEBHdL8-kWw5LBvMc3GMgjyVUv845fh2VnDmfT0D2gQ7Y8SWwzYlgmHPSAiKxgB&template_id=3484&cbvp=2&vis=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://2a48ddfbf39fe56ba666c456fa5b8c49.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://2a48ddfbf39fe56ba666c456fa5b8c49.safeframe.googlesyndication.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 05 Jan 2024 12:01:01 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 4922
Redirect Chain

https://securepubads.g.doubleclick.net/pagead/adview?ai=CL1CPfO-XZbjPHPWh1PIPytK9sAevrbiZbNzN6-vpEIOsjb2RDhABIJLQ4pcBYJGEgID4F6AB7ubB-QPIAQmpAgfENCuTWrI-4AIAqAMByAMKqgSWAk_QH8e-V9zomuV0iPTKoIJ310Z0...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2210285172116558542267%22,%22debug_reporting%22:true,%22destination%22:%22https://gosidesign.nl%22,%22event_report_window%22...

0
0

98ms
55ms

Fetch
text/css

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2210285172116558542267%22,%22debug_reporting%22:true,%22destination%22:%22https://gosidesign.nl%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221060139886%22],%2222%22:[%22true%22],%224%22:[%2201-05%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%229894403901381160593%22}&andc=true

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://2a48ddfbf39fe56ba666c456fa5b8c49.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 12:01:01 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"10285172116558542267","debug_reporting":true,"destination":"https://gosidesign.nl","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1060139886"],"22":["true"],"4":["01-05"],"6":["true"]},"priority":"500","source_event_id":"9894403901381160593"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: null
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 05 Jan 2024 12:01:01 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 05 Jan 2024 12:01:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"10285172116558542267","debug_reporting":true,"destination":"https://gosidesign.nl","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1060139886"],"22":["true"],"4":["01-05"],"6":["true"]},"priority":"500","source_event_id":"9894403901381160593"}&andc=true
access-control-allow-origin: https://2a48ddfbf39fe56ba666c456fa5b8c49.safeframe.googlesyndication.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 4922 42 B
671 B 108ms
61ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CpNvVfO-XZbjPHPWh1PIPytK9sAevrbiZbNzN6-vpEIOsjb2RDhABIJLQ4pcBYJGEgID4F6AB7ubB-QPIAQmpAgfENCuTWrI-4AIAqAMByAMKqgSZAk_QH8e-V9zomuV0iPTKoIJ310Z0XpCPjL8UnrGTgG1xVkehI6VLYDKtKHUHAfr7vfx6Y7J90PtS_W5Rk1dfSTEtaMiswCLCS55AdYFoW8wYzgvALHBiEyUWMxn9T7sMMEPyGvaFtOAQ2U44GHI7WsP6mqdwtjr4Hsl8m4dMrU0RikENpkYAZC_WwZhZoW6NlKTED76bQPjNF3ZwhZykxDbLHLkr7IhGgT8A95GcZsqOyCzHBUP8g0vcSomhU2kgxPMKUNfWzfucW0JDpMgyBhcsjgMO2vWslnkkyXSk7YIEvatl_lBmwBXO5_cnItgt47t5hGbnoNdQdAhbxal4C-jpHOjJ5T6SPnt3TpOivWiimkLIwJoLbFrlwASB8qKLlQTgBAGIBciO1LZDoAYugAf6mL4GqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAqgHyqmxAqgH66WxAtgHANIIHwiA4YAQEAEYHTICqgI6AoBASL39wTpY39j8z5nGgwOxCezdFm_MCc0NgAoDmAsByAsBgAwBogwIKgYKBKy6sQLaDBAKChCQj_DLgqn3ylISAgEDqg0CTkzIDQHiDRMIw4D9z5nGgwMV9RBVCB1KaQ92uBOcG9gTDdAVAfgWAYAXAQ&sigh=bkEVJhcjFNw&cid=CAQSTgAvHhf_vaKKOiQpn4RG7Ezje91f5CczEXzIuFDWcLbywmEBHdL8-kWw5LBvMc3GMgjyVUv845fh2VnDmfT0D2gQ7Y8SWwzYlgmHPSAiKw&label=adresume

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://2a48ddfbf39fe56ba666c456fa5b8c49.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Jan 2024 12:01:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 102ms
55ms Preflight
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: null
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 05 Jan 2024 12:01:01 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 4922 42 B
64 B 60ms
60ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://2a48ddfbf39fe56ba666c456fa5b8c49.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Jan 2024 12:01:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 4922 0
54 B 66ms
66ms Ping
image/gif 2a00:1450:400d:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=5~lr0l4psg&c=7334582726855&slotId=3667291363427.5&qqid=CLj9k9CZxoMDFfUQVQgdSmkPdg&dm=15000&event_name=first_play&asset_bytes=24876&video_bytes=0&cached_data_bytes=0&js_cached=false&css_cached=false&num_assets=9&num_assets_cached=0&num_assets_cache_validated=0&num_assets_unmeasurable=3&video_played_seconds=0.00&video_muted=true&video_seconds_loaded=0.00&met.4=vil.lr0l4px1~vfl.lr0l4pyo~ff.lr0l4q41
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/7ca5503b6f68308c9181edc3b7183bce.js?tag=video_mra/web_raspberry_ms
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400d:802::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://2a48ddfbf39fe56ba666c456fa5b8c49.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Jan 2024 12:01:02 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 19ms
19ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-WLZL2VXMY6&gtm=45je4130v9174282890&_p=1704456059927&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1694924171.1704456060&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1704456059&sct=1&seg=0&dl=https%3A%2F%2Fepicvidxpress.top%2F&dt=Play%20Free%20H5%20Games%20On%20Mobile&en=scroll&epn.percent_scrolled=90&_et=4&tfd=7298
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WLZL2VXMY6
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Jan 2024 12:01:04 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://epicvidxpress.top
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 17ms
17ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-DWX6Q6TDMK&gtm=45je4130v9117603054&_p=1704456059927&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1694924171.1704456060&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1704456060&sct=1&seg=0&dl=https%3A%2F%2Fepicvidxpress.top%2F&dt=Play%20Free%20H5%20Games%20On%20Mobile&en=scroll&epn.percent_scrolled=90&_et=18&tfd=7394
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DWX6Q6TDMK&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Jan 2024 12:01:05 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://epicvidxpress.top
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: epicvidxpress.top
URL: https://epicvidxpress.top/img/placeholder-img.png

Verdicts & Comments Add Verdict or Comment

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.epicvidxpress.top/	1970-01-21 03:03:36	Name: _ga Value: GA1.1.1694924171.1704456060
.epicvidxpress.top/	1970-01-21 03:03:36	Name: _ga_WLZL2VXMY6 Value: GS1.1.1704456059.1.0.1704456059.0.0.0
.epicvidxpress.top/	1970-01-21 03:03:36	Name: _ga_DWX6Q6TDMK Value: GS1.1.1704456060.1.0.1704456060.0.0.0
.epicvidxpress.top/	1970-01-21 02:49:12	Name: __gads Value: ID=22a021d9ab9efd27:T=1704456060:RT=1704456060:S=ALNI_MYOGoeEFx6TE6hIVlWHRpdqAYEd2w
.epicvidxpress.top/	1970-01-21 02:49:12	Name: __gpi Value: UID=00000d39e24ff2e5:T=1704456060:RT=1704456060:S=ALNI_MY2Ej-531twLTbHb1-BoFJheWG6Mw
.doubleclick.net/	1970-01-21 02:49:12	Name: IDE Value: AHWqTUm3uk4SzjnyJQuH59Qej0saCTl2Y-N5vgOSWfSPKzNLN_gxri1CcxGN37p7F4U
.googleadservices.com/	1970-01-20 19:37:12	Name: ar_debug Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2a48ddfbf39fe56ba666c456fa5b8c49.safeframe.googlesyndication.com
cdn.ampproject.org
csi.gstatic.com
epicvidxpress.top
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
icons.gamescdn.top
img.gamescdn.top
pagead2.googlesyndication.com
r3---sn-5hne6nsd.gvt1.com
redirector.gvt1.com
region1.google-analytics.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
epicvidxpress.top
142.250.184.194
2001:4860:4802:32::36
2606:4700::6812:d20
2a00:1450:4001:801::2001
2a00:1450:4001:80f::2008
2a00:1450:4001:813::2003
2a00:1450:4001:813::2004
2a00:1450:4001:81c::2001
2a00:1450:4001:81c::200e
2a00:1450:4001:829::2002
2a00:1450:4001:82f::2001
2a00:1450:4001:830::2002
2a00:1450:4001:830::2003
2a00:1450:4001:831::2002
2a00:1450:4001:831::200a
2a00:1450:400d:802::2003
2a00:1450:400e:4::8
2a06:98c1:3121::3
03a9732a284ff72c3d00943622ed6373e3bb5e191e29a34067ac2ceda1ea82a3
05389fc73eefe0b2c5890c9795577f9928e5a79269814f439c5ad2f236f0b376
05df3cad76a1402f69aa2760864c0cd926d0851fb519f99c383436fe9d935afb
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
10a9496c968fb01e420759b953e1c683c7620261d4d04ae9a290d42dd63d4455
124cb2f0e41be1fd24ebed287f3f4b68b352e175682309e762e5be6e85d00af0
1a45780e45a6bd202925017e88874504340d358954255f856b9dda2d1b91a76a
1c821299d2781dddc4b2c65be12e2fbc5bac2a2f0261b147213118b89e279268
2409a2c102ce0e6785c1189d06c2f2290c50942399f152bf5789b83e7ccd4040
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
27d5ba2175dc395614adb2c69fe9f4bff9abddef3a7c6e3e30a68587f428a37b
27ed0c369b9828c02eaad94ce961e1f5600074534b5b6755dd5ce40b97da3245
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2f764c969a82705ba7838239087f5ff9b33e978b6bae2657e299b6b14c30ad7f
2fe2f71f1264bb6e7e75300c6033e01c3bfa6906bdfb8b52af44e1f159d819c3
3057d28b021d09ed610a53bec6a454d9c52e533b42de3a7bd98785e18b6ef6bd
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
329a3ac535ea6351a75f9874f54f30e0399f4ed157ed3359b1dfa927715c0138
32b91d5ec02be7ce67c27600475672174cdac50359fcac8ea859ff99026a361b
36a0a6c8008edba3f4e4395cac75825207ff3aaccab1942043c07eac4c544490
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
4217d79c81940cb5c94fbcbc0ea862f63ceea169b26cebd2819fd6e8016ff398
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
48679aa4e044572045a5b00006dd7da050406d75f3c258f14430fbcd21143e5d
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4dcaeddd646fbacc2222460871c640fd6aaf14665e48707b9c7d0175c93b13b6
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55dd9eed726a8798e11f15fcce5cd244bb49ecc3d2c89086b9b2c77dfc257773
58b0a3cd52f5153bcb4618dff7d7ae18cdb8172ecffd1fd1cb3299ada1399a0a
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5ce837de165c4c112d0b7f68db8f99d0aef1a0f07beb96190e879553f2c50c46
611f7b2548a11963f63d9994b153cdd1398d5c002e32796bfcb7447bcf900735
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
651ed70430e4737f1f0e1a434885775eff39dd4c2ca12aabfef27c8420d57118
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
68e8b48c8436c872a110764de5c6d920ed936f3a68cb133e50a5338e93bc8c09
6bf1da233645c84549609f619670d4d3e946ac61d516fd53e597c10ad100608a
7861d93d06289bda52f2433d5ff400696bbb42ba1f6244d23edcaabf4bd523e6
7a519c62e734157227e61ce5209158e1b7b484b5f2b68e3ccaed1ffe444de36d
7e7e5c0747f275579862e6ad01ad34cfcf8f686d707080b94f1b1794e8be05d3
81cacd6b187878c8eb795e61e66c648ee76c410dafc63852de35290c1e56f9f1
8538fa1e11fa1334100b86b0c251b8ffa0b51f5db3e732c23963053686a93dc7
8941597d26275d5e8775ac804bffb1d86f749d0cfe471777800a4543e4b65603
8eea61d19aa7b20d21b6399accd3ffd71bba489a914d16918d6dc5f247ee3f18
95232335bdfd81a894d671bfc27dbe02b625b2f55db681a0371cb64641f77e28
97673b17dbfe222c6e3cb6ac91acd9e29423b0df11e0b346d3334f51f45853f0
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
9f38e2ea23de8b6a4211d06f9cc7ab9d9a6648089807932d37955535567a5b17
ab6d62afefb8b82d4dc908c6ae42f243484be1f61a6edda9861264531fed55be
b067331ad1876e66c4d8326689e20dbae9756d951e8df5c32352213c9041dd33
b2b97daa2380d8a23680dfe47ccf05bae6fe46776c27252e407c0883a9b8a8c0
b972da1f9da0a7237139330c766844fb6b62defe8795c06e8549842aaa0d67e6
bdf4435732ca3ed3cf58319b21f06687291769c50aadf9307308643509b4d8a5
c3bac454398b9ab6b0b7f6ca6a4c373a6283518c42f5c1666c440d57a1b3c9ed
c6019cbd552c7084cd15a88c1e0e6cf6037ccfb48a671e4a84d2355305cde74d
c6817017ea726813a03949e064003f0913f4b21e50cb7b44cd11be68bab3f2cf
c8cca5b91e945e4f7e73fa2b6e1e196e890c26b4d06fc2ebf410a212436c41c9
cad52abe3cbc69d127f3edc0c0572fb98632d6eb224ee789a97aefcac74cbc6f
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
d1fee0e275eff6d223e9845ca7aee343e0f4ea7b74b8e33b3b37088e559fce0b
d43cc8bc9ef109d38cd66460dc6c3e853070dbb067d70448c9dc0ff30d9fa41d
d888389dfe8da504b233c3698d941ebbf649bfd865d100e4f5b18c28b95a944a
db44d8504bfbf14188282273e766e931080ff6f79fdaa7c22131180e08f095a4
dd0e864bd7605658db1930286ef3ade510f8e61bacf8300b2e55ebd652cf6015
dfaadf1b4a2467226eca2424d6025d32d3b3eb404922b49ae53e7c98fa8fd3c8
e0ac2d7c621ca4a369aa66c1671bff5aad25e4c8646a6893bfc712f12ac1d8aa
e2c1c288a0340f9a2b10517d1eece34605ff15ceb0ac8fe3e48d9ad6d9bd7712
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e48674b241f95ad53f6658a3f4250964ad6d79634b4143c27776e2d111990e93
eba9b16c03039a33cee52098bc6e98ef6db42f6dfd73375b4a57d467f6c472cb
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f116dab807b0851d1ed064614bb23ccb0ae6eca2ffe0e55772338f74523e6d04
f5fe697231799e673cc4c803efdd485944bd2801821c14dc197d227b53b6e3e2
f6f98694f7389af1070549544728075f0941676b00d2a8932551f632d15c3c97
f95947207b92a2bbc58bc796f047170d841ca463b1e5111afb4357236638b069
fb914ac5557187fecf29dbaa36ccff8393133e8eff5ebdedcc610f5775f3a719
ffeec111a9a35e15a6388676b81ce7543deb5f3d4306399abebe5fd2f72f5928

epicvidxpress.top Open in urlscan Pro 2a06:98c1:3121::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

100 Requests

97 %HTTPS

94 %IPv6

13 Domains

20 Subdomains

18 IPs

3 Countries

2195 kBTransfer

3871 kBSize

7 Cookies

0 Outgoing links

Page URL History

Redirected requests

100 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

epicvidxpress.top Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Screenshot
Live screenshot

Full Image

100
Requests

97 %
HTTPS

94 %
IPv6

13
Domains

20
Subdomains

18
IPs

3
Countries

2195 kB
Transfer

3871 kB
Size

7
Cookies

100 HTTP transactions
3 data transactions