th.y8.com Open in urlscan Pro
161.35.246.134 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://bit.ly/42OMkwc
Effective URL:
https://th.y8.com/games/body_race
Submission: On September 29 via manual (September 29th 2023, 10:58:19 am UTC) from TH — Scanned from DE

Summary HTTP 245 Redirects Links 28 Behaviour Indicators

Summary

This website contacted 60 IPs in 10 countries across 48 domains to perform 245 HTTP transactions. The main IP is 161.35.246.134, located in Amsterdam, Netherlands and belongs to DIGITALOCEAN-ASN, US. The main domain is th.y8.com. The Cisco Umbrella rank of the primary domain is 569730.
TLS certificate: Issued by R3 on September 12th 2023. Valid for: 3 months.

This is the only time th.y8.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	67.199.248.11 67.199.248.11	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
16	161.35.246.134 161.35.246.134	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
39	212.102.56.166 212.102.56.166	60068 (CDN77 ^_^) (CDN77 ^_^)
6	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
26	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	23.45.238.53 23.45.238.53	16625 (AKAMAI-AS) (AKAMAI-AS)
2	104.236.66.218 104.236.66.218	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
3	156.146.33.2 156.146.33.2	60068 (CDN77 ^_^) (CDN77 ^_^)
1	2600:9000:211... 2600:9000:211e:a000:5:4275:8dc0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:80b::2008	15169 (GOOGLE) (GOOGLE)
2	37.157.6.243 37.157.6.243	198622 (ADFORM) (ADFORM)
3	51.75.86.98 51.75.86.98	16276 (OVH) (OVH)
1	18.193.11.140 18.193.11.140	16509 (AMAZON-02) (AMAZON-02)
1 6	185.89.210.153 185.89.210.153	29990 (ASN-APPNEX) (ASN-APPNEX)
2	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
2 4	104.18.26.193 104.18.26.193	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	34.249.150.14 34.249.150.14	16509 (AMAZON-02) (AMAZON-02)
3	89.149.192.193 89.149.192.193	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	52.29.101.205 52.29.101.205	16509 (AMAZON-02) (AMAZON-02)
3	3.64.91.193 3.64.91.193	16509 (AMAZON-02) (AMAZON-02)
1	13.224.189.55 13.224.189.55	16509 (AMAZON-02) (AMAZON-02)
8	54.195.243.149 54.195.243.149	16509 (AMAZON-02) (AMAZON-02)
7	63.35.62.205 63.35.62.205	16509 (AMAZON-02) (AMAZON-02)
1	146.190.225.138 146.190.225.138	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
4	188.166.66.250 188.166.66.250	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
22	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
2 6	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
1	99.86.4.47 99.86.4.47	16509 (AMAZON-02) (AMAZON-02)
3	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:225... 2600:9000:225a:6000:17:cf8d:4bc0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	52.51.37.68 52.51.37.68	16509 (AMAZON-02) (AMAZON-02)
1	54.154.17.207 54.154.17.207	16509 (AMAZON-02) (AMAZON-02)
8	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
2	2600:9000:225... 2600:9000:2250:e200:4:cd76:8580:93a1	16509 (AMAZON-02) (AMAZON-02)
1	99.86.4.107 99.86.4.107	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:5514	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:80f::2006	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1 1	151.101.66.49 151.101.66.49	54113 (FASTLY) (FASTLY)
4 15	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
2 2	35.204.158.49 35.204.158.49	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
1 1	85.114.159.118 85.114.159.118	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2 2	213.155.156.169 213.155.156.169	1299 (TWELVE99 ...) (TWELVE99 Arelion)
1	178.250.7.11 178.250.7.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 2	23.35.237.56 23.35.237.56	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
1	2620:116:800d... 2620:116:800d:21:c5a4:625:6563:a5bb	16509 (AMAZON-02) (AMAZON-02)
2 2	35.157.117.145 35.157.117.145	16509 (AMAZON-02) (AMAZON-02)
2	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
2 2	37.157.5.132 37.157.5.132	198622 (ADFORM) (ADFORM)
2	2a00:1450:400... 2a00:1450:400a:800::2003	15169 (GOOGLE) (GOOGLE)
2	104.18.24.18 104.18.24.18	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
1	23.35.236.188 23.35.236.188	16625 (AKAMAI-AS) (AKAMAI-AS)
1	18.198.87.254 18.198.87.254	16509 (AMAZON-02) (AMAZON-02)
1 2	52.46.151.131 52.46.151.131	16509 (AMAZON-02) (AMAZON-02)
3	104.18.27.193 104.18.27.193	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:20:... 2606:4700:20::ac43:4a81	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	98.98.134.243 98.98.134.243	21859 (ZEN-ECN) (ZEN-ECN)
1 1	193.0.160.130 193.0.160.130	54312 (ROCKETFUEL) (ROCKETFUEL)
1 2	52.211.144.29 52.211.144.29	16509 (AMAZON-02) (AMAZON-02)
245	60

1 67.199.248.11 (United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: bit.ly

bit.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 161.35.246.134 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)

th.y8.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

39 212.102.56.166 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: 283200969.fra.cdn77.com

img.y8.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.45.238.53 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-45-238-53.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.236.66.218 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: matomomysql2.nyc3.y8.net

matomo.y8.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 156.146.33.2 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: 150299569.fra.cdn77.com

cdn.y8.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:211e:a000:5:4275:8dc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

html5.gamedistribution.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.6.243 (Denmark)

ASN198622 (ADFORM, DK)

adx.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 51.75.86.98 (France)

ASN16276 (OVH, FR)
PTR: ip98.ip-51-75-86.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.193.11.140 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-193-11-140.eu-central-1.compute.amazonaws.com

tlx.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.89.210.153 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

adsparc-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.18.26.193 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.249.150.14 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-249-150-14.eu-west-1.compute.amazonaws.com

ice.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 89.149.192.193 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

prg.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.29.101.205 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-101-205.eu-central-1.compute.amazonaws.com

grid.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.64.91.193 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-64-91-193.eu-central-1.compute.amazonaws.com

btlr.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.189.55 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-55.fra2.r.cloudfront.net

html5.api.gamedistribution.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 54.195.243.149 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-195-243-149.eu-west-1.compute.amazonaws.com

msgrt.gamedistribution.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 63.35.62.205 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-35-62-205.eu-west-1.compute.amazonaws.com

game.api.gamedistribution.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tag.atom.gamedistribution.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.190.225.138 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: playtomicfront1.ams3.y8.net

playtomic.y8.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 188.166.66.250 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: web2.ams3.y8.net

account.y8.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

e9ffdf102aaa25794a78949e864234b8.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.47 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-47.fra6.r.cloudfront.net

cdn.gamemonkey.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

ana.headerlift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pub.headerlift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:225a:6000:17:cf8d:4bc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

pm.azerioncircle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.51.37.68 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-37-68.eu-west-1.compute.amazonaws.com

tracker.gamemonkey.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.154.17.207 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-154-17-207.eu-west-1.compute.amazonaws.com

tracker-v4.gamedock.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2250:e200:4:cd76:8580:93a1 (United States)

ASN16509 (AMAZON-02, US)

hb.improvedigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.107 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-107.fra6.r.cloudfront.net

img.gamedistribution.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.66.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 142.250.185.66 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.204.158.49 (Groningen, Netherlands) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.158.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.193.173 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

gcm.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ius.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.118 (Weil am Rhein, Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.169 (Sweden) 2 redirects

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.7.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.35.237.56 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-56.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:678:cb4:bbbb::11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:c5a4:625:6563:a5bb (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.157.117.145 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-117-145.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.5.132 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400a:800::2003 (Zurich, Switzerland)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.24.18 (None, )

ASN13335 (CLOUDFLARENET, US)

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.236.188 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-188.deploy.static.akamaitechnologies.com

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.198.87.254 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-87-254.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.46.151.131 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.18.27.193 (None, )

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:4a81 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 98.98.134.243 (United States)

ASN21859 (ZEN-ECN, US)
PTR: ddos.com

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.0.160.130 (United States) 1 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.211.144.29 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-211-144-29.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
65	y8.com th.y8.com — Cisco Umbrella Rank: 569730 img.y8.com — Cisco Umbrella Rank: 98372 matomo.y8.com — Cisco Umbrella Rank: 117438 cdn.y8.com — Cisco Umbrella Rank: 105908 playtomic.y8.com — Cisco Umbrella Rank: 114988 account.y8.com — Cisco Umbrella Rank: 83726	1 MB
49	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 122 e9ffdf102aaa25794a78949e864234b8.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 169	430 KB
29	doubleclick.net 4 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 235 googleads.g.doubleclick.net — Cisco Umbrella Rank: 66 cm.g.doubleclick.net — Cisco Umbrella Rank: 329	331 KB
18	gamedistribution.com html5.gamedistribution.com — Cisco Umbrella Rank: 50168 html5.api.gamedistribution.com — Cisco Umbrella Rank: 51290 msgrt.gamedistribution.com — Cisco Umbrella Rank: 46026 game.api.gamedistribution.com — Cisco Umbrella Rank: 52184 tag.atom.gamedistribution.com — Cisco Umbrella Rank: 46201 img.gamedistribution.com — Cisco Umbrella Rank: 60984	177 KB
11	gstatic.com fonts.gstatic.com www.gstatic.com csi.gstatic.com	73 KB
7	googleapis.com imasdk.googleapis.com — Cisco Umbrella Rank: 657 fonts.googleapis.com — Cisco Umbrella Rank: 113	360 KB
7	casalemedia.com 2 redirects htlb.casalemedia.com — Cisco Umbrella Rank: 803 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 781 dsum-sec.casalemedia.com — Cisco Umbrella Rank: 1026	5 KB
7	adnxs.com 1 redirects ib.adnxs.com — Cisco Umbrella Rank: 360 acdn.adnxs.com — Cisco Umbrella Rank: 960	21 KB
6	google.com 2 redirects www.google.com — Cisco Umbrella Rank: 11	2 KB
5	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 331	110 KB
4	adform.net 2 redirects adx.adform.net — Cisco Umbrella Rank: 3884 c1.adform.net — Cisco Umbrella Rank: 954	2 KB
3	headerlift.com ana.headerlift.com — Cisco Umbrella Rank: 51907 pub.headerlift.com — Cisco Umbrella Rank: 48719	1 KB
3	sharethrough.com btlr.sharethrough.com — Cisco Umbrella Rank: 1680	460 B
3	smartadserver.com prg.smartadserver.com — Cisco Umbrella Rank: 2163	2 KB
3	360yield.com ice.360yield.com — Cisco Umbrella Rank: 2683	930 B
3	onetag-sys.com onetag-sys.com — Cisco Umbrella Rank: 1153	395 B
2	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 319	2 KB
2	amazon-adsystem.com 1 redirects s.amazon-adsystem.com — Cisco Umbrella Rank: 429	2 KB
2	indexww.com js-sec.indexww.com — Cisco Umbrella Rank: 1069 cdn.indexww.com — Cisco Umbrella Rank: 2483	2 KB
2	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 637	297 B
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 1562	2 KB
2	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 1432 r.turn.com — Cisco Umbrella Rank: 6191	869 B
2	teads.tv 1 redirects sync.teads.tv — Cisco Umbrella Rank: 2022	453 B
2	de17a.com 2 redirects d5p.de17a.com — Cisco Umbrella Rank: 7132	655 B
2	ctnsnet.com 2 redirects gcm.ctnsnet.com — Cisco Umbrella Rank: 51511 ius.ctnsnet.com — Cisco Umbrella Rank: 13762	1 KB
2	simpli.fi 2 redirects um.simpli.fi — Cisco Umbrella Rank: 1332	1 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 254	115 KB
2	improvedigital.com hb.improvedigital.com — Cisco Umbrella Rank: 46750	232 KB
2	gamemonkey.org cdn.gamemonkey.org — Cisco Umbrella Rank: 69088 tracker.gamemonkey.org — Cisco Umbrella Rank: 40978	12 KB
2	bidswitch.net grid.bidswitch.net — Cisco Umbrella Rank: 1511 x.bidswitch.net — Cisco Umbrella Rank: 614	506 B
2	openx.net adsparc-d.openx.net — Cisco Umbrella Rank: 161462 u.openx.net — Cisco Umbrella Rank: 1024	465 B
2	3lift.com tlx.3lift.com — Cisco Umbrella Rank: 970 eb2.3lift.com — Cisco Umbrella Rank: 713	708 B
1	rfihub.com 1 redirects p.rfihub.com — Cisco Umbrella Rank: 1417	759 B
1	sitescout.com pixel-sync.sitescout.com — Cisco Umbrella Rank: 1186	187 B
1	ad4m.at ad4m.at — Cisco Umbrella Rank: 10446
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 1260	464 B
1	criteo.com dis.criteo.com — Cisco Umbrella Rank: 910	363 B
1	adition.com 1 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 2164	587 B
1	everesttech.net 1 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 1237	544 B
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 408	17 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 558	9 KB
1	gamedock.io tracker-v4.gamedock.io — Cisco Umbrella Rank: 52895
1	azerioncircle.com pm.azerioncircle.com — Cisco Umbrella Rank: 53829	50 KB
1	google-analytics.com ssl.google-analytics.com — Cisco Umbrella Rank: 668	17 KB
1	addthis.com s7.addthis.com — Cisco Umbrella Rank: 4286	361 B
1	bit.ly 1 redirects bit.ly — Cisco Umbrella Rank: 6347	287 B
0	1rx.io Failed tag.1rx.io Failed
0	districtm.io Failed dmx.districtm.io Failed cdn.districtm.io Failed
245	48

	Domain	Requested by
39	img.y8.com	th.y8.com img.y8.com
26	pagead2.googlesyndication.com	th.y8.com securepubads.g.doubleclick.net html5.api.gamedistribution.com tpc.googlesyndication.com pagead2.googlesyndication.com imasdk.googleapis.com googleads.g.doubleclick.net
22	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com th.y8.com pagead2.googlesyndication.com cdn.ampproject.org googleads.g.doubleclick.net
16	th.y8.com	th.y8.com img.y8.com
15	cm.g.doubleclick.net	4 redirects googleads.g.doubleclick.net
8	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
8	msgrt.gamedistribution.com	html5.api.gamedistribution.com
7	www.gstatic.com	googleads.g.doubleclick.net
6	www.google.com	2 redirects tpc.googlesyndication.com googleads.g.doubleclick.net
6	ib.adnxs.com	1 redirects img.y8.com acdn.adnxs.com
6	securepubads.g.doubleclick.net	th.y8.com securepubads.g.doubleclick.net googleads.g.doubleclick.net
5	fonts.googleapis.com	securepubads.g.doubleclick.net googleads.g.doubleclick.net
5	cdn.ampproject.org	securepubads.g.doubleclick.net
5	tag.atom.gamedistribution.com	html5.api.gamedistribution.com
4	account.y8.com	cdn.y8.com
3	dsum-sec.casalemedia.com	1 redirects ssum-sec.casalemedia.com
3	ssum-sec.casalemedia.com	1 redirects js-sec.indexww.com ssum-sec.casalemedia.com
3	btlr.sharethrough.com	img.y8.com
3	prg.smartadserver.com	img.y8.com
3	ice.360yield.com	img.y8.com
3	onetag-sys.com	img.y8.com
3	cdn.y8.com	th.y8.com cdn.y8.com
2	dpm.demdex.net	1 redirects ssum-sec.casalemedia.com
2	s.amazon-adsystem.com	1 redirects ssum-sec.casalemedia.com
2	csi.gstatic.com	securepubads.g.doubleclick.net
2	c1.adform.net	2 redirects
2	match.adsrvr.org	googleads.g.doubleclick.net ssum-sec.casalemedia.com
2	pm.w55c.net	2 redirects
2	sync.teads.tv	1 redirects
2	d5p.de17a.com	2 redirects
2	um.simpli.fi	2 redirects
2	www.googletagservices.com	googleads.g.doubleclick.net
2	fonts.gstatic.com	fonts.googleapis.com
2	imasdk.googleapis.com	html5.api.gamedistribution.com imasdk.googleapis.com
2	hb.improvedigital.com	html5.api.gamedistribution.com hb.improvedigital.com
2	ana.headerlift.com	html5.api.gamedistribution.com
2	game.api.gamedistribution.com	html5.api.gamedistribution.com
2	adx.adform.net	img.y8.com
2	matomo.y8.com	th.y8.com matomo.y8.com
1	cdn.indexww.com	ssum-sec.casalemedia.com
1	p.rfihub.com	1 redirects
1	pixel-sync.sitescout.com	ssum-sec.casalemedia.com
1	ad4m.at	ssum-sec.casalemedia.com
1	x.bidswitch.net
1	acdn.adnxs.com	img.y8.com
1	eb2.3lift.com	img.y8.com
1	js-sec.indexww.com	img.y8.com
1	u.openx.net	img.y8.com
1	ius.ctnsnet.com	1 redirects
1	cms.quantserve.com	googleads.g.doubleclick.net
1	r.turn.com
1	ad.turn.com	1 redirects
1	dis.criteo.com	googleads.g.doubleclick.net
1	dsp.adfarm1.adition.com	1 redirects
1	gcm.ctnsnet.com	1 redirects
1	sync-tm.everesttech.net	1 redirects
1	s0.2mdn.net	imasdk.googleapis.com
1	cdn.jsdelivr.net	hb.improvedigital.com
1	pub.headerlift.com	hb.improvedigital.com
1	img.gamedistribution.com
1	tracker-v4.gamedock.io	html5.api.gamedistribution.com
1	tracker.gamemonkey.org	cdn.gamemonkey.org
1	pm.azerioncircle.com	html5.api.gamedistribution.com
1	cdn.gamemonkey.org	html5.api.gamedistribution.com
1	e9ffdf102aaa25794a78949e864234b8.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	playtomic.y8.com	cdn.y8.com
1	html5.api.gamedistribution.com	html5.gamedistribution.com
1	grid.bidswitch.net	img.y8.com
1	htlb.casalemedia.com	img.y8.com
1	adsparc-d.openx.net	img.y8.com
1	tlx.3lift.com	img.y8.com
1	ssl.google-analytics.com	th.y8.com
1	html5.gamedistribution.com	img.y8.com
1	s7.addthis.com	th.y8.com
1	bit.ly	1 redirects
0	cdn.districtm.io Failed	img.y8.com
0	tag.1rx.io Failed	img.y8.com
0	dmx.districtm.io Failed	img.y8.com
245	78

This site contains links to these domains. Also see Links.

Domain
www.y8.com
twitter.com
www.instagram.com
www.facebook.com
forum.y8.com
ru.y8.com
fr.y8.com
de.y8.com
it.y8.com
el.y8.com
he.y8.com
hi.y8.com
ro.y8.com
es.y8.com
tl.y8.com
zh.y8.com
nl.y8.com
vi.y8.com
tr.y8.com
pt.y8.com
pl.y8.com
ko.y8.com
ja.y8.com
id.y8.com
ar.y8.com
cryptoserval.io
discord.gg

Subject Issuer	Validity	Valid
y8.com R3	`2023-09-12` - `2023-12-11`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
odc-addthis-prod-01.oracle.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-07` - `2024-02-07`	a year	crt.sh
gamedistribution.com Amazon RSA 2048 M02	`2023-08-20` - `2024-09-18`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
track.adform.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-06` - `2024-09-19`	a year	crt.sh
*.onetag-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-28` - `2024-01-28`	a year	crt.sh
*.3lift.com Amazon RSA 2048 M02	`2023-04-13` - `2024-05-11`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
casalemedia.com Cloudflare Inc ECC CA-3	`2023-05-21` - `2024-05-20`	a year	crt.sh
*.360yield.com Amazon RSA 2048 M01	`2023-05-29` - `2024-06-26`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
*.sharethrough.com Amazon RSA 2048 M01	`2023-06-14` - `2024-07-12`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
gamemonkey.org Amazon RSA 2048 M01	`2023-04-26` - `2024-05-24`	a year	crt.sh
headerlift.com E1	`2023-08-07` - `2023-11-05`	3 months	crt.sh
*.azerioncircle.com Amazon RSA 2048 M02	`2023-09-10` - `2024-10-08`	a year	crt.sh
improvedigital.com Amazon RSA 2048 M01	`2023-03-06` - `2024-04-03`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-02` - `2024-05-01`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-26` - `2023-12-23`	3 months	crt.sh
quantserve.com R3	`2023-08-29` - `2023-11-27`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
indexww.com Cloudflare Inc ECC CA-3	`2023-09-05` - `2024-09-03`	a year	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2023-08-24` - `2024-08-24`	a year	crt.sh
*.sitescout.com GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2023-01-09` - `2024-02-02`	a year	crt.sh

This page contains 30 frames:

Primary Page: https://th.y8.com/games/body_race
Frame ID: 03A5B5FFBE33D5B611F56C09826133A4
Requests: 93 HTTP requests in this frame

Frame: https://html5.gamedistribution.com/cc4dc9fdf2494c2dab15ff17678d9602/?gd_sdk_referrer_url=https%3A%2F%2Fth.y8.com%2Fgames%2Fbody_race&key=y8&value=default
Frame ID: 6E0F120F43B62A0CDBD36D83E97A9B51
Requests: 44 HTTP requests in this frame

Frame: https://cdn.y8.com/Xd/xd_handler.html?version=44&xdm_e=https%3A%2F%2Fth.y8.com&xdm_c=id_xd_api&xdm_p=1
Frame ID: 8CC2908EFCB7F0C92CE707C13C3C3D79
Requests: 4 HTTP requests in this frame

Frame: https://e9ffdf102aaa25794a78949e864234b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: A13D55E1C2B3F125F0BFFCBC9114F685
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B93320F2848B4AA4A1B3395359ADA3D0
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 5EFA86A8CF1CF0C7AA8EFCA467825FA0
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230927/r20190131/zrt_lookup.html
Frame ID: E3FB927D1E41B9BC10A5CD99B028A0F4
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.593.1_en.html
Frame ID: B7E6A39B86FE8E76DB9B2C2DCB06F799
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 60F22BDDC1A61AF60E5C418EC9F13B99
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2316275586951220&output=html&adk=1812271804&adf=3279755397&plat=1%3A16777728%2C2%3A16777728%2C3%3A66048%2C4%3A66048%2C8%3A512%2C9%3A33280%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1049088%2C32%3A32%2C41%3A32%2C42%3A32&channel=4089988593&format=0x0&url=https%3A%2F%2Fth.y8.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695985093137&bpp=3&bdt=649&idt=220&shv=r20230927&mjsv=m202309250101&ptt=9&saldr=aa&nras=1&correlator=5705232052806&rume=1&frm=24&ife=1&pv=2&ga_vid=703023347.1695985093&ga_sid=1695985093&ga_hid=1918410299&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=450&ish=800&ifk=500929938&scr_x=-12245933&scr_y=-12245933&eid=44759926%2C44759875%2C31078215%2C21065724%2C31061691%2C31061693&oid=2&pvsid=1779559608651120&tmod=1915005458&uas=0&nvt=1&fsapi=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C450%2C800&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.qpyx2jtlbm5e&fsb=1&dtd=233
Frame ID: 101DDB7BBD8F4139CA0271B8DDE67F30
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012309151607000/amp4ads-v0.mjs
Frame ID: 2C16C9BEA263AC654D3EC02CC12FA5FA
Requests: 17 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 2A56207ACDDCAA00C44DBC3E7550910E
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 3D16D7A2D742FD4DBCC7E54395E0D8B2
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2316275586951220&output=html&h=800&adk=792072791&adf=2873238072&w=450&vpmute=0&channel=4089988593&format=450x800&url=https%3A%2F%2Fth.y8.com%2F&ea=0&pra=3&wgl=1&fa=10&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695985093753&bpp=2&bdt=1264&idt=2&shv=r20230927&mjsv=m202309250101&ptt=9&saldr=aa&prev_fmts=0x0&nras=2&correlator=5705232052806&rume=1&pv_ch=4089988593%2B&frm=24&ife=1&pv=1&ga_vid=703023347.1695985093&ga_sid=1695985093&ga_hid=1918410299&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=450&ish=800&ifk=500929938&scr_x=-12245933&scr_y=-12245933&eid=44759926%2C44759875%2C31078215%2C21065724%2C31061691%2C31061693&oid=2&pvsid=1779559608651120&tmod=1915005458&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C450%2C800&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=2&uci=2.lknzhm10vs68&fsb=1&dtd=5
Frame ID: 1A77F63DD099DE19BA4B1EBFBFA788F7
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2316275586951220&output=html&h=800&adk=792072791&adf=1300378861&w=450&vpmute=0&channel=4089988593&format=450x800&url=https%3A%2F%2Fth.y8.com%2F&ea=0&pra=3&wgl=1&fa=11&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695985093761&bpp=1&bdt=1273&idt=1&shv=r20230927&mjsv=m202309250101&ptt=9&saldr=aa&prev_fmts=0x0%2C450x800&nras=3&correlator=5705232052806&rume=1&pv_ch=4089988593%2B&frm=24&ife=1&pv=1&ga_vid=703023347.1695985093&ga_sid=1695985093&ga_hid=1918410299&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=450&ish=800&ifk=500929938&scr_x=-12245933&scr_y=-12245933&eid=44759926%2C44759875%2C31078215%2C21065724%2C31061691%2C31061693&oid=2&pvsid=1779559608651120&tmod=1915005458&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C450%2C800&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=3&uci=3.ebm642bzzb24&fsb=1&dtd=3
Frame ID: 079C9CA1D1C538B39D097FA144A8F074
Requests: 5 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 298462A52A5C9CCECE66B96954881E53
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: C01CD83A4455401629CA2849BF8939D2
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 86EEB7295126BDC0760AB5431892D11B
Requests: 9 HTTP requests in this frame

Frame: https://www.gstatic.com/mysidia/7a9087b9716ee70ebefd221ff96707f0.js?tag=client_fast_engine_2019
Frame ID: 84F6F1B7908F347EBA853EEE95397CE2
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 9D7CDACF98EF7C093BA17112C768428F
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 0DE8A6896D67AD5781256803B18457A5
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/AZPNdPW41i0A735LXHzaEcWTfL_m62UD5mZxauhIRCQ.js
Frame ID: 358197915DC5A5A0E85AA5061710AAD1
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/AZPNdPW41i0A735LXHzaEcWTfL_m62UD5mZxauhIRCQ.js
Frame ID: 6FBF4CB145A2354A087F59180E9BD780
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 32B1EF4CE9AF4D86297CE3928654A08C
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1695985092536
Frame ID: EDD7D8F20C7A2883EE2589E131F260E3
Requests: 1 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html
Frame ID: DD30995D1B82C6552F0EAC7CA9CF0523
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 28B7295099C145D0D4B290D2110E6A61
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 9EAE2BF69A316297CB303DC23BCC0AC6
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: B27F54949C18EDFBA3A5A4636658E1DB
Requests: 3 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fth.y8.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: D4BF4EDC83ED76AF9B572896E3BAE791
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

เกม Body Race - เล่นออนไลน์ที่ Y8.com

Page URL History Show full URLs

https://bit.ly/42OMkwc HTTP 301
https://th.y8.com/games/body_race Page URL

Detected technologies

AddThis (Widgets) Expand

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

/prebid\.js
adnxs\.com/[^"]*(?:prebid|/pb\.js)

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

245
Requests

92 %
HTTPS

34 %
IPv6

48
Domains

78
Subdomains

60
IPs

10
Countries

3008 kB
Transfer

8066 kB
Size

40
Cookies

28 Outgoing links

These are links going to different origins than the main page.

URL: https://www.y8.com/games/military_wars_3d_multiplayer
Title: Military Wars 3D Multiplayer

Search URL Search Domain Scan URL

URL: https://twitter.com/y8_com
Title: ติดตามเรา

Search URL Search Domain Scan URL

URL: https://www.instagram.com/y8.games/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Y8-Games-225100494185683/
Title: ติดตามเรา

Search URL Search Domain Scan URL

URL: https://forum.y8.com/
Title: ฟอรั่ม

Search URL Search Domain Scan URL

URL: https://www.y8.com/games/body_race
Title: English

Search URL Search Domain Scan URL

URL: https://ru.y8.com/games/body_race
Title: Руcский

Search URL Search Domain Scan URL

URL: https://fr.y8.com/games/body_race
Title: Français

Search URL Search Domain Scan URL

URL: https://de.y8.com/games/body_race
Title: Deutsch

Search URL Search Domain Scan URL

URL: https://it.y8.com/games/body_race
Title: Italiano

Search URL Search Domain Scan URL

URL: https://el.y8.com/games/body_race
Title: Ελληνικά

Search URL Search Domain Scan URL

URL: https://he.y8.com/games/body_race
Title: עברית

Search URL Search Domain Scan URL

URL: https://hi.y8.com/games/body_race
Title: हिंदी

Search URL Search Domain Scan URL

URL: https://ro.y8.com/games/body_race
Title: Română

Search URL Search Domain Scan URL

URL: https://es.y8.com/games/body_race
Title: Español

Search URL Search Domain Scan URL

URL: https://tl.y8.com/games/body_race
Title: Tagalog

Search URL Search Domain Scan URL

URL: https://zh.y8.com/games/body_race
Title: 中文

Search URL Search Domain Scan URL

URL: https://nl.y8.com/games/body_race
Title: Nederlands

Search URL Search Domain Scan URL

URL: https://vi.y8.com/games/body_race
Title: Việt

Search URL Search Domain Scan URL

URL: https://tr.y8.com/games/body_race
Title: Türkçe

Search URL Search Domain Scan URL

URL: https://pt.y8.com/games/body_race
Title: Português

Search URL Search Domain Scan URL

URL: https://pl.y8.com/games/body_race
Title: Polski

Search URL Search Domain Scan URL

URL: https://ko.y8.com/games/body_race
Title: 한국어

Search URL Search Domain Scan URL

URL: https://ja.y8.com/games/body_race
Title: 日本語

Search URL Search Domain Scan URL

URL: https://id.y8.com/games/body_race
Title: Indonesia

Search URL Search Domain Scan URL

URL: https://ar.y8.com/games/body_race
Title: العربية

Search URL Search Domain Scan URL

URL: https://cryptoserval.io/
Title: ลองเกม CryptoServal เกม NFT สนับสนุนโดย Y8.com

Search URL Search Domain Scan URL

URL: https://discord.gg/ba9yXhj
Title: Discord

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://bit.ly/42OMkwc HTTP 301
https://th.y8.com/games/body_race Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 198

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEOIsc9mwDWrUgnOi30aCorc&google_cver=1&google_push=AXcoOmT6qwzqrFelhYAbm3r-37pDdFS9-tQYaprCdEORguhdYKwECG6q5KhCyMZ6V-HUFsjV8trf2T22gUSKvGHDwOks5aAsjnOTNt2I HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEOIsc9mwDWrUgnOi30aCorc&google_push=AXcoOmT6qwzqrFelhYAbm3r-37pDdFS9-tQYaprCdEORguhdYKwECG6q5KhCyMZ6V-HUFsjV8trf2T22gUSKvGHDwOks5aAsjnOTNt2I

Request Chain 199

https://um.simpli.fi/gp_match?google_gid=CAESEKTIfIh6bB2X2k1MxsL6fYg&google_cver=1&google_push=AXcoOmTtkiTsPImP7vqVxmYDR7h0Biecx7-OacMEjGSHe7G2WD2JEQC-8gjvM1FfGRKZ-UHbqgNzLJyCN6QeFugg9wZXGfASixLfSP4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=CEDEF35E4763416A8452DC421D989789&google_push=AXcoOmTtkiTsPImP7vqVxmYDR7h0Biecx7-OacMEjGSHe7G2WD2JEQC-8gjvM1FfGRKZ-UHbqgNzLJyCN6QeFugg9wZXGfASixLfSP4

Request Chain 200

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEJN0ObrqVr1urWPhn2kE0wc&google_cver=1&google_push=AXcoOmSdA3n4AP-ARpEeJ_o5OyvEn2LXR0oT9F8MLxGQ4nQDT53C2oje6mdC8NF0Tr5OizZDmNNSxU2by-iqMi2pQBYdZ_M81txm7RMf HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmSdA3n4AP-ARpEeJ_o5OyvEn2LXR0oT9F8MLxGQ4nQDT53C2oje6mdC8NF0Tr5OizZDmNNSxU2by-iqMi2pQBYdZ_M81txm7RMf&google_hm=TsQidrS0T1-cTsm4fM4ei0o

Request Chain 201

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESECk64G0k_aTjlI6eYMDHh38&google_cver=1&google_push=AXcoOmROBqyjQKGPT_WEVKYqyiF9vPKHe1ZUszsvFhh1LIsrGwktUvKnO6NU60VZep8VtCzaanWH1c6aJxf3wUJZpdLVSb991v3N5E4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI4NDIwMDUxMzI0NTM0NTk0Mw%3D%3D&google_push=AXcoOmROBqyjQKGPT_WEVKYqyiF9vPKHe1ZUszsvFhh1LIsrGwktUvKnO6NU60VZep8VtCzaanWH1c6aJxf3wUJZpdLVSb991v3N5E4

Request Chain 202

https://d5p.de17a.com/cookies/google?google_gid=CAESEJyIuVg5CRCQ0-rt95m7Y8I&google_cver=1&google_push=AXcoOmSkQSQrEGaXMy8JTmGq97FIakhIjVHfNuM0YKyo4_QEbdVjO5Rd8iK8bG4Hz7pK0a4MKCSYOGLQxp1F3GbquLh3uxR7YycGIZy- HTTP 302
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEJyIuVg5CRCQ0-rt95m7Y8I&google_cver=1&google_push=AXcoOmSkQSQrEGaXMy8JTmGq97FIakhIjVHfNuM0YKyo4_QEbdVjO5Rd8iK8bG4Hz7pK0a4MKCSYOGLQxp1F3GbquLh3uxR7YycGIZy- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmSkQSQrEGaXMy8JTmGq97FIakhIjVHfNuM0YKyo4_QEbdVjO5Rd8iK8bG4Hz7pK0a4MKCSYOGLQxp1F3GbquLh3uxR7YycGIZy-

Request Chain 204

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEH4nMPAuQusoGs6gwudUzcc&google_cver=1&google_push=AXcoOmRKhrZOb09Gmjzu7iR5BUFH3usnnH7FZt8hwVM6E51GCHX_e6iN_-F74uvwN_2aF5CkK73L1f979ihk_ZaJYEBCG1KezFH33vJGBw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmRKhrZOb09Gmjzu7iR5BUFH3usnnH7FZt8hwVM6E51GCHX_e6iN_-F74uvwN_2aF5CkK73L1f979ihk_ZaJYEBCG1KezFH33vJGBw HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 206

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 212

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEIPg3DsPv8CyZsTgmD59iLc&google_cver=1&google_push=AXcoOmSmnQ_WmoZ8CaABEnbDI7-Va4ADbQjAJlVIJsd8aPReq0XPGPfEv5zFsUmYw3oPNx6haodqvcjzrlQl3fsrfFzdF825UZi-Syi6 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDQ5Mjc2MjA1MDIxNDEwMjAzOA==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEIPg3DsPv8CyZsTgmD59iLc&google_cver=1

Request Chain 214

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEDeFdPbUQfSINbA0THNj-Xw&google_cver=1&google_push=AXcoOmQrqEV0KHRqltXXIGDzBjEU4dI1lynliJG-BT8ci0pMhvVnv-Qol9IO0P6j-o_vC1ZgWKV3bSvMuB1c8eSKQ6dQYTCBeE_uRBaP HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEDeFdPbUQfSINbA0THNj-Xw&google_cver=1&google_push=AXcoOmQrqEV0KHRqltXXIGDzBjEU4dI1lynliJG-BT8ci0pMhvVnv-Qol9IO0P6j-o_vC1ZgWKV3bSvMuB1c8eSKQ6dQYTCBeE_uRBaP HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=VFNBZ0JQSUYxUU1iY2k1&google_gid=CAESEDeFdPbUQfSINbA0THNj-Xw&google_cver=1&google_push=AXcoOmQrqEV0KHRqltXXIGDzBjEU4dI1lynliJG-BT8ci0pMhvVnv-Qol9IO0P6j-o_vC1ZgWKV3bSvMuB1c8eSKQ6dQYTCBeE_uRBaP

Request Chain 215

https://um.simpli.fi/gp_match?google_gid=CAESEKTIfIh6bB2X2k1MxsL6fYg&google_cver=1&google_push=AXcoOmQAkV_9yJgv3ubw9JnXag9E8oPto6S-APK37ckHI7igattVdgpZurF877x3ssA4TFexkuyKKnYq6-aKlv4DPI9vkzHxltyNFXO3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=CEDEF35E4763416A8452DC421D989789&google_push=AXcoOmQAkV_9yJgv3ubw9JnXag9E8oPto6S-APK37ckHI7igattVdgpZurF877x3ssA4TFexkuyKKnYq6-aKlv4DPI9vkzHxltyNFXO3

Request Chain 217

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEBYrixLSwCP7G7x-11YIpd4&google_cver=1&google_push=AXcoOmR5F90jZwN9LsKwTmO2WvFVAlL3kFWSpqxiqqv_oZDMO0RuvXYiRROQNgrmVByZ1DHNGM1H_J4QypkdRc9DbkJsyprEZnAUBMRF HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEBYrixLSwCP7G7x-11YIpd4&google_cver=1&google_push=AXcoOmR5F90jZwN9LsKwTmO2WvFVAlL3kFWSpqxiqqv_oZDMO0RuvXYiRROQNgrmVByZ1DHNGM1H_J4QypkdRc9DbkJsyprEZnAUBMRF HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODQxNzY0NDQyNDM0ODk4OTIxNg&google_push=AXcoOmR5F90jZwN9LsKwTmO2WvFVAlL3kFWSpqxiqqv_oZDMO0RuvXYiRROQNgrmVByZ1DHNGM1H_J4QypkdRc9DbkJsyprEZnAUBMRF

Request Chain 218

https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESEACVIyDeNAicA2RuQKR57-s&google_cver=1&google_push=AXcoOmSs7I5KzwsFATjGHPvN28Z4fQmVG5SnSgwwhffu6pR2JHdFa29DPTYYCiQDXRYbB1CWJA9d0to3ZGz5RRV_I5yWKCnK32ZjTMyxiQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmSs7I5KzwsFATjGHPvN28Z4fQmVG5SnSgwwhffu6pR2JHdFa29DPTYYCiQDXRYbB1CWJA9d0to3ZGz5RRV_I5yWKCnK32ZjTMyxiQ&google_hm=TsQidrS0T1-cTsm4fM4ei0o

Request Chain 222

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 237

https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fth.y8.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fth.y8.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Request Chain 238

https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Request Chain 239

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZRatx-zhu3F2hU6t4P1hTQAABI8AAAIB&gpp=&gpp_sid= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZRatx-zhu3F2hU6t4P1hTQAABI8AAAIB&gpp=&gpp_sid=&dcc=t

Request Chain 241

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZRatx-zhu3F2hU6t4P1hTQAABI8AAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESENZUVA07PRpGEfcG7Ziv1io&google_cver=1

Request Chain 242

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZRatx.zhu3F2hU6t4P1hTQAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEAyaKCVX1TebaYfwu443i-0&google_cver=1&google_hm=2

Request Chain 245

https://p.rfihub.com/cm?in=1&pub=2079 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5108559730036173508

Request Chain 246

https://dpm.demdex.net/ibs:dpid=23728&dpuuid=ZRatx.zhu3F2hU6t4P1hTQAA%261167?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=ZRatx.zhu3F2hU6t4P1hTQAA%261167

245 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request body_race Show response
th.y8.com/games/
Redirect Chain

https://bit.ly/42OMkwc
https://th.y8.com/games/body_race

543 KB
107 KB

494ms
384ms

Document
text/html

161.35.246.134
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://th.y8.com/games/body_race

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.35.246.134 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

39a0beccdfc7f49006b149fac3ada88e4d2c2f23cbb1f623abfc1e6710f558ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=7200, public
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Fri, 29 Sep 2023 10:58:11 GMT
etag: W/"39a0beccdfc7f49006b149fac3ada88e"
origin-agent-cluster: ?0
p3p: CP="ALL DSP COR CURa ADMa DEVa OUR IND COM NAV"
referrer-policy: strict-origin-when-cross-origin
server: nginx
strict-transport-security: max-age=15552000
x-cache: MISS
x-cache-hits: 0
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-request-id: ef401fe7-be25-48b9-bbdc-17cb4694a0f4
x-rll: 1
x-xss-protection: 1; mode=block

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=90
content-length: 120
content-security-policy: referrer always;
content-type: text/html; charset=utf-8
date: Fri, 29 Sep 2023 10:58:11 GMT
location: https://th.y8.com/games/body_race
referrer-policy: unsafe-url
server: nginx
via: 1.1 google

GET
H2 200 KFOkCnqEu92Fr1Mu51xGIzIXKMnyrYk-1c68af6222f02fc9889a84b0a441a08dcb5277654c794f12c652ec8aa6ee738b.woff2
img.y8.com/assets/Roboto/ 0
9 KB 82ms
16ms Other
font/woff2 212.102.56.166
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://img.y8.com/assets/Roboto/KFOkCnqEu92Fr1Mu51xGIzIXKMnyrYk-1c68af6222f02fc9889a84b0a441a08dcb5277654c794f12c652ec8aa6ee738b.woff2

Requested by

Host: th.y8.com
URL: https://th.y8.com/games/body_race

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

212.102.56.166 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

283200969.fra.cdn77.com

Software

CDN77-Turbo /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://th.y8.com/
Origin: https://th.y8.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 29 Sep 2023 10:58:11 GMT
strict-transport-security: max-age=15552000
x-age-lb: 61, 1204839
x-77-cache: HIT
x-accel-date: 1694780252
content-length: 8756
x-77-nzt: A9RmOKWWEAr/Z2ISAIrHJcELPcj/PQAAAI/0Otgta/z/BAAAAA
x-accel-expires: @1726316252
x-77-age: 1204839
x-cache-lb: HIT, HIT
last-modified: Fri, 18 Aug 2023 12:13:49 GMT
server: CDN77-Turbo
etag: "64df607d-2234"
x-77-nzt-ray: c94de1100c7f08c7c3ad166578b2f539
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=172800
accept-ranges: bytes
expires: Sun, 20 Aug 2023 12:17:18 GMT

GET
H2 200 KFOkCnqEu92Fr1Mu51xIIzIXKMny-2e364314aeb354ef013856c8a481bbe58fe2d3b42eebf2e393f3919a96dc86bb.woff2
img.y8.com/assets/Roboto/ 0
13 KB 92ms
27ms Other
font/woff2 212.102.56.166
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://img.y8.com/assets/Roboto/KFOkCnqEu92Fr1Mu51xIIzIXKMny-2e364314aeb354ef013856c8a481bbe58fe2d3b42eebf2e393f3919a96dc86bb.woff2

Requested by

Host: th.y8.com
URL: https://th.y8.com/games/body_race

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

212.102.56.166 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

283200969.fra.cdn77.com

Software

CDN77-Turbo /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://th.y8.com/
Origin: https://th.y8.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 29 Sep 2023 10:58:11 GMT
strict-transport-security: max-age=15552000
x-age-lb: 61, 1204838
x-77-cache: HIT
x-accel-date: 1694780253
content-length: 12684
x-77-nzt: A9RmOKUmZ33/ZmISANRmOAGiVin/PQAAAI/0OowAre3/BQAAAA
x-accel-expires: @1726316251
x-77-age: 1204838
x-cache-lb: HIT, HIT
last-modified: Fri, 18 Aug 2023 12:13:49 GMT
server: CDN77-Turbo
etag: "64df607d-318c"
x-77-nzt-ray: c94de1100c7f08c7c3ad1665ce25fa39
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=172800
accept-ranges: bytes
expires: Sun, 20 Aug 2023 12:17:17 GMT

GET
H2 200 KFOjCnqEu92Fr1Mu51S7ACc0CsTYl4BOQ3o-ea55bf3a4c7df0b89d2621d00ede5ac11fcff8d141c73bfd73b719fdb4a35ab3.woff2
img.y8.com/assets/Roboto/ 0
9 KB 17ms
15ms Other
font/woff2 212.102.56.166
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://img.y8.com/assets/Roboto/KFOjCnqEu92Fr1Mu51S7ACc0CsTYl4BOQ3o-ea55bf3a4c7df0b89d2621d00ede5ac11fcff8d141c73bfd73b719fdb4a35ab3.woff2

Requested by

Host: th.y8.com
URL: https://th.y8.com/games/body_race

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

212.102.56.166 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

283200969.fra.cdn77.com

Software

CDN77-Turbo /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://th.y8.com/
Origin: https://th.y8.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 29 Sep 2023 10:58:11 GMT
strict-transport-security: max-age=15552000
x-age-lb: 61, 1204838
x-77-cache: HIT
x-accel-date: 1694780253
content-length: 8772
x-77-nzt: A9RmOKXQYcv/ZmISAJySIScV03D/PQAAAI/0Oti9uhT/BAAAAA
x-accel-expires: @1726316252
x-77-age: 1204838
x-cache-lb: HIT, HIT
last-modified: Fri, 18 Aug 2023 12:13:49 GMT
server: CDN77-Turbo
etag: "64df607d-2244"
x-77-nzt-ray: c94de1100c7f08c7c4ad1665bf0b0000
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=172800
accept-ranges: bytes
expires: Sun, 20 Aug 2023 12:17:18 GMT

GET
H2 200 KFOjCnqEu92Fr1Mu51S7ACc6CsTYl4BO-4d573eeb3047adbef9f92657e2731f1972ebd34da05d009f6b9311a7747b01bc.woff2
img.y8.com/assets/Roboto/ 0
13 KB 20ms
17ms Other
font/woff2 212.102.56.166
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://img.y8.com/assets/Roboto/KFOjCnqEu92Fr1Mu51S7ACc6CsTYl4BO-4d573eeb3047adbef9f92657e2731f1972ebd34da05d009f6b9311a7747b01bc.woff2

Requested by

Host: th.y8.com
URL: https://th.y8.com/games/body_race

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

212.102.56.166 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

283200969.fra.cdn77.com

Software

CDN77-Turbo /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://th.y8.com/
Origin: https://th.y8.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 29 Sep 2023 10:58:11 GMT
strict-transport-security: max-age=15552000
x-age-lb: 60, 1204838
x-77-cache: HIT
x-accel-date: 1694780253
content-length: 12732
x-77-nzt: A9RmOKV8uRP/ZmISANRmOJxH2aX/PAAAAI/0Osj1tXz/BQAAAA
x-accel-expires: @1726316252
x-77-age: 1204838
x-cache-lb: HIT, HIT
last-modified: Fri, 18 Aug 2023 12:13:49 GMT
server: CDN77-Turbo
etag: "64df607d-31bc"
x-77-nzt-ray: c94de1100c7f08c7c4ad1665f0be0300
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=172800
accept-ranges: bytes
expires: Sun, 20 Aug 2023 12:17:18 GMT

GET
H2 200 KFOjCnqEu92Fr1Mu51TzBic0CsTYl4BOQ3o-1c06dd2182d63370cf2361ff0f6609321a9aacadc22e3e903f7f27f7a0ac00a0.woff2
img.y8.com/assets/Roboto/ 0
9 KB 21ms
19ms Other
font/woff2 212.102.56.166
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://img.y8.com/assets/Roboto/KFOjCnqEu92Fr1Mu51TzBic0CsTYl4BOQ3o-1c06dd2182d63370cf2361ff0f6609321a9aacadc22e3e903f7f27f7a0ac00a0.woff2

Requested by

Host: th.y8.com
URL: https://th.y8.com/games/body_race

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

212.102.56.166 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

283200969.fra.cdn77.com

Software

CDN77-Turbo /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://th.y8.com/
Origin: https://th.y8.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 29 Sep 2023 10:58:11 GMT
strict-transport-security: max-age=15552000
x-age-lb: 60, 1204838
x-77-cache: HIT
x-accel-date: 1694780253
content-length: 8732
x-77-nzt: A9RmOKXhL1P/ZmISANRmOAnfk4z/PAAAAI/0OpX2ad3/BQAAAA
x-accel-expires: @1726316252
x-77-age: 1204838
x-cache-lb: HIT, HIT
last-modified: Fri, 18 Aug 2023 12:13:49 GMT
server: CDN77-Turbo
etag: "64df607d-221c"
x-77-nzt-ray: c94de1100c7f08c7c4ad16654bb80600
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=172800
accept-ranges: bytes
expires: Sun, 20 Aug 2023 12:17:18 GMT

GET
H2 200 KFOjCnqEu92Fr1Mu51TzBic6CsTYl4BO-fce4150b84832876cea771522f5badde33fd1aa584575b1da5ce27ffa2d0cbc3.woff2
img.y8.com/assets/Roboto/ 0
13 KB 24ms
22ms Other
font/woff2 212.102.56.166
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://img.y8.com/assets/Roboto/KFOjCnqEu92Fr1Mu51TzBic6CsTYl4BO-fce4150b84832876cea771522f5badde33fd1aa584575b1da5ce27ffa2d0cbc3.woff2

Requested by

Host: th.y8.com
URL: https://th.y8.com/games/body_race

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

212.102.56.166 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

283200969.fra.cdn77.com

Software

CDN77-Turbo /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://th.y8.com/
Origin: https://th.y8.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 29 Sep 2023 10:58:11 GMT
strict-transport-security: max-age=15552000
x-age-lb: 60, 1204838
x-77-cache: HIT
x-accel-date: 1694780253
content-length: 12724
x-77-nzt: A9RmOKWb/CT/ZmISANRmOAHTr5L/PAAAAI/0Ot02tnT/BQAAAA
x-accel-expires: @1726316252
x-77-age: 1204838
x-cache-lb: HIT, HIT
last-modified: Fri, 18 Aug 2023 12:13:49 GMT
server: CDN77-Turbo
etag: "64df607d-31b4"
x-77-nzt-ray: c94de1100c7f08c7c4ad1665161d0900
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=172800
accept-ranges: bytes
expires: Sun, 20 Aug 2023 12:17:18 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu7GxKKTU1Kvnz-ec61f28896616164bf95907900061e38917935bb25c3661943ebd9bdccebd100.woff2
img.y8.com/assets/Roboto/ 0
8 KB 30ms
28ms Other
font/woff2 212.102.56.166
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://img.y8.com/assets/Roboto/KFOmCnqEu92Fr1Mu7GxKKTU1Kvnz-ec61f28896616164bf95907900061e38917935bb25c3661943ebd9bdccebd100.woff2

Requested by

Host: th.y8.com
URL: https://th.y8.com/games/body_race

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

212.102.56.166 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

283200969.fra.cdn77.com

Software

CDN77-Turbo /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://th.y8.com/
Origin: https://th.y8.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 29 Sep 2023 10:58:12 GMT
strict-transport-security: max-age=15552000
x-age-lb: 61, 1204839
x-77-cache: HIT
x-accel-date: 1694780253
content-length: 7736
x-77-nzt: A9RmOKWFUyf/Z2ISANRmOJxaE0r/PQAAAI/0Ot2MvIT/BAAAAA
x-accel-expires: @1726316252
x-77-age: 1204839
x-cache-lb: HIT, HIT
last-modified: Fri, 18 Aug 2023 12:13:49 GMT
server: CDN77-Turbo
etag: "64df607d-1e38"
x-77-nzt-ray: c94de1100c7f08c7c4ad166530ba0b00
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=172800
accept-ranges: bytes
expires: Sun, 20 Aug 2023 12:17:18 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg-a69138ffd0f0223793b2c2ade4f531bb653668af83686b9f0620d66bc9e543a7.woff2
img.y8.com/assets/Roboto/ 0
11 KB 32ms
30ms Other
font/woff2 212.102.56.166
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://img.y8.com/assets/Roboto/KFOmCnqEu92Fr1Mu4mxKKTU1Kg-a69138ffd0f0223793b2c2ade4f531bb653668af83686b9f0620d66bc9e543a7.woff2

Requested by

Host: th.y8.com
URL: https://th.y8.com/games/body_race

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

212.102.56.166 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

283200969.fra.cdn77.com

Software

CDN77-Turbo /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://th.y8.com/
Origin: https://th.y8.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 29 Sep 2023 10:58:12 GMT
strict-transport-security: max-age=15552000
x-age-lb: 61, 1204839
x-77-cache: HIT
x-accel-date: 1694780253
content-length: 11028
x-77-nzt: A9RmOKW9TUf/Z2ISANRmOJmT4kv/PQAAAI/0OpUhA4L/BAAAAA
x-accel-expires: @1726316252
x-77-age: 1204839
x-cache-lb: HIT, HIT
last-modified: Fri, 18 Aug 2023 12:13:49 GMT
server: CDN77-Turbo
etag: "64df607d-2b14"
x-77-nzt-ray: c94de1100c7f08c7c4ad16651b4d0e00
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=172800
accept-ranges: bytes
expires: Sun, 20 Aug 2023 12:17:18 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fChc4AMP6lbBP-175df782ab3c0a817fa987427dfe5cd2a9a065f6c933d462587d446147d3b095.woff2
img.y8.com/assets/Roboto/ 0
8 KB 33ms
31ms Other
font/woff2 212.102.56.166
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://img.y8.com/assets/Roboto/KFOlCnqEu92Fr1MmEU9fChc4AMP6lbBP-175df782ab3c0a817fa987427dfe5cd2a9a065f6c933d462587d446147d3b095.woff2

Requested by

Host: th.y8.com
URL: https://th.y8.com/games/body_race

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

212.102.56.166 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

283200969.fra.cdn77.com

Software

CDN77-Turbo /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://th.y8.com/
Origin: https://th.y8.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 29 Sep 2023 10:58:12 GMT
strict-transport-security: max-age=15552000
x-age-lb: 61, 1204839
x-77-cache: HIT
x-accel-date: 1694780253
content-length: 7676
x-77-nzt: A9RmOKWKRIH/Z2ISANRmOJx/RGf/PQAAAI/0Ot0/qi//BQAAAA
x-accel-expires: @1726316251
x-77-age: 1204839
x-cache-lb: HIT, HIT
last-modified: Fri, 18 Aug 2023 12:13:49 GMT
server: CDN77-Turbo
etag: "64df607d-1dfc"
x-77-nzt-ray: c94de1100c7f08c7c4ad166553da1000
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=172800
accept-ranges: bytes
expires: Sun, 20 Aug 2023 12:17:17 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ-a99ad93b4199b8adf117cde98a8ac35e90d0af149a03c63b53bb35ecaa8ed8b7.woff2
img.y8.com/assets/Roboto/ 0
11 KB 33ms
31ms Other
font/woff2 212.102.56.166
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://img.y8.com/assets/Roboto/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ-a99ad93b4199b8adf117cde98a8ac35e90d0af149a03c63b53bb35ecaa8ed8b7.woff2

Requested by

Host: th.y8.com
URL: https://th.y8.com/games/body_race

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

212.102.56.166 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

283200969.fra.cdn77.com

Software

CDN77-Turbo /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://th.y8.com/
Origin: https://th.y8.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 29 Sep 2023 10:58:12 GMT
strict-transport-security: max-age=15552000
x-age-lb: 61, 1204839
x-77-cache: HIT
x-accel-date: 1694780253
content-length: 11072
x-77-nzt: A9RmOKWolNH/Z2ISANRmOBEVcsn/PQAAAI/0OpX6vNn/BAAAAA
x-accel-expires: @1726316252
x-77-age: 1204839
x-cache-lb: HIT, HIT
last-modified: Fri, 18 Aug 2023 12:13:49 GMT
server: CDN77-Turbo
etag: "64df607d-2b40"
x-77-nzt-ray: c94de1100c7f08c7c4ad166546431200
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=172800
accept-ranges: bytes
expires: Sun, 20 Aug 2023 12:17:18 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfChc4AMP6lbBP-659f1f22d3e77c433b4cc35aee81f231339774b11488dcdf14578a7d35046837.woff2
img.y8.com/assets/Roboto/ 0
8 KB 33ms
32ms Other
font/woff2 212.102.56.166
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://img.y8.com/assets/Roboto/KFOlCnqEu92Fr1MmWUlfChc4AMP6lbBP-659f1f22d3e77c433b4cc35aee81f231339774b11488dcdf14578a7d35046837.woff2

Requested by

Host: th.y8.com
URL: https://th.y8.com/games/body_race

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

212.102.56.166 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

283200969.fra.cdn77.com

Software

CDN77-Turbo /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://th.y8.com/
Origin: https://th.y8.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 29 Sep 2023 10:58:12 GMT
strict-transport-security: max-age=15552000
x-age-lb: 61, 1204839
x-77-cache: HIT
x-accel-date: 1694780253
content-length: 7676
x-77-nzt: A9RmOKUIQWD/Z2ISANRmOJl0gp3/PQAAAI/0OpWfuFH/BAAAAA
x-accel-expires: @1726316252
x-77-age: 1204839
x-cache-lb: HIT, HIT
last-modified: Fri, 18 Aug 2023 12:13:49 GMT
server: CDN77-Turbo
etag: "64df607d-1dfc"
x-77-nzt-ray: c94de1100c7f08c7c4ad16650f861300
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=172800
accept-ranges: bytes
expires: Sun, 20 Aug 2023 12:17:18 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ-d9275135124c4b8b42b4d1dc397e3721b36a7489009a740d535eae07718bd0d6.woff2
img.y8.com/assets/Roboto/ 0
11 KB 34ms
32ms Other
font/woff2 212.102.56.166
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://img.y8.com/assets/Roboto/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ-d9275135124c4b8b42b4d1dc397e3721b36a7489009a740d535eae07718bd0d6.woff2

Requested by

Host: th.y8.com
URL: https://th.y8.com/games/body_race

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

212.102.56.166 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

283200969.fra.cdn77.com

Software

CDN77-Turbo /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://th.y8.com/
Origin: https://th.y8.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 29 Sep 2023 10:58:12 GMT
strict-transport-security: max-age=15552000
x-age-lb: 60, 1204839
x-77-cache: HIT
x-accel-date: 1694780253
content-length: 11040
x-77-nzt: A9RmOKVfQIH/Z2ISANRmOJyKhkj/PAAAAI/0Ot06jXn/BQAAAA
x-accel-expires: @1726316252
x-77-age: 1204839
x-cache-lb: HIT, HIT
last-modified: Fri, 18 Aug 2023 12:13:49 GMT
server: CDN77-Turbo
etag: "64df607d-2b20"
x-77-nzt-ray: c94de1100c7f08c7c4ad16656da21400
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=172800
accept-ranges: bytes
expires: Sun, 20 Aug 2023 12:17:18 GMT

GET
H2 200 XRXI3I6Li01BKofiOc5wtlZ2di8HDDsmdTQ3j6zbXWjgeg-d1bc99418e071a7b8049643660e7ee0e89ed7a67b58146a2bb915f4825c0d85e.woff2
img.y8.com/assets/Nunito/ 0
14 KB 34ms
32ms Other
font/woff2 212.102.56.166
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://img.y8.com/assets/Nunito/XRXI3I6Li01BKofiOc5wtlZ2di8HDDsmdTQ3j6zbXWjgeg-d1bc99418e071a7b8049643660e7ee0e89ed7a67b58146a2bb915f4825c0d85e.woff2

Requested by

Host: th.y8.com
URL: https://th.y8.com/games/body_race

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

212.102.56.166 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

283200969.fra.cdn77.com

Software

CDN77-Turbo /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://th.y8.com/
Origin: https://th.y8.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 29 Sep 2023 10:58:12 GMT
strict-transport-security: max-age=15552000
x-age-lb: 101, 1204299
x-77-cache: HIT
x-accel-date: 1694780793
content-length: 14164
x-77-nzt: A9RmOKU8Dm3/S2ASANRmOBFVimD/ZQAAAI/0OthbFKb/BAAAAA
x-accel-expires: @1726316782
x-77-age: 1204299
x-cache-lb: HIT, HIT
last-modified: Mon, 28 Aug 2023 12:23:24 GMT
server: CDN77-Turbo
etag: "64ec91bc-3754"
x-77-nzt-ray: c94de1100c7f08c7c4ad16651836ca00
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=172800
accept-ranges: bytes
expires: Wed, 30 Aug 2023 12:26:13 GMT

GET
H2 200 XRXI3I6Li01BKofiOc5wtlZ2di8HDDsmdTo3j6zbXWjgevT5-f3a6b9845c5213ef519752157619e791da5734231d98c1caca127fe3a9659dee.woff2
img.y8.com/assets/Nunito/ 0
13 KB 34ms
32ms Other
font/woff2 212.102.56.166
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://img.y8.com/assets/Nunito/XRXI3I6Li01BKofiOc5wtlZ2di8HDDsmdTo3j6zbXWjgevT5-f3a6b9845c5213ef519752157619e791da5734231d98c1caca127fe3a9659dee.woff2

Requested by

Host: th.y8.com
URL: https://th.y8.com/games/body_race

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

212.102.56.166 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

283200969.fra.cdn77.com

Software

CDN77-Turbo /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://th.y8.com/
Origin: https://th.y8.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 29 Sep 2023 10:58:12 GMT
strict-transport-security: max-age=15552000
x-age-lb: 101, 1204299
x-77-cache: HIT
x-accel-date: 1694780793
content-length: 13000
x-77-nzt: A9RmOKX7NRb/S2ASAJySISPFCS3/ZQAAAI/0OpXlJ8n/BAAAAA
x-accel-expires: @1726316782
x-77-age: 1204299
x-cache-lb: HIT, HIT
last-modified: Mon, 28 Aug 2023 12:23:24 GMT
server: CDN77-Turbo
etag: "64ec91bc-32c8"
x-77-nzt-ray: c94de1100c7f08c7c4ad16658e5ecc00
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=172800
accept-ranges: bytes
expires: Wed, 30 Aug 2023 12:26:13 GMT

GET
H2 200 fontello-c591e157650bfc1d44ef0f8808e1c5758150076ef521ae9ed2434713aaf03cef.woff2
img.y8.com/assets/ 0
27 KB 34ms
33ms Other
font/woff2 212.102.56.166
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://img.y8.com/assets/fontello-c591e157650bfc1d44ef0f8808e1c5758150076ef521ae9ed2434713aaf03cef.woff2

Requested by

Host: th.y8.com
URL: https://th.y8.com/games/body_race

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

212.102.56.166 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

283200969.fra.cdn77.com

Software

CDN77-Turbo /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://th.y8.com/
Origin: https://th.y8.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 29 Sep 2023 10:58:12 GMT
strict-transport-security: max-age=15552000
x-age-lb: 101, 1204299
x-77-cache: HIT
x-accel-date: 1694780793
content-length: 27020
x-77-nzt: A9RmOKWYzDX/S2ASANRmOAFAzcP/ZQAAAI/0OozBLkz/BAAAAA
x-accel-expires: @1726316782
x-77-age: 1204299
x-cache-lb: HIT, HIT
last-modified: Mon, 07 Aug 2023 11:32:41 GMT
server: CDN77-Turbo
etag: "64d0d659-698c"
x-77-nzt-ray: c94de1100c7f08c7c4ad16651ce8cd00
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=172800
accept-ranges: bytes
expires: Wed, 30 Aug 2023 12:26:13 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 98 KB
29 KB 115ms
66ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: th.y8.com
URL: https://th.y8.com/games/body_race

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cd9b67010c15f50ddba56455deff2bb9002ea39a844a18c0e8879ac2ce596d13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://th.y8.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 10:58:12 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29371
x-xss-protection: 0
server: cafe
etag: 203 / 19629 / 31078219 / config-hash: 6693637385863441016
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 29 Sep 2023 10:58:12 GMT

GET
H2 200 gam_prebid-c71fc2162e1d90d8d246.js Show response
img.y8.com/packs/js/ads/ 270 KB
82 KB 60ms
22ms Script
application/javascript 212.102.56.166
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://img.y8.com/packs/js/ads/gam_prebid-c71fc2162e1d90d8d246.js

Requested by

Host: th.y8.com
URL: https://th.y8.com/games/body_race

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

212.102.56.166 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

283200969.fra.cdn77.com

Software

CDN77-Turbo /

Resource Hash

bb4dbec7b8f174db5ef2141c08f8811679c0f1d5c940ed91754053b604a1bee8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://th.y8.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 29 Sep 2023 10:58:12 GMT
strict-transport-security: max-age=15552000
content-encoding: gzip
x-age-lb: 1, 184403
x-77-cache: HIT
x-accel-date: 1695800689
x-77-nzt: A9RmOKWfSYb/U9ACAJySIS72+KL/AQAAAI/0OpWd+5eh
x-accel-expires: @1727336688
x-77-age: 184404
x-cache-lb: HIT, HIT
last-modified: Wed, 27 Sep 2023 07:26:48 GMT
server: CDN77-Turbo
etag: W/"6513d938-43602"
x-77-nzt-ray: c94de1100985a0c7c4ad16659a19ea01
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
origin-agent-cluster: ?0
cache-control: max-age=31536000, public
expires: Thu, 26 Sep 2024 07:44:48 GMT

GET
H2 200 application-7079b07e4d7e82813054.js Show response
img.y8.com/packs/js/y8/ 436 KB
138 KB 70ms
32ms Script
application/javascript 212.102.56.166
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://img.y8.com/packs/js/y8/application-7079b07e4d7e82813054.js

Requested by

Host: th.y8.com
URL: https://th.y8.com/games/body_race

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

212.102.56.166 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

283200969.fra.cdn77.com

Software

CDN77-Turbo /

Resource Hash

8e3fb34d32c2aa9e326861db564657614f92712f8b18accdc3617ff39e21798e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://th.y8.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 29 Sep 2023 10:58:12 GMT
strict-transport-security: max-age=15552000
content-encoding: gzip
x-age-lb: 78, 233811
x-77-cache: HIT
x-accel-date: 1695751281
x-77-nzt: A9RmOKUtkFn/U5EDAJySIR+hHYv/TgAAAI/0Ot3fH1b/CAAAAA
x-accel-expires: @1727287195
x-77-age: 233897
x-cache-lb: HIT, HIT
last-modified: Tue, 26 Sep 2023 17:59:04 GMT
server: CDN77-Turbo
etag: W/"65131be8-6d1c5"
x-77-nzt-ray: c94de1100985a0c7c4ad166537614b02
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
origin-agent-cluster: ?0
cache-control: max-age=31536000, public
expires: Wed, 25 Sep 2024 17:59:55 GMT

GET
H2 200 show-c484ec4d115e785093d0.js Show response
img.y8.com/packs/js/controllers/items/ 104 KB
29 KB 69ms
32ms Script
application/javascript 212.102.56.166
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://img.y8.com/packs/js/controllers/items/show-c484ec4d115e785093d0.js

Requested by

Host: th.y8.com
URL: https://th.y8.com/games/body_race

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

212.102.56.166 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

283200969.fra.cdn77.com

Software

CDN77-Turbo /

Resource Hash

4168acf5c1b8cb25f708cac02cf5042b9a09c7e20fd177a4ee766aa7fa88998c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://th.y8.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 29 Sep 2023 10:58:12 GMT
strict-transport-security: max-age=15552000
content-encoding: gzip
x-age-lb: 100, 872569
x-77-cache: HIT
x-accel-date: 1695112523
x-77-nzt: A9RmOKWYLHL/eVANAJySIS4iUdr/ZAAAAI/0Othn2Ab/BQAAAA
x-accel-expires: @1726648418
x-77-age: 872674
x-cache-lb: HIT, HIT
last-modified: Tue, 19 Sep 2023 08:32:36 GMT
server: CDN77-Turbo
etag: W/"65095ca4-1a0b9"
x-77-nzt-ray: c94de1100985a0c7c4ad166506ed4802
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
origin-agent-cluster: ?0
cache-control: max-age=31536000, public
expires: Wed, 18 Sep 2024 08:33:38 GMT

HEAD
H2 200 adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 0
0 110ms
72ms Fetch
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: th.y8.com
URL: https://th.y8.com/games/body_race

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://th.y8.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 10:58:12 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51045
x-xss-protection: 0
server: cafe
etag: 934830481546990326
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 29 Sep 2023 10:58:12 GMT

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ 56 B
361 B 259ms
71ms Script
text/javascript 23.45.238.53
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Host: th.y8.com
URL: https://th.y8.com/games/body_race

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.45.238.53 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-45-238-53.deploy.static.akamaitechnologies.com

Software

Oracle API Gateway /

Resource Hash

f475c34186022ba531ebc8bba97fc10df7e4c3ea854f314a18ab0644c851620d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://th.y8.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 29 Sep 2023 10:58:12 GMT
server: Oracle API Gateway
opc-request-id: /FCF318C4CE7EF6332B8DF5A00C1FAF1B/A610B62028C6A5EC7440B09B72AB25BC
x-frame-options: sameorigin
vary: Accept-Encoding
content-type: text/javascript
x-distribution: 99
x-host: s7.addthis.com
content-length: 76
x-xss-protection: 1; mode=block

GET
H2 200 matomo.js Show response
matomo.y8.com/ 64 KB
24 KB 484ms
90ms Script
application/javascript 104.236.66.218
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://matomo.y8.com/matomo.js
Requested by: Host: th.y8.com
URL: https://th.y8.com/games/body_race
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.236.66.218 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: matomomysql2.nyc3.y8.net
Software: nginx /
Resource Hash: d7fc375178c93a2fc15fd888e30170eedf4ef3d04497e7f951ab7bfe0c921693

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://th.y8.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: public
date: Fri, 29 Sep 2023 10:58:12 GMT
content-encoding: gzip
last-modified: Mon, 06 Feb 2023 09:48:25 GMT
server: nginx
etag: W/"63e0cce9-10132"
content-type: application/javascript
cache-control: max-age=3600, public
expires: Fri, 29 Sep 2023 11:58:12 GMT

GET
H2 200 hamburger-c3fe8358b513e219aa93bfd93e7b3d57991bc5741038ed7db7e71d347db0c6ae.svg
img.y8.com/assets/svg/ 261 B
636 B 61ms
31ms Image
image/svg+xml 212.102.56.166
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.y8.com/assets/svg/hamburger-c3fe8358b513e219aa93bfd93e7b3d57991bc5741038ed7db7e71d347db0c6ae.svg

Requested by

Host: th.y8.com
URL: https://th.y8.com/games/body_race

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

212.102.56.166 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

283200969.fra.cdn77.com

Software

CDN77-Turbo /

Resource Hash

9772c112b97f3feb9ed595890bdc884483afd1d7f492d2799129fe7705884866

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://th.y8.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 29 Sep 2023 10:58:12 GMT
strict-transport-security: max-age=15552000
content-encoding: gzip
x-age-lb: 554334
x-77-cache: HIT
x-accel-date: 1695430758
x-77-nzt: A9RmOKUcRbf/XnUIAIrHJTR8oVChj/Q63TJzC9E
x-accel-expires: @1726966738
x-77-age: 554334
x-cache-lb: MISS, HIT
last-modified: Thu, 28 Jul 2022 13:21:53 GMT
server: CDN77-Turbo
etag: W/"62e28d71-105"
x-77-nzt-ray: c94de1100985a0c7c4ad1665e806ed01
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=1209600
expires: Wed, 02 Aug 2023 13:56:22 GMT

GET
H2 200 hamburger-active-03129c9dbc7bf62fc4cf3b24384c95eca4fafade56f0dfe54ce726cd8a718f2f.svg
img.y8.com/assets/svg/ 378 B
693 B 62ms
32ms Image
image/svg+xml 212.102.56.166
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.y8.com/assets/svg/hamburger-active-03129c9dbc7bf62fc4cf3b24384c95eca4fafade56f0dfe54ce726cd8a718f2f.svg

Requested by

Host: th.y8.com
URL: https://th.y8.com/games/body_race

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

212.102.56.166 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

283200969.fra.cdn77.com

Software

CDN77-Turbo /

Resource Hash

e81f825fdcd70ca3c6ff75f5864b225a3fce6f6fa8d9ebc1b1c3b7ae5ac38e3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://th.y8.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 29 Sep 2023 10:58:12 GMT
strict-transport-security: max-age=15552000
content-encoding: gzip
x-age-lb: 0, 540801
x-77-cache: HIT
x-accel-date: 1695444291
x-77-nzt: A9RmOKV/ih7/gUAIAIrHJcGMxp//AAAAAI/0OsjeCObR
x-accel-expires: @1726980282
x-77-age: 540801
x-cache-lb: HIT, HIT
last-modified: Thu, 28 Jul 2022 13:21:53 GMT
server: CDN77-Turbo
etag: W/"62e28d71-17a"
x-77-nzt-ray: c94de1100985a0c7c4ad16650c79f001
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=1209600
expires: Wed, 02 Aug 2023 13:59:16 GMT

GET
H2 200 header-logo-b39e5071cb111465fc5a5aef6496121adfcb414692d067f967434d9d80418afc.svg
img.y8.com/assets/y8/ 357 B
701 B 41ms
11ms Image
image/svg+xml 212.102.56.166
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.y8.com/assets/y8/header-logo-b39e5071cb111465fc5a5aef6496121adfcb414692d067f967434d9d80418afc.svg

Requested by

Host: th.y8.com
URL: https://th.y8.com/games/body_race

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

212.102.56.166 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

283200969.fra.cdn77.com

Software

CDN77-Turbo /

Resource Hash

3ff4ef8db1e622267d2ea3ccabbf793eab624976029bef1146bfe303333124c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://th.y8.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 29 Sep 2023 10:58:12 GMT
strict-transport-security: max-age=15552000
content-encoding: gzip
x-age-lb: 543874
x-77-cache: HIT
x-accel-date: 1695441218
x-77-nzt: A9RmOKUTVIL/gkwIANRmOAk2/YLRj/Q6jEof8NE
x-accel-expires: @1726977170
x-77-age: 543874
x-cache-lb: MISS, HIT
last-modified: Thu, 28 Jul 2022 13:21:53 GMT
server: CDN77-Turbo
etag: W/"62e28d71-165"
x-77-nzt-ray: c94de1100985a0c7c4ad1665b8d9e101
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=1209600
expires: Wed, 02 Aug 2023 13:59:16 GMT

GET
H2 200 search-9887eb433e2eff9a1fd0dda066ed7abf52897beecba0dce9ef152c2770dc9082.svg
img.y8.com/assets/svg/ 525 B
815 B 62ms
32ms Image
image/svg+xml 212.102.56.166
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.y8.com/assets/svg/search-9887eb433e2eff9a1fd0dda066ed7abf52897beecba0dce9ef152c2770dc9082.svg

Requested by

Host: th.y8.com
URL: https://th.y8.com/games/body_race

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

212.102.56.166 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

283200969.fra.cdn77.com

Software

CDN77-Turbo /

Resource Hash

073795c14e10b8b985ddd0e5eb2915f5802e7429847dfd875eb312f9384e1517

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://th.y8.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 29 Sep 2023 10:58:12 GMT
strict-transport-security: max-age=15552000
content-encoding: gzip
x-age-lb: 66, 1212144
x-77-cache: HIT
x-accel-date: 1694772948
x-77-nzt: A9RmOKV32+T/8H4SAJySIR+6H9H/QgAAAI/0OpVVXwD/BgAAAA
x-accel-expires: @1726308947
x-77-age: 1212144
x-cache-lb: HIT, HIT
last-modified: Fri, 07 Jul 2023 10:11:53 GMT
server: CDN77-Turbo
etag: W/"64a7e4e9-20d"
x-77-nzt-ray: c94de1100985a0c7c4ad166566edf101
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=1209600
expires: Fri, 21 Jul 2023 10:15:42 GMT

GET
H2 200 profile-250b58e83592bb66fe437d6de217d30ee3dae674feee2ff962138996fdffde6e.svg
img.y8.com/assets/svg/ 959 B
997 B 61ms
31ms Image
image/svg+xml 212.102.56.166
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.y8.com/assets/svg/profile-250b58e83592bb66fe437d6de217d30ee3dae674feee2ff962138996fdffde6e.svg

Requested by

Host: th.y8.com
URL: https://th.y8.com/games/body_race

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

212.102.56.166 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

283200969.fra.cdn77.com

Software

CDN77-Turbo /

Resource Hash

a27fcff0eda4a9c2c801214f7d161e04efe822425b8361b754e5c1a876ef647e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://th.y8.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 29 Sep 2023 10:58:12 GMT
strict-transport-security: max-age=15552000
content-encoding: gzip
x-age-lb: 5, 540801
x-77-cache: HIT
x-accel-date: 1695444291
x-77-nzt: A9RmOKVFZBP/gUAIANRmOBEs2xv/BQAAAI/0Otg3xCXR
x-accel-expires: @1726980282
x-77-age: 540801
x-cache-lb: HIT, HIT
last-modified: Thu, 28 Jul 2022 13:21:53 GMT
server: CDN77-Turbo
etag: W/"62e28d71-3bf"
x-77-nzt-ray: c94de1100985a0c7c4ad16659ba3ee01
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=1209600
expires: Wed, 02 Aug 2023 13:59:12 GMT

GET
H2 200 arrow-up-bec5455682ee6239b995f18944808d8a0c75d7776798386efce255166669e5cf.svg
img.y8.com/assets/svg/ 855 B
933 B 62ms
32ms Image
image/svg+xml 212.102.56.166
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.y8.com/assets/svg/arrow-up-bec5455682ee6239b995f18944808d8a0c75d7776798386efce255166669e5cf.svg

Requested by

Host: th.y8.com
URL: https://th.y8.com/games/body_race

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

212.102.56.166 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

283200969.fra.cdn77.com

Software

CDN77-Turbo /

Resource Hash

4dbfc55438341402c96e6ce2c85457034430c9e3d0aa0135a2bd2ec6ddff95b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://th.y8.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 29 Sep 2023 10:58:12 GMT
strict-transport-security: max-age=15552000
content-encoding: gzip
x-age-lb: 1, 540801
x-77-cache: HIT
x-accel-date: 1695444291
x-77-nzt: A9RmOKXbt5D/gUAIANRmOAkhXlD/AQAAAI/0OoyrklTR
x-accel-expires: @1726834589
x-77-age: 540801
x-cache-lb: HIT, HIT
last-modified: Thu, 28 Jul 2022 13:21:53 GMT
server: CDN77-Turbo
etag: W/"62e28d71-357"
x-77-nzt-ray: c94de1100985a0c7c4ad1665b877f301
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=1209600
expires: Wed, 02 Aug 2023 13:59:16 GMT

GET
DATA 200
OK truncated
/ 583 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f9f5560ef9671cef36de14bfe708221930948e4cbb4283245d6c536a7285188f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
H2 200 flags-24x18-d4bf28e4d02216699cb02d575af866b80dba62aae5f8fb6817987cdb64726e6a.png
th.y8.com/assets/ 28 KB
29 KB 103ms
103ms Image
image/png 161.35.246.134
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://th.y8.com/assets/flags-24x18-d4bf28e4d02216699cb02d575af866b80dba62aae5f8fb6817987cdb64726e6a.png

Requested by

Host: th.y8.com
URL: https://th.y8.com/games/body_race

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.35.246.134 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

6d65e400a88dfa3973e9ba2924e65bc70cedd447bec398d12343b62c3ffba503

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://th.y8.com/games/body_race
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

expires: Sat, 28 Sep 2024 10:58:12 GMT
date: Fri, 29 Sep 2023 10:58:12 GMT
strict-transport-security: max-age=15552000
last-modified: Wed, 03 Aug 2022 08:05:32 GMT
server: nginx
etag: "62ea2c4c-7110"
x-cache: MISS
content-type: image/png
origin-agent-cluster: ?0
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 28944
x-cache-hits: 0

GET
H2 200 small.gif
img.y8.com/cloud/v2-y8-thumbs-small-thumbnails-001/147490/ 8 KB
9 KB 40ms
13ms Image
image/gif 212.102.56.166
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.y8.com/cloud/v2-y8-thumbs-small-thumbnails-001/147490/small.gif

Requested by

Host: th.y8.com
URL: https://th.y8.com/games/body_race

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

212.102.56.166 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

283200969.fra.cdn77.com

Software

CDN77-Turbo /

Resource Hash

20a1e0eb6cebc392cd52f7733c597c06ef54dbc371132bdb5fee694cf9ce3d2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://th.y8.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 29 Sep 2023 10:58:12 GMT
strict-transport-security: max-age=15552000
x-openstack-request-id: tx000002f3292d685c2e936-00650194bb-7da234db-default
x-age-lb: 140782
x-77-cache: HIT
x-accel-date: 1695844310
content-length: 8171
x-trans-id: tx000002f3292d685c2e936-00650194bb-7da234db-default
x-77-nzt: A9RmOKVrv/j/7iUCAIrHJcSwxvbRj/Q63bQYRNE
x-accel-expires: @1697053907
x-77-age: 140782
x-cache-lb: MISS, HIT
last-modified: Sun, 06 Mar 2022 15:11:57 GMT
server: CDN77-Turbo
etag: 86195148ef6cc81a154fd66dc97f955d
x-77-nzt-ray: c94de1100985a0c7c4ad1665b003e601
content-type: image/gif
access-control-allow-origin: *
origin-agent-cluster: ?0
x-timestamp: 1646579517.55166
cache-control: max-age=1209600
accept-ranges: bytes
expires: Wed, 27 Sep 2023 10:53:47 GMT

GET
H2 200 fontello-c591e157650bfc1d44ef0f8808e1c5758150076ef521ae9ed2434713aaf03cef.woff2
th.y8.com/assets/ 26 KB
27 KB 126ms
126ms Font
font/woff2 161.35.246.134
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://th.y8.com/assets/fontello-c591e157650bfc1d44ef0f8808e1c5758150076ef521ae9ed2434713aaf03cef.woff2

Requested by

Host: th.y8.com
URL: https://th.y8.com/games/body_race

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.35.246.134 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

89f12c641417c9648f82665333dc9badef79d73473ae41338374ffa2266e5965

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://th.y8.com/games/body_race
Origin: https://th.y8.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

expires: Sat, 28 Sep 2024 10:58:12 GMT
date: Fri, 29 Sep 2023 10:58:12 GMT
strict-transport-security: max-age=15552000
last-modified: Mon, 07 Aug 2023 11:32:31 GMT
server: nginx
etag: "64d0d64f-698c"
x-cache: MISS
content-type: font/woff2
access-control-allow-origin: *
origin-agent-cluster: ?0
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 27020
x-cache-hits: 0

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ-d9275135124c4b8b42b4d1dc397e3721b36a7489009a740d535eae07718bd0d6.woff2
th.y8.com/assets/Roboto/ 11 KB
11 KB 110ms
110ms Font
font/woff2 161.35.246.134
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://th.y8.com/assets/Roboto/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ-d9275135124c4b8b42b4d1dc397e3721b36a7489009a740d535eae07718bd0d6.woff2

Requested by

Host: th.y8.com
URL: https://th.y8.com/games/body_race

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.35.246.134 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

0f53e8b0a717ca4ce313eec62b90d41db62c2f4946259a65c93bf8e84c5b0c44

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://th.y8.com/games/body_race
Origin: https://th.y8.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

expires: Sat, 28 Sep 2024 10:58:12 GMT
date: Fri, 29 Sep 2023 10:58:12 GMT
strict-transport-security: max-age=15552000
last-modified: Fri, 18 Aug 2023 12:13:35 GMT
server: nginx
etag: "64df606f-2b20"
x-cache: MISS
content-type: font/woff2
access-control-allow-origin: *
origin-agent-cluster: ?0
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 11040
x-cache-hits: 0

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg-a69138ffd0f0223793b2c2ade4f531bb653668af83686b9f0620d66bc9e543a7.woff2
th.y8.com/assets/Roboto/ 11 KB
11 KB 136ms
136ms Font
font/woff2 161.35.246.134
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://th.y8.com/assets/Roboto/KFOmCnqEu92Fr1Mu4mxKKTU1Kg-a69138ffd0f0223793b2c2ade4f531bb653668af83686b9f0620d66bc9e543a7.woff2

Requested by

Host: th.y8.com
URL: https://th.y8.com/games/body_race

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.35.246.134 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

796de064b8d80eba7ccacb8ba67d77fdbcdf4b385c844645d452c24537b3108f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://th.y8.com/games/body_race
Origin: https://th.y8.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

expires: Sat, 28 Sep 2024 10:58:12 GMT
date: Fri, 29 Sep 2023 10:58:12 GMT
strict-transport-security: max-age=15552000
last-modified: Fri, 18 Aug 2023 12:13:33 GMT
server: nginx
etag: "64df606d-2b14"
x-cache: MISS
content-type: font/woff2
access-control-allow-origin: *
origin-agent-cluster: ?0
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 11028
x-cache-hits: 0

GET
H2 200 resize-v2-9649eb0b0be2316730dbea99ce24249131ab8ccb2a1c0b994e2695508cc76da5.svg
img.y8.com/assets/svg/ 875 B
926 B 19ms
18ms Image
image/svg+xml 212.102.56.166
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.y8.com/assets/svg/resize-v2-9649eb0b0be2316730dbea99ce24249131ab8ccb2a1c0b994e2695508cc76da5.svg

Requested by

Host: th.y8.com
URL: https://th.y8.com/games/body_race

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

212.102.56.166 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

283200969.fra.cdn77.com

Software

CDN77-Turbo /

Resource Hash

f6c0c095a9f22aa7d2e9f57ba061f618eb36e6854caefe73ba06181c467036d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://th.y8.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 29 Sep 2023 10:58:12 GMT
strict-transport-security: max-age=15552000
content-encoding: gzip
x-age-lb: 949964
x-77-cache: HIT
x-accel-date: 1695035128
x-77-nzt: A9RmOKUQWGT/zH4OANRmOBEIbTvRj/Q6yMVq9dE
x-accel-expires: @1726571126
x-77-age: 949964
x-cache-lb: MISS, HIT
last-modified: Thu, 28 Jul 2022 13:21:53 GMT
server: CDN77-Turbo
etag: W/"62e28d71-36b"
x-77-nzt-ray: c94de1100985a0c7c4ad1665cac3e903
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=1209600
expires: Wed, 02 Aug 2023 14:03:37 GMT

GET
H2 200 resize-v2-hover-4ec230383e627fb43f7174e8448fd7a7e7774967f36600e3b1ff93a0eda63daa.svg
img.y8.com/assets/svg/ 870 B
924 B 19ms
19ms Image
image/svg+xml 212.102.56.166
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.y8.com/assets/svg/resize-v2-hover-4ec230383e627fb43f7174e8448fd7a7e7774967f36600e3b1ff93a0eda63daa.svg

Requested by

Host: th.y8.com
URL: https://th.y8.com/games/body_race

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

212.102.56.166 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

283200969.fra.cdn77.com

Software

CDN77-Turbo /

Resource Hash

7398fab9cccc735352d69257b0eab6583450813f5564b5d00ee185b7de79cc2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://th.y8.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 29 Sep 2023 10:58:12 GMT
strict-transport-security: max-age=15552000
content-encoding: gzip
x-age-lb: 543801
x-77-cache: HIT
x-accel-date: 1695441291
x-77-nzt: A9RmOKXYWGz/OUwIAIrHJcF7/BzRj/Q62B/y5tE
x-accel-expires: @1726977247
x-77-age: 543801
x-cache-lb: MISS, HIT
last-modified: Thu, 28 Jul 2022 13:21:53 GMT
server: CDN77-Turbo
etag: W/"62e28d71-366"
x-77-nzt-ray: c94de1100985a0c7c4ad1665adcdeb03
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=1209600
expires: Wed, 02 Aug 2023 14:03:37 GMT

GET
H2 200 maximize-v2-9255bbce5dbf654a9fea165155f6d3fef74abe90e58d30dc18e69f88cd052a5e.svg
img.y8.com/assets/svg/ 748 B
887 B 19ms
19ms Image
image/svg+xml 212.102.56.166
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.y8.com/assets/svg/maximize-v2-9255bbce5dbf654a9fea165155f6d3fef74abe90e58d30dc18e69f88cd052a5e.svg

Requested by

Host: th.y8.com
URL: https://th.y8.com/games/body_race

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

212.102.56.166 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

283200969.fra.cdn77.com

Software

CDN77-Turbo /

Resource Hash

3da76f47ebd8d76464a716728688290bd8dfb0309a2b07d1552c1c9369f33613

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://th.y8.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 29 Sep 2023 10:58:12 GMT
strict-transport-security: max-age=15552000
content-encoding: gzip
x-age-lb: 1, 544076
x-77-cache: HIT
x-accel-date: 1695441016
x-77-nzt: A9RmOKWjvYX/TE0IAIrHJcEQSDj/AQAAAI/0OozCsXfR
x-accel-expires: @1726941211
x-77-age: 544076
x-cache-lb: HIT, HIT
last-modified: Thu, 28 Jul 2022 13:21:53 GMT
server: CDN77-Turbo
etag: W/"62e28d71-2ec"
x-77-nzt-ray: c94de1100985a0c7c4ad16656640ed03
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=1209600
expires: Wed, 02 Aug 2023 14:03:36 GMT

GET
H2 200 maximize-v2-hover-49a55803d20b8afd79162fab4c48e1e9eea6cd621ca8e213ed00ab6562b0a14d.svg
img.y8.com/assets/svg/ 749 B
872 B 20ms
19ms Image
image/svg+xml 212.102.56.166
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.y8.com/assets/svg/maximize-v2-hover-49a55803d20b8afd79162fab4c48e1e9eea6cd621ca8e213ed00ab6562b0a14d.svg

Requested by

Host: th.y8.com
URL: https://th.y8.com/games/body_race

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

212.102.56.166 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

283200969.fra.cdn77.com

Software

CDN77-Turbo /

Resource Hash

430437c52bde732e84c0dbdfe2c67718a03f778095e068ea15cc4a681fdd3795

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://th.y8.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 29 Sep 2023 10:58:12 GMT
strict-transport-security: max-age=15552000
content-encoding: gzip
x-age-lb: 1089237
x-77-cache: HIT
x-accel-date: 1694895855
x-77-nzt: A9RmOKWOQ9v/1Z4QANRmOBEiN+nRj/Q63cxwhNE
x-accel-expires: @1726431831
x-77-age: 1089237
x-cache-lb: MISS, HIT
last-modified: Thu, 28 Jul 2022 13:21:53 GMT
server: CDN77-Turbo
etag: W/"62e28d71-2ed"
x-77-nzt-ray: c94de1100985a0c7c4ad16655a8fee03
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=1209600
expires: Wed, 02 Aug 2023 14:03:38 GMT

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 policy_validator-697956f27b789a29de90.js Show response
img.y8.com/packs/js/components/ 3 KB
2 KB 17ms
17ms Script
application/javascript 212.102.56.166
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://img.y8.com/packs/js/components/policy_validator-697956f27b789a29de90.js

Requested by

Host: th.y8.com
URL: https://th.y8.com/games/body_race

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

212.102.56.166 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

283200969.fra.cdn77.com

Software

CDN77-Turbo /

Resource Hash

8444c99111e919959e41445b050f70a0601607147df1c260c79453a2ffbc6273

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://th.y8.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 29 Sep 2023 10:58:12 GMT
strict-transport-security: max-age=15552000
content-encoding: gzip
x-age-lb: 1, 184408
x-77-cache: HIT
x-accel-date: 1695800684
x-77-nzt: A9RmOKVXuqb/WNACAJySISOT1Uz/AQAAAI/0Osho5k+h
x-accel-expires: @1727336683
x-77-age: 184409
x-cache-lb: HIT, HIT
last-modified: Wed, 27 Sep 2023 07:26:48 GMT
server: CDN77-Turbo
etag: W/"6513d938-c02"
x-77-nzt-ray: c94de1100985a0c7c4ad1665fa791504
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
origin-agent-cluster: ?0
cache-control: max-age=31536000, public
expires: Thu, 26 Sep 2024 07:44:43 GMT

GET
H2 200 defer-117e9d5f20f39a82fc88648f362508b6222511ef92a6f9d44ce7585d9f04631a.css
img.y8.com/assets/y8.com/packs/ 98 KB
16 KB 15ms
15ms Stylesheet
text/css 212.102.56.166
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://img.y8.com/assets/y8.com/packs/defer-117e9d5f20f39a82fc88648f362508b6222511ef92a6f9d44ce7585d9f04631a.css

Requested by

Host: th.y8.com
URL: https://th.y8.com/games/body_race

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

212.102.56.166 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

283200969.fra.cdn77.com

Software

CDN77-Turbo /

Resource Hash

601600d5df154cf3bf57c979b43c198626febe8df59c8f90cea14efcbbb50f82

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://th.y8.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 29 Sep 2023 10:58:12 GMT
strict-transport-security: max-age=15552000
content-encoding: gzip
x-age-lb: 232, 284465
x-77-cache: HIT
x-accel-date: 1695700627
x-77-nzt: A9RmOKUjA4n/MVcEANRmOJnaLQr/6AAAAI/0Ooz68iX/BgAAAA
x-accel-expires: @1727236389
x-77-age: 284703
x-cache-lb: HIT, HIT
last-modified: Tue, 26 Sep 2023 03:50:15 GMT
server: CDN77-Turbo
etag: W/"651254f7-18841"
x-77-nzt-ray: c94de1100985a0c7c4ad166520c25304
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
origin-agent-cluster: ?0
cache-control: max-age=31536000, public
expires: Wed, 25 Sep 2024 03:53:09 GMT

GET
H2 200 control-icons-improved-v2-0143cf65c77236741d98f887812d063ad1a264ae497e2a11755e1106bb821192.png
th.y8.com/assets/icons/keyboard/ 15 KB
16 KB 109ms
108ms Image
image/png 161.35.246.134
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://th.y8.com/assets/icons/keyboard/control-icons-improved-v2-0143cf65c77236741d98f887812d063ad1a264ae497e2a11755e1106bb821192.png

Requested by

Host: th.y8.com
URL: https://th.y8.com/games/body_race

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.35.246.134 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

ca12bb49c14d41df7ac6d120b3c0c28b15babf0552dca23809a296de531ba9e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://th.y8.com/games/body_race
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

expires: Sat, 28 Sep 2024 10:58:12 GMT
date: Fri, 29 Sep 2023 10:58:12 GMT
strict-transport-security: max-age=15552000
last-modified: Tue, 02 Aug 2022 08:52:21 GMT
server: nginx
etag: "62e8e5c5-3dd0"
x-cache: MISS
content-type: image/png
origin-agent-cluster: ?0
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 15824
x-cache-hits: 0

GET
H2 200 spritesheet-tags-36x28-43c288fa5223317ab391c931a49c6a6a285d43565a097da776999d706a843b2e.png
th.y8.com/assets/tags/ 128 KB
128 KB 107ms
107ms Image
image/png 161.35.246.134
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://th.y8.com/assets/tags/spritesheet-tags-36x28-43c288fa5223317ab391c931a49c6a6a285d43565a097da776999d706a843b2e.png

Requested by

Host: th.y8.com
URL: https://th.y8.com/games/body_race

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.35.246.134 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

1ed1a9b74050fe9b34dd3ec6ebca282694092f59f096f43d4b556b58cb3e4823

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://th.y8.com/games/body_race
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

expires: Sat, 28 Sep 2024 10:58:12 GMT
date: Fri, 29 Sep 2023 10:58:12 GMT
strict-transport-security: max-age=15552000
last-modified: Wed, 03 Aug 2022 08:05:32 GMT
server: nginx
etag: "62ea2c4c-1ff12"
x-cache: MISS
content-type: image/png
origin-agent-cluster: ?0
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 130834
x-cache-hits: 0

GET
H2 200 add_embed_icon-ea54ed093a982dc95632986d9d6f428611d6f7abb83086270a7ac1300a73ae9d.svg
th.y8.com/assets/svg/ 1 KB
878 B 112ms
112ms Image
image/svg+xml 161.35.246.134
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://th.y8.com/assets/svg/add_embed_icon-ea54ed093a982dc95632986d9d6f428611d6f7abb83086270a7ac1300a73ae9d.svg

Requested by

Host: th.y8.com
URL: https://th.y8.com/games/body_race

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.35.246.134 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

4f00b285be1315663e8db77ad547c2493c1f733c01e98943663185d2f0ccaa18

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://th.y8.com/games/body_race
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

expires: Sat, 28 Sep 2024 10:58:12 GMT
date: Fri, 29 Sep 2023 10:58:12 GMT
content-encoding: gzip
strict-transport-security: max-age=15552000
last-modified: Wed, 03 Aug 2022 08:05:32 GMT
server: nginx
etag: "62ea2c4c-24f"
x-cache: MISS
content-type: image/svg+xml
origin-agent-cluster: ?0
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 591
x-cache-hits: 0

GET
H2 200 forum_promo_icon-8491509dd335f65314fb17d34c160df75457b1101c66fde453c712c7ae526811.svg
th.y8.com/assets/svg/ 1 KB
846 B 110ms
110ms Image
image/svg+xml 161.35.246.134
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://th.y8.com/assets/svg/forum_promo_icon-8491509dd335f65314fb17d34c160df75457b1101c66fde453c712c7ae526811.svg

Requested by

Host: th.y8.com
URL: https://th.y8.com/games/body_race

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.35.246.134 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

6be4f7c2df4651732d7f2ead3a66ba349f255f4eaf19a88b351414dff6242828

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://th.y8.com/games/body_race
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

expires: Sat, 28 Sep 2024 10:58:12 GMT
date: Fri, 29 Sep 2023 10:58:12 GMT
content-encoding: gzip
strict-transport-security: max-age=15552000
last-modified: Wed, 03 Aug 2022 08:05:32 GMT
server: nginx
etag: "62ea2c4c-22f"
x-cache: MISS
content-type: image/svg+xml
origin-agent-cluster: ?0
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 559
x-cache-hits: 0

GET
H2 200 cryptoserval_icon-80c76bb7d0a1bad35cde7ce8693094705de58747b4823df3e924dae307ecc4f3.svg
th.y8.com/assets/svg/ 2 KB
2 KB 112ms
112ms Image
image/svg+xml 161.35.246.134
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://th.y8.com/assets/svg/cryptoserval_icon-80c76bb7d0a1bad35cde7ce8693094705de58747b4823df3e924dae307ecc4f3.svg

Requested by

Host: th.y8.com
URL: https://th.y8.com/games/body_race

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.35.246.134 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

021f9558875e54c5975208e99e6891e2fce9d30d041f5998e7feffca0fd5005c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://th.y8.com/games/body_race
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

expires: Sat, 28 Sep 2024 10:58:12 GMT
date: Fri, 29 Sep 2023 10:58:12 GMT
content-encoding: gzip
strict-transport-security: max-age=15552000
last-modified: Wed, 03 Aug 2022 08:05:32 GMT
server: nginx
etag: "62ea2c4c-4f1"
x-cache: MISS
content-type: image/svg+xml
origin-agent-cluster: ?0
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 1265
x-cache-hits: 0

GET
H2 200 html5-dc0b6633223f2e9d597dcb0ad23ba14c9bd288b9e9b455557eb8b9c80df008e5.svg
th.y8.com/assets/technology_icons/ 868 B
780 B 106ms
103ms Image
image/svg+xml 161.35.246.134
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://th.y8.com/assets/technology_icons/html5-dc0b6633223f2e9d597dcb0ad23ba14c9bd288b9e9b455557eb8b9c80df008e5.svg

Requested by

Host: th.y8.com
URL: https://th.y8.com/games/body_race

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.35.246.134 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

5c3151f8794be637b9b4a942136cf96b815641f32944a2c85023169190653d21

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://th.y8.com/games/body_race
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

expires: Sat, 28 Sep 2024 10:58:12 GMT
date: Fri, 29 Sep 2023 10:58:12 GMT
content-encoding: gzip
strict-transport-security: max-age=15552000
last-modified: Wed, 03 Aug 2022 08:05:32 GMT
server: nginx
etag: "62ea2c4c-1ed"
x-cache: MISS
content-type: image/svg+xml
origin-agent-cluster: ?0
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 493
x-cache-hits: 0

GET
DATA 200
OK truncated
/ 469 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ee94e99f640538eea06eb6607e0b4e577aa08838d5b6b3f78f314f3fb6a962c0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
H2 200 webgl-5bbd3e4c109c2c654e3950913ff42f8a8aecd8b0b01200d7267d47d39a17b5d7.svg
th.y8.com/assets/technology_icons/ 2 KB
1 KB 105ms
103ms Image
image/svg+xml 161.35.246.134
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://th.y8.com/assets/technology_icons/webgl-5bbd3e4c109c2c654e3950913ff42f8a8aecd8b0b01200d7267d47d39a17b5d7.svg

Requested by

Host: th.y8.com
URL: https://th.y8.com/games/body_race

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.35.246.134 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

987ac7f5e6c580f6d797c2c5956737dc872e68f69e195c9297519a1f41188669

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://th.y8.com/games/body_race
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

expires: Sat, 28 Sep 2024 10:58:12 GMT
date: Fri, 29 Sep 2023 10:58:12 GMT
content-encoding: gzip
strict-transport-security: max-age=15552000
last-modified: Wed, 03 Aug 2022 08:05:32 GMT
server: nginx
etag: "62ea2c4c-4de"
x-cache: MISS
content-type: image/svg+xml
origin-agent-cluster: ?0
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 1246
x-cache-hits: 0

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ-a99ad93b4199b8adf117cde98a8ac35e90d0af149a03c63b53bb35ecaa8ed8b7.woff2
th.y8.com/assets/Roboto/ 11 KB
11 KB 187ms
187ms Font
font/woff2 161.35.246.134
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://th.y8.com/assets/Roboto/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ-a99ad93b4199b8adf117cde98a8ac35e90d0af149a03c63b53bb35ecaa8ed8b7.woff2

Requested by

Host: th.y8.com
URL: https://th.y8.com/games/body_race

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.35.246.134 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

bce2f309470952b7affa62ff4d91b454334c68cefa541429b502904d20696875

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://th.y8.com/games/body_race
Origin: https://th.y8.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

expires: Sat, 28 Sep 2024 10:58:12 GMT
date: Fri, 29 Sep 2023 10:58:12 GMT
strict-transport-security: max-age=15552000
last-modified: Fri, 18 Aug 2023 12:13:33 GMT
server: nginx
etag: "64df606d-2b40"
x-cache: MISS
content-type: font/woff2
access-control-allow-origin: *
origin-agent-cluster: ?0
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 11072
x-cache-hits: 0

GET
H2 200 XRXI3I6Li01BKofiOc5wtlZ2di8HDDsmdTQ3j6zbXWjgeg-d1bc99418e071a7b8049643660e7ee0e89ed7a67b58146a2bb915f4825c0d85e.woff2
th.y8.com/assets/Nunito/ 14 KB
14 KB 107ms
106ms Font
font/woff2 161.35.246.134
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://th.y8.com/assets/Nunito/XRXI3I6Li01BKofiOc5wtlZ2di8HDDsmdTQ3j6zbXWjgeg-d1bc99418e071a7b8049643660e7ee0e89ed7a67b58146a2bb915f4825c0d85e.woff2

Requested by

Host: th.y8.com
URL: https://th.y8.com/games/body_race

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.35.246.134 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

de6291f2a74e6d83189a6259386f6872b0599e88daa1857644bc995204fa1580

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://th.y8.com/games/body_race
Origin: https://th.y8.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

expires: Sat, 28 Sep 2024 10:58:12 GMT
date: Fri, 29 Sep 2023 10:58:12 GMT
strict-transport-security: max-age=15552000
last-modified: Mon, 28 Aug 2023 12:23:16 GMT
server: nginx
etag: "64ec91b4-3754"
x-cache: MISS
content-type: font/woff2
access-control-allow-origin: *
origin-agent-cluster: ?0
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 14164
x-cache-hits: 0

GET
H2 200 vote_rating_medium-32e19f64624d7a5c17db8b5c8ce4b254c82df7deb3c40801bebbb920f3729f27.svg
img.y8.com/assets/svg/ 672 B
872 B 12ms
11ms Image
image/svg+xml 212.102.56.166
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.y8.com/assets/svg/vote_rating_medium-32e19f64624d7a5c17db8b5c8ce4b254c82df7deb3c40801bebbb920f3729f27.svg

Requested by

Host: th.y8.com
URL: https://th.y8.com/games/body_race

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

212.102.56.166 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

283200969.fra.cdn77.com

Software

CDN77-Turbo /

Resource Hash

e68d07119a3442b1a54d0929c41c15b7aba96d4119c96bdb81f9ed101c526921

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://th.y8.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 29 Sep 2023 10:58:12 GMT
strict-transport-security: max-age=15552000
content-encoding: gzip
x-age-lb: 538291
x-77-cache: HIT
x-accel-date: 1695446801
x-77-nzt: A9RmOKX3Cwf/szYIAJySISfOBlrRj/Q63ZsoE9E
x-accel-expires: @1726838317
x-77-age: 538291
x-cache-lb: MISS, HIT
last-modified: Thu, 28 Jul 2022 13:21:53 GMT
server: CDN77-Turbo
etag: W/"62e28d71-2a0"
x-77-nzt-ray: c94de1100985a0c7c4ad16655f949b08
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=1209600
expires: Wed, 02 Aug 2023 13:59:09 GMT

GET
H2 200 sdk.js Show response
cdn.y8.com/api/ 310 KB
101 KB 91ms
19ms Script
application/javascript 156.146.33.2
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.y8.com/api/sdk.js
Requested by: Host: th.y8.com
URL: https://th.y8.com/games/body_race
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 156.146.33.2 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 150299569.fra.cdn77.com
Software: CDN77-Turbo /
Resource Hash: 90f26e5e33af333e437c1991e5ee4c8ea8b7ffba59b77563e33d37b5023a0f63

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://th.y8.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 29 Sep 2023 10:58:12 GMT
content-encoding: gzip
x-age-lb: 0, 557
x-77-cache: HIT
x-accel-date: 1695984535
x-77-nzt: A5ySIQFhutr/LQIAAJySIS73A8n/AAAAAI/0OpVSckHbWQIAAA
x-accel-expires: @1695985135
x-77-age: 1158
x-cache-lb: HIT, HIT
last-modified: Thu, 28 Sep 2023 06:34:29 GMT
server: CDN77-Turbo
etag: W/"65151e75-4d774"
x-77-nzt-ray: b163f508dd3ba45dc4ad166520345510
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
origin-agent-cluster: ?0
cache-control: max-age=600
expires: Thu, 28 Sep 2023 06:46:06 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309250101/ 410 KB
129 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309250101/pubads_impl.js?cb=31078219

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f784e92719e340c4d288cd36b0076d764a9ff4d16879664bd927b40fd1f10bb6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://th.y8.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 08:56:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7275
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 132352
x-xss-protection: 0
server: cafe
etag: 76809202428320589
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 28 Sep 2024 08:56:57 GMT

GET
H2 200 60-a7ea01ffcb8d318b80a9.chunk.js Show response
img.y8.com/packs/js/ 802 B
965 B 12ms
12ms Script
application/javascript 212.102.56.166
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://img.y8.com/packs/js/60-a7ea01ffcb8d318b80a9.chunk.js

Requested by

Host: img.y8.com
URL: https://img.y8.com/packs/js/y8/application-7079b07e4d7e82813054.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

212.102.56.166 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

283200969.fra.cdn77.com

Software

CDN77-Turbo /

Resource Hash

b66e78406472380930e3e5ab8595cf8e7965b59ea065f68383071512568bd6ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://th.y8.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 29 Sep 2023 10:58:12 GMT
strict-transport-security: max-age=15552000
content-encoding: gzip
x-age-lb: 3943, 868585
x-77-cache: HIT
x-accel-date: 1695116507
x-77-nzt: A9RmOKXfawX/6UANANRmOAFUGc7/Zw8AAI/0Oox73ov/jAAAAA
x-accel-expires: @1726648424
x-77-age: 872668
x-cache-lb: HIT, HIT
last-modified: Tue, 19 Sep 2023 08:32:36 GMT
server: CDN77-Turbo
etag: W/"65095ca4-322"
x-77-nzt-ray: c94de1100985a0c7c4ad16652a7a1211
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
origin-agent-cluster: ?0
cache-control: max-age=31536000, public
expires: Wed, 18 Sep 2024 08:33:44 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ-d9275135124c4b8b42b4d1dc397e3721b36a7489009a740d535eae07718bd0d6.woff2
img.y8.com/assets/Roboto/ 11 KB
11 KB 14ms
14ms Font
font/woff2 212.102.56.166
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://img.y8.com/assets/Roboto/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ-d9275135124c4b8b42b4d1dc397e3721b36a7489009a740d535eae07718bd0d6.woff2

Requested by

Host: img.y8.com
URL: https://img.y8.com/assets/y8.com/packs/defer-117e9d5f20f39a82fc88648f362508b6222511ef92a6f9d44ce7585d9f04631a.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

212.102.56.166 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

283200969.fra.cdn77.com

Software

CDN77-Turbo /

Resource Hash

0f53e8b0a717ca4ce313eec62b90d41db62c2f4946259a65c93bf8e84c5b0c44

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://img.y8.com/assets/y8.com/packs/defer-117e9d5f20f39a82fc88648f362508b6222511ef92a6f9d44ce7585d9f04631a.css
Origin: https://th.y8.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 29 Sep 2023 10:58:12 GMT
strict-transport-security: max-age=15552000
x-age-lb: 60, 1204839
x-77-cache: HIT
x-accel-date: 1694780253
content-length: 11040
x-77-nzt: A9RmOKWdIsH/Z2ISANRmOJyKhkj/PAAAAI/0Ot06jXn/BQAAAA
x-accel-expires: @1726316252
x-77-age: 1204839
x-cache-lb: HIT, HIT
last-modified: Fri, 18 Aug 2023 12:13:49 GMT
server: CDN77-Turbo
etag: "64df607d-2b20"
x-77-nzt-ray: c94de1100c7f08c7c4ad1665af59c412
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=172800
accept-ranges: bytes
expires: Sun, 20 Aug 2023 12:17:18 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ-a99ad93b4199b8adf117cde98a8ac35e90d0af149a03c63b53bb35ecaa8ed8b7.woff2
img.y8.com/assets/Roboto/ 11 KB
11 KB 15ms
14ms Font
font/woff2 212.102.56.166
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://img.y8.com/assets/Roboto/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ-a99ad93b4199b8adf117cde98a8ac35e90d0af149a03c63b53bb35ecaa8ed8b7.woff2

Requested by

Host: img.y8.com
URL: https://img.y8.com/assets/y8.com/packs/defer-117e9d5f20f39a82fc88648f362508b6222511ef92a6f9d44ce7585d9f04631a.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

212.102.56.166 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

283200969.fra.cdn77.com

Software

CDN77-Turbo /

Resource Hash

bce2f309470952b7affa62ff4d91b454334c68cefa541429b502904d20696875

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://img.y8.com/assets/y8.com/packs/defer-117e9d5f20f39a82fc88648f362508b6222511ef92a6f9d44ce7585d9f04631a.css
Origin: https://th.y8.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 29 Sep 2023 10:58:12 GMT
strict-transport-security: max-age=15552000
x-age-lb: 61, 1204839
x-77-cache: HIT
x-accel-date: 1694780253
content-length: 11072
x-77-nzt: A9RmOKU8kmD/Z2ISANRmOBEVcsn/PQAAAI/0OpX6vNn/BAAAAA
x-accel-expires: @1726316252
x-77-age: 1204839
x-cache-lb: HIT, HIT
last-modified: Fri, 18 Aug 2023 12:13:49 GMT
server: CDN77-Turbo
etag: "64df607d-2b40"
x-77-nzt-ray: c94de1100c7f08c7c4ad1665ae5d3113
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=172800
accept-ranges: bytes
expires: Sun, 20 Aug 2023 12:17:18 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg-a69138ffd0f0223793b2c2ade4f531bb653668af83686b9f0620d66bc9e543a7.woff2
img.y8.com/assets/Roboto/ 11 KB
11 KB 15ms
14ms Font
font/woff2 212.102.56.166
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://img.y8.com/assets/Roboto/KFOmCnqEu92Fr1Mu4mxKKTU1Kg-a69138ffd0f0223793b2c2ade4f531bb653668af83686b9f0620d66bc9e543a7.woff2

Requested by

Host: img.y8.com
URL: https://img.y8.com/assets/y8.com/packs/defer-117e9d5f20f39a82fc88648f362508b6222511ef92a6f9d44ce7585d9f04631a.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

212.102.56.166 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

283200969.fra.cdn77.com

Software

CDN77-Turbo /

Resource Hash

796de064b8d80eba7ccacb8ba67d77fdbcdf4b385c844645d452c24537b3108f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://img.y8.com/assets/y8.com/packs/defer-117e9d5f20f39a82fc88648f362508b6222511ef92a6f9d44ce7585d9f04631a.css
Origin: https://th.y8.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 29 Sep 2023 10:58:12 GMT
strict-transport-security: max-age=15552000
x-age-lb: 61, 1204839
x-77-cache: HIT
x-accel-date: 1694780253
content-length: 11028
x-77-nzt: A9RmOKXzar7/Z2ISANRmOJmT4kv/PQAAAI/0OpUhA4L/BAAAAA
x-accel-expires: @1726316252
x-77-age: 1204839
x-cache-lb: HIT, HIT
last-modified: Fri, 18 Aug 2023 12:13:49 GMT
server: CDN77-Turbo
etag: "64df607d-2b14"
x-77-nzt-ray: c94de1100c7f08c7c4ad1665d3c43413
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=172800
accept-ranges: bytes
expires: Sun, 20 Aug 2023 12:17:18 GMT

GET
H2 200 XRXI3I6Li01BKofiOc5wtlZ2di8HDDsmdTQ3j6zbXWjgeg-d1bc99418e071a7b8049643660e7ee0e89ed7a67b58146a2bb915f4825c0d85e.woff2
img.y8.com/assets/Nunito/ 14 KB
14 KB 14ms
14ms Font
font/woff2 212.102.56.166
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://img.y8.com/assets/Nunito/XRXI3I6Li01BKofiOc5wtlZ2di8HDDsmdTQ3j6zbXWjgeg-d1bc99418e071a7b8049643660e7ee0e89ed7a67b58146a2bb915f4825c0d85e.woff2

Requested by

Host: img.y8.com
URL: https://img.y8.com/assets/y8.com/packs/defer-117e9d5f20f39a82fc88648f362508b6222511ef92a6f9d44ce7585d9f04631a.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

212.102.56.166 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

283200969.fra.cdn77.com

Software

CDN77-Turbo /

Resource Hash

de6291f2a74e6d83189a6259386f6872b0599e88daa1857644bc995204fa1580

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://img.y8.com/assets/y8.com/packs/defer-117e9d5f20f39a82fc88648f362508b6222511ef92a6f9d44ce7585d9f04631a.css
Origin: https://th.y8.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 29 Sep 2023 10:58:12 GMT
strict-transport-security: max-age=15552000
x-age-lb: 101, 1204299
x-77-cache: HIT
x-accel-date: 1694780793
content-length: 14164
x-77-nzt: A9RmOKX/h0P/S2ASANRmOBFVimD/ZQAAAI/0OthbFKb/BAAAAA
x-accel-expires: @1726316782
x-77-age: 1204299
x-cache-lb: HIT, HIT
last-modified: Mon, 28 Aug 2023 12:23:24 GMT
server: CDN77-Turbo
etag: "64ec91bc-3754"
x-77-nzt-ray: c94de1100c7f08c7c4ad1665f28b6b13
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=172800
accept-ranges: bytes
expires: Wed, 30 Aug 2023 12:26:13 GMT

GET
H2 200 122-b48441a9c36003cd58b4.chunk.js Show response
img.y8.com/packs/js/ 87 KB
27 KB 12ms
12ms Script
application/javascript 212.102.56.166
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://img.y8.com/packs/js/122-b48441a9c36003cd58b4.chunk.js

Requested by

Host: img.y8.com
URL: https://img.y8.com/packs/js/y8/application-7079b07e4d7e82813054.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

212.102.56.166 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

283200969.fra.cdn77.com

Software

CDN77-Turbo /

Resource Hash

ccab2c75261455e949949247917a53dbb053e5ea1f9fac4af2496c6546f74fa6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://th.y8.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 29 Sep 2023 10:58:12 GMT
strict-transport-security: max-age=15552000
content-encoding: gzip
x-age-lb: 5, 184403
x-77-cache: HIT
x-accel-date: 1695800689
x-77-nzt: A9RmOKXC9ZH/U9ACAJySIS6Gre7/BQAAAI/0Ot13mZKh
x-accel-expires: @1727336684
x-77-age: 184408
x-cache-lb: HIT, HIT
last-modified: Wed, 27 Sep 2023 07:26:48 GMT
server: CDN77-Turbo
etag: W/"6513d938-15b59"
x-77-nzt-ray: c94de1100985a0c7c4ad16651f3a6b15
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
origin-agent-cluster: ?0
cache-control: max-age=31536000, public
expires: Thu, 26 Sep 2024 07:44:44 GMT

GET
H2 200 123-d9c69f689d72f08d42bf.chunk.js Show response
img.y8.com/packs/js/ 82 B
621 B 13ms
13ms Script
application/javascript 212.102.56.166
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://img.y8.com/packs/js/123-d9c69f689d72f08d42bf.chunk.js

Requested by

Host: img.y8.com
URL: https://img.y8.com/packs/js/y8/application-7079b07e4d7e82813054.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

212.102.56.166 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

283200969.fra.cdn77.com

Software

CDN77-Turbo /

Resource Hash

875f8c1368931f82a6cc8d0dcdbd11fb3cbe205d7c2227b90332e1b28d3984c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://th.y8.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 29 Sep 2023 10:58:12 GMT
strict-transport-security: max-age=15552000
content-encoding: gzip
x-age-lb: 5, 184403
x-77-cache: HIT
x-accel-date: 1695800689
x-77-nzt: A9RmOKW+t5L/U9ACACUTwitf//v/BQAAAI/0OpWk+KOh
x-accel-expires: @1727336684
x-77-age: 184408
x-cache-lb: HIT, HIT
last-modified: Wed, 27 Sep 2023 07:26:48 GMT
server: CDN77-Turbo
etag: W/"6513d938-52"
x-77-nzt-ray: c94de1100985a0c7c4ad166552e46f15
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
origin-agent-cluster: ?0
cache-control: max-age=31536000, public
expires: Thu, 26 Sep 2024 07:44:44 GMT

GET
H2 200 body_race.js Show response
th.y8.com/games/ 144 B
634 B 172ms
172ms XHR
text/javascript 161.35.246.134
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://th.y8.com/games/body_race.js

Requested by

Host: img.y8.com
URL: https://img.y8.com/packs/js/y8/application-7079b07e4d7e82813054.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.35.246.134 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

c3d73d6bb9cda7ef47493d33d8e3e687d6586d7783cd3c5c1ad542fb52073a61

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://th.y8.com/games/body_race
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 10:58:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15552000
x-permitted-cross-domain-policies: none
x-rll: 1
x-cache: MISS
p3p: CP="ALL DSP COR CURa ADMa DEVa OUR IND COM NAV"
content-length: 145
x-xss-protection: 1; mode=block
x-request-id: 718d575e-f250-4b77-b8c1-596ad1fbee4e
referrer-policy: strict-origin-when-cross-origin
server: nginx
etag: W/"c3d73d6bb9cda7ef47493d33d8e3e687"
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: no-cache
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 / Show response
html5.gamedistribution.com/cc4dc9fdf2494c2dab15ff17678d9602/ Frame 6E0F 6 KB
2 KB 59ms
10ms Document
text/html 2600:9000:211e:a000:5:4275:8dc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://html5.gamedistribution.com/cc4dc9fdf2494c2dab15ff17678d9602/?gd_sdk_referrer_url=https%3A%2F%2Fth.y8.com%2Fgames%2Fbody_race&key=y8&value=default
Requested by: Host: img.y8.com
URL: https://img.y8.com/packs/js/y8/application-7079b07e4d7e82813054.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:a000:5:4275:8dc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.23.1 / Express
Resource Hash: d741f7ebb7582eaaa7b0c709e0b59d93c860785405709dad0a653ad9e195152a

Request headers

Referer: https://th.y8.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
age: 33435
cache-control: public, max-age 3600
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Fri, 29 Sep 2023 05:10:16 GMT
etag: W/"19e4-2NrOvvnET8ng7bRHd2f6XXcLg44"
server: nginx/1.23.1
vary: Accept-Encoding
via: 1.1 c1e2423613b2dcb4230386a2b285734e.cloudfront.net (CloudFront)
x-amz-cf-id: SmR-8DKVJLZObjgMuvo4teRzBXVTgsTfBGjnKNgJaV8T7mBohVlzCA==
x-amz-cf-pop: FRA56-C2
x-cache: Hit from cloudfront
x-powered-by: Express

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 28ms
7ms Script
text/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: th.y8.com
URL: https://th.y8.com/games/body_race

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://th.y8.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 29 Sep 2023 09:51:38 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 3994
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17168
expires: Fri, 29 Sep 2023 11:51:38 GMT

GET
H2 200 parental_filter Show response
th.y8.com/ajax/ 46 B
509 B 113ms
113ms XHR
application/json 161.35.246.134
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://th.y8.com/ajax/parental_filter

Requested by

Host: img.y8.com
URL: https://img.y8.com/packs/js/y8/application-7079b07e4d7e82813054.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.35.246.134 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

ad38c14c5eb1cd62716693e5609e7110f2637a0b921a55818ba8d27b999968dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept: */*
Referer: https://th.y8.com/games/body_race
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 10:58:12 GMT
content-encoding: gzip
strict-transport-security: max-age=15552000
server: nginx
etag: W/"ad38c14c5eb1cd62716693e5609e7110"
x-cache: MISS
content-type: application/json; charset=utf-8
origin-agent-cluster: ?0
x-server-id: 662836
cache-control: max-age=0, private, must-revalidate
accept-ranges: bytes
content-length: 58
x-request-id: 0c7381b0-5432-4b54-9893-af9e776a0104
x-cache-hits: 0

OPTIONS
H2 200 openrtb
adx.adform.net/adx/ Frame 0
0 97ms
30ms Preflight 37.157.6.243
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.243 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://th.y8.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://th.y8.com
access-control-max-age: 86400
allow: POST,OPTIONS
cache-control: no-cache, no-store, must-revalidate, no-transform
date: Fri, 29 Sep 2023 10:58:12 GMT
expires: -1
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
357 B 36ms
12ms XHR
application/json 51.75.86.98
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: img.y8.com
URL: https://img.y8.com/packs/js/ads/gam_prebid-c71fc2162e1d90d8d246.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.75.86.98 , France, ASN16276 (OVH, FR),

Reverse DNS

ip98.ip-51-75-86.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://th.y8.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://th.y8.com
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

POST
H2 204 openrtb Show response
adx.adform.net/adx/ 0
528 B 118ms
56ms XHR
text/plain 37.157.6.243
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: img.y8.com
URL: https://img.y8.com/packs/js/ads/gam_prebid-c71fc2162e1d90d8d246.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.243 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://th.y8.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Fri, 29 Sep 2023 10:58:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://th.y8.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
568 B 29ms
8ms XHR
application/json 18.193.11.140
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=5.8.0&referrer=https%3A%2F%2Fth.y8.com%2Fgames%2Fbody_race&tmax=1300

Requested by

Host: img.y8.com
URL: https://img.y8.com/packs/js/ads/gam_prebid-c71fc2162e1d90d8d246.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.193.11.140 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-193-11-140.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://th.y8.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 29 Sep 2023 10:58:12 GMT
accept-ch: sec-ch-downlink,sec-ch-viewport-width,sec-ch-ua-mobile,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua-full-version,sec-ch-ua,sec-ch-ua-bitness,sec-ch-device-memory,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height,sec-ch-width,user-agent,sec-ch-dpr,sec-ch-ua-platform,sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list
x-auction-status: 5, 5, 5
content-type: application/json; charset=utf-8
access-control-allow-origin: https://th.y8.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 361 B
919 B 73ms
28ms XHR
application/json 185.89.210.153
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: img.y8.com
URL: https://img.y8.com/packs/js/ads/gam_prebid-c71fc2162e1d90d8d246.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4ab3226e538cdebef3922e1a661a69de2a04222103ea11b938f137ff90bdb675

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://th.y8.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 29 Sep 2023 10:58:12 GMT
an-x-request-uuid: 4705c7df-40b8-4dcd-9316-fa9e74af7464
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://th.y8.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 45.141.152.74; 45.141.152.74; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 361
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 arj Show response
adsparc-d.openx.net/w/1.0/ 73 B
374 B 60ms
25ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://adsparc-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fth.y8.com%2Fgames%2Fbody_race&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=3cc67922-5e47-49c7-b1f3-123878527158%2C906244fe-e53a-42f9-987b-29b040142938%2C0638afb5-6b19-4667-a7a4-262f8b9407ff&nocache=1695985092458&aus=728x90%7C300x250%7C300x250&divids=Y8_Top_of_Games%2CY8_Right_of_games_1%2CY8_Right_of_games_2&aucs=%2C%2C&auid=544107570%2C544107571%2C544107572
Requested by: Host: img.y8.com
URL: https://img.y8.com/packs/js/ads/gam_prebid-c71fc2162e1d90d8d246.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4af856e8e680feb00681ef18dcd2bce8a76c12504c5688f0a366b04adabb3090

Request headers

Referer: https://th.y8.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 29 Sep 2023 10:58:12 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: application/json
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://th.y8.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 37 B
548 B 129ms
103ms XHR
application/json 104.18.26.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=516138&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22254a99436c7ab83%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fth.y8.com%2Fgames%2Fbody_race%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A3%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A3%2C%22ren%22%3Afalse%2C%22version%22%3A%225.8.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22269839749c3c7e%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22516138%22%2C%22sid%22%3A%22728x90%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%22279b3e72933c582%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22516139%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%22283f80f0790fefa%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22516140%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%7D%5D%7D
Requested by: Host: img.y8.com
URL: https://img.y8.com/packs/js/ads/gam_prebid-c71fc2162e1d90d8d246.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e546ee5f98863cd756f55863b3c5b0de0420bf360b08b6de889974de08fda3f

Request headers

Referer: https://th.y8.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 29 Sep 2023 10:58:12 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=huAPC975xpGRAMFfv0upr2%2B2rBwRoj3tXfZM%2Fb20%2F6EoJJHIS2sDEXRwC%2FTgdIwQ%2B9IOxu6rejkkw0EvlPz8ce6Rs5Ysw0CqU5cHTYXFh%2B9GwmvbnvUOorXr2CEpG%2BvjigrDUY6z"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://th.y8.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 80e3b5ac0e3030e4-FRA
alt-svc: h3=":443"; ma=86400
content-length: 37
expires: 0

GET
H2 200 hb Show response
ice.360yield.com/ 99 B
311 B 133ms
32ms XHR
application/json 34.249.150.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ice.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%226142881eeb7668d%22%2C%22version%22%3A%227.4.0-JS-6.4.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fth.y8.com%2Fgames%2Fbody_race%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2230a82c17bb53cd9%22%2C%22pid%22%3A22516011%2C%22tid%22%3A%223cc67922-5e47-49c7-b1f3-123878527158%22%2C%22banner%22%3A%7B%7D%7D%5D%7D%7D
Requested by: Host: img.y8.com
URL: https://img.y8.com/packs/js/ads/gam_prebid-c71fc2162e1d90d8d246.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.249.150.14 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-249-150-14.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e1f64c17b4e4672e42045750d6284d69fab98c16a2c5a09c745eddb245f47773

Request headers

Referer: https://th.y8.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://th.y8.com
date: Fri, 29 Sep 2023 10:58:12 GMT
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 99
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 hb Show response
ice.360yield.com/ 99 B
310 B 133ms
33ms XHR
application/json 34.249.150.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ice.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%22624ca8757e183f9%22%2C%22version%22%3A%227.4.0-JS-6.4.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fth.y8.com%2Fgames%2Fbody_race%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2231f1a5c4271932f%22%2C%22pid%22%3A22516012%2C%22tid%22%3A%22906244fe-e53a-42f9-987b-29b040142938%22%2C%22banner%22%3A%7B%7D%7D%5D%7D%7D
Requested by: Host: img.y8.com
URL: https://img.y8.com/packs/js/ads/gam_prebid-c71fc2162e1d90d8d246.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.249.150.14 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-249-150-14.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 5563bdb16d584ac6eac015183efd44a4a9a351d556f09649c024b40b33f5db9a

Request headers

Referer: https://th.y8.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://th.y8.com
date: Fri, 29 Sep 2023 10:58:12 GMT
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 99
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 hb Show response
ice.360yield.com/ 98 B
309 B 133ms
32ms XHR
application/json 34.249.150.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ice.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%22630ef0ec01a1012%22%2C%22version%22%3A%227.4.0-JS-6.4.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fth.y8.com%2Fgames%2Fbody_race%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2232ea74a167fabc%22%2C%22pid%22%3A22516013%2C%22tid%22%3A%220638afb5-6b19-4667-a7a4-262f8b9407ff%22%2C%22banner%22%3A%7B%7D%7D%5D%7D%7D
Requested by: Host: img.y8.com
URL: https://img.y8.com/packs/js/ads/gam_prebid-c71fc2162e1d90d8d246.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.249.150.14 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-249-150-14.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: c4797945f3842000f0189f6f569b1d3ecb39dd144e095dc6dfd15ec50d8be92f

Request headers

Referer: https://th.y8.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://th.y8.com
date: Fri, 29 Sep 2023 10:58:12 GMT
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 98
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 50 B
609 B 66ms
26ms XHR
application/json 185.89.210.153
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: img.y8.com
URL: https://img.y8.com/packs/js/ads/gam_prebid-c71fc2162e1d90d8d246.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

b98d68dfcac900dd387f517a3e8e5d84bc1c3b775222660221c780a73d729fb7

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://th.y8.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 29 Sep 2023 10:58:12 GMT
an-x-request-uuid: 55fb773d-1b47-4729-a9d4-b9b6f8c933c7
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://th.y8.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 45.141.152.74; 45.141.152.74; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 50
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
551 B 155ms
83ms XHR
application/json 89.149.192.193
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: img.y8.com
URL: https://img.y8.com/packs/js/ads/gam_prebid-c71fc2162e1d90d8d246.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 89.149.192.193 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://th.y8.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 29 Sep 2023 10:58:11 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://th.y8.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
551 B 139ms
67ms XHR
application/json 89.149.192.193
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: img.y8.com
URL: https://img.y8.com/packs/js/ads/gam_prebid-c71fc2162e1d90d8d246.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 89.149.192.193 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://th.y8.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 29 Sep 2023 10:58:12 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://th.y8.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
551 B 144ms
73ms XHR
application/json 89.149.192.193
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: img.y8.com
URL: https://img.y8.com/packs/js/ads/gam_prebid-c71fc2162e1d90d8d246.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 89.149.192.193 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://th.y8.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 29 Sep 2023 10:58:12 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://th.y8.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 359 B
917 B 65ms
26ms XHR
application/json 185.89.210.153
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: img.y8.com
URL: https://img.y8.com/packs/js/ads/gam_prebid-c71fc2162e1d90d8d246.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

9e168c0bf87a05baf01d31be651944d9a7f73c5eff9a00029d71668217ac5240

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://th.y8.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 29 Sep 2023 10:58:12 GMT
an-x-request-uuid: ea1e2788-16bf-4661-94fc-2f3f6890a11c
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://th.y8.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 45.141.152.74; 45.141.152.74; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 359
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK hbjson Show response
grid.bidswitch.net/ 24 B
360 B 181ms
62ms XHR
application/json 52.29.101.205
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://grid.bidswitch.net/hbjson
Requested by: Host: img.y8.com
URL: https://img.y8.com/packs/js/ads/gam_prebid-c71fc2162e1d90d8d246.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.101.205 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-101-205.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e28623379e4f0bb90304bea10b50beccf108e9ff26f59d77e212a82f0dd7b25c

Request headers

Referer: https://th.y8.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 29 Sep 2023 10:58:12 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/json
access-control-allow-origin: https://th.y8.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 49

POST v1
dmx.districtm.io/b/ 0
0

POST
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
153 B 376ms
326ms XHR
text/plain 3.64.91.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1
Requested by: Host: img.y8.com
URL: https://img.y8.com/packs/js/ads/gam_prebid-c71fc2162e1d90d8d246.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.64.91.193 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-64-91-193.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://th.y8.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://th.y8.com
date: Fri, 29 Sep 2023 10:58:12 GMT
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin

POST
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
154 B 148ms
98ms XHR
text/plain 3.64.91.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1
Requested by: Host: img.y8.com
URL: https://img.y8.com/packs/js/ads/gam_prebid-c71fc2162e1d90d8d246.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.64.91.193 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-64-91-193.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://th.y8.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://th.y8.com
date: Fri, 29 Sep 2023 10:58:12 GMT
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin

POST
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
153 B 178ms
128ms XHR
text/plain 3.64.91.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1
Requested by: Host: img.y8.com
URL: https://img.y8.com/packs/js/ads/gam_prebid-c71fc2162e1d90d8d246.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.64.91.193 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-64-91-193.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://th.y8.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://th.y8.com
date: Fri, 29 Sep 2023 10:58:12 GMT
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin

POST mvo
tag.1rx.io/rmp/216840/0/ 0
0

GET
H2 200 xd_handler.html Show response
cdn.y8.com/Xd/ Frame 8CC2 11 KB
3 KB 21ms
21ms Document
text/html 156.146.33.2
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.y8.com/Xd/xd_handler.html?version=44&xdm_e=https%3A%2F%2Fth.y8.com&xdm_c=id_xd_api&xdm_p=1
Requested by: Host: cdn.y8.com
URL: https://cdn.y8.com/api/sdk.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 156.146.33.2 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 150299569.fra.cdn77.com
Software: CDN77-Turbo /
Resource Hash: 1529b83e97a9d6e554b467ab277765d4789fb0f606a30a0fef66b6e0d6aa0a60

Request headers

Referer: https://th.y8.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
cache-control: max-age=600
content-encoding: gzip
content-type: text/html
date: Fri, 29 Sep 2023 10:58:12 GMT
etag: W/"6513f3ca-2bb9"
expires: Thu, 28 Sep 2023 06:52:12 GMT
last-modified: Wed, 27 Sep 2023 09:20:10 GMT
origin-agent-cluster: ?0
server: CDN77-Turbo
vary: Accept-Encoding
x-77-age: 8650
x-77-cache: HIT
x-77-nzt: A5ySIQHrhE7eCh8AAJySISNFyvz/ZwAAAI/0Ot0O4NTbWQIAAA
x-77-nzt-ray: b163f508dd3ba45dc4ad1665522efb20
x-77-pop: frankfurtDE
x-accel-date: 1695977146
x-accel-expires: @1695985254
x-age-lb: 103 7946
x-cache-lb: HIT REVALIDATED

GET
H2 200 main.min.js Show response
html5.api.gamedistribution.com/ Frame 6E0F 504 KB
141 KB 55ms
8ms Script
application/javascript 13.224.189.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://html5.api.gamedistribution.com/main.min.js
Requested by: Host: html5.gamedistribution.com
URL: https://html5.gamedistribution.com/cc4dc9fdf2494c2dab15ff17678d9602/?gd_sdk_referrer_url=https%3A%2F%2Fth.y8.com%2Fgames%2Fbody_race&key=y8&value=default
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-55.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2e8532a590128939bb830fc46e7b9db1c8ae6d03b4ea5f4ef47ebe04b81807ef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://html5.gamedistribution.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 10:29:23 GMT
content-encoding: br
via: 1.1 42b60ee17f7593fff72ca1cb725d6c9a.cloudfront.net (CloudFront)
last-modified: Fri, 29 Sep 2023 10:05:10 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
age: 1730
etag: W/"8a9a397d439113e3f903f335006d332b"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: no-cache
x-amz-cf-id: MU3mjsq4K2BfXDc6VCNpJ8Pkj8_B9fdoMwi2p1OmfToyF0Z6pssxFQ==

GET
H2 200 easyXDM.min.js Show response
cdn.y8.com/Xd/ Frame 8CC2 20 KB
8 KB 14ms
14ms Script
application/javascript 156.146.33.2
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.y8.com/Xd/easyXDM.min.js
Requested by: Host: cdn.y8.com
URL: https://cdn.y8.com/Xd/xd_handler.html?version=44&xdm_e=https%3A%2F%2Fth.y8.com&xdm_c=id_xd_api&xdm_p=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 156.146.33.2 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 150299569.fra.cdn77.com
Software: CDN77-Turbo /
Resource Hash: 60ebd7a933099d852716d8da81b6570aad98e77c496fbe5bec623ae73d38d560

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.y8.com/Xd/xd_handler.html?version=44&xdm_e=https%3A%2F%2Fth.y8.com&xdm_c=id_xd_api&xdm_p=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 29 Sep 2023 10:58:12 GMT
content-encoding: gzip
x-age-lb: 0, 261510
x-77-cache: HIT
x-accel-date: 1695723582
x-77-nzt: A5ySIQHi6k7/hv0DANRmOJkZt9n/AAAAAI/0Ot30Uo2h
x-accel-expires: @1696760382
x-77-age: 261510
x-cache-lb: HIT, HIT
last-modified: Wed, 20 Sep 2023 07:27:55 GMT
server: CDN77-Turbo
etag: W/"650a9efb-50e1"
x-77-nzt-ray: b163f508dd3ba45dc4ad1665c8aaf824
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
origin-agent-cluster: ?0

POST
H2 204 matomo.php
matomo.y8.com/ 0
171 B 124ms
124ms Ping
text/plain 104.236.66.218
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://matomo.y8.com/matomo.php?action_name=%E0%B9%80%E0%B8%81%E0%B8%A1%20Body%20Race%20-%20%E0%B9%80%E0%B8%A5%E0%B9%88%E0%B8%99%E0%B8%AD%E0%B8%AD%E0%B8%99%E0%B9%84%E0%B8%A5%E0%B8%99%E0%B9%8C%E0%B8%97%E0%B8%B5%E0%B9%88%20Y8.com&idsite=1&rec=1&r=193588&h=12&m=58&s=12&url=https%3A%2F%2Fth.y8.com%2Fgames%2Fbody_race&_id=87333bab1f9fed6d&_idn=1&send_image=0&_refts=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=FkVvx0&pf_net=110&pf_srv=384&pf_tfr=161&pf_dm1=324&uadata=%7B%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D

Requested by

Host: matomo.y8.com
URL: https://matomo.y8.com/matomo.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.236.66.218 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

matomomysql2.nyc3.y8.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://th.y8.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=utf-8

Response headers

access-control-allow-origin: https://th.y8.com
date: Fri, 29 Sep 2023 10:58:12 GMT
access-control-allow-credentials: true
referrer-policy: origin
server: nginx
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 collect Show response
msgrt.gamedistribution.com/ Frame 6E0F 2 B
152 B 107ms
31ms Fetch
text/plain 54.195.243.149
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://msgrt.gamedistribution.com/collect?tp=com.gdsdk.gdfw.loading&ar=W3siZ21pZCI6ImNjNGRjOWZkZjI0OTRjMmRhYjE1ZmYxNzY3OGQ5NjAyIiwidGRtbiI6InRoLnk4LmNvbSIsImRvbW4iOiJ0aC55OC5jb20iLCJyZnJyIjoiaHR0cHM6Ly90aC55OC5jb20vZ2FtZXMvYm9keV9yYWNlIiwibHRociI6MTIsImRwdGgiOjEsInZlcnMiOiIxLjM1LjE4IiwidHJhYyI6ZmFsc2UsIndobGIiOmZhbHNlLCJwbGF0IjoiIiwidHBjdCI6MSwiYXJncyI6eyJtZXNzYWdlIjoibG9hZGluZyJ9LCJ0dGxlIjoiQm9keSBSYWNlIiwic2l6ZSI6IjQ0OCB4IDc2OCIsImJybm0iOiJDaHJvbWUiLCJicm1qIjoiMTE3Iiwib3NubSI6IldpbmRvd3MiLCJvc3ZyIjoiMTAiLCJieWxkIjpmYWxzZSwiaW1ndSI6dHJ1ZSwiaWVndSI6dHJ1ZSwiaXRndSI6ZmFsc2UsImNtcGUiOmZhbHNlLCJob3N0IjoiaHRtbDUuZ2FtZWRpc3RyaWJ1dGlvbi5jb20ifV0%3D&ts=1695985092699
Requested by: Host: html5.api.gamedistribution.com
URL: https://html5.api.gamedistribution.com/main.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.195.243.149 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-195-243-149.eu-west-1.compute.amazonaws.com
Software: / Express
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://html5.gamedistribution.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 29 Sep 2023 10:58:12 GMT
x-powered-by: Express
content-length: 2
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
content-type: text/plain; charset=utf-8

GET
H2 200 / Show response
game.api.gamedistribution.com/game/v4/get/cc4dc9fdf2494c2dab15ff17678d9602/ Frame 6E0F 4 KB
4 KB 112ms
30ms Fetch
application/json 63.35.62.205
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://game.api.gamedistribution.com/game/v4/get/cc4dc9fdf2494c2dab15ff17678d9602/?domain=th.y8.com&v=1.35.18&localTime=12
Requested by: Host: html5.api.gamedistribution.com
URL: https://html5.api.gamedistribution.com/main.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.35.62.205 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-35-62-205.eu-west-1.compute.amazonaws.com
Software: / Express
Resource Hash: 53758b07ac5f200ab72564fde8da33febffc18399e83d057e8bfa92e5d4b819e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://html5.gamedistribution.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 29 Sep 2023 10:58:12 GMT
cache-control: private, max-age 3600
x-powered-by: Express
content-length: 3692
etag: W/"e6c-ePJSnFYWXL+v5TUT+vFC5DFNe60"
content-type: application/json; charset=utf-8

GET
H2 200 collect Show response
msgrt.gamedistribution.com/ Frame 6E0F 2 B
153 B 103ms
28ms Fetch
text/plain 54.195.243.149
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://msgrt.gamedistribution.com/collect?tp=com.gdsdk.gdfw.loading&ar=W3siZ21pZCI6ImNjNGRjOWZkZjI0OTRjMmRhYjE1ZmYxNzY3OGQ5NjAyIiwidGRtbiI6InRoLnk4LmNvbSIsImRvbW4iOiJ0aC55OC5jb20iLCJyZnJyIjoiaHR0cHM6Ly90aC55OC5jb20vZ2FtZXMvYm9keV9yYWNlIiwibHRociI6MTIsImRwdGgiOjEsInZlcnMiOiIxLjM1LjE4IiwidHJhYyI6ZmFsc2UsIndobGIiOmZhbHNlLCJwbGF0IjoiIiwidHBjdCI6MiwiYXJncyI6eyJtZXNzYWdlIjoibG9hZGluZyJ9LCJ0dGxlIjoiQm9keSBSYWNlIiwic2l6ZSI6IjQ0OCB4IDc2OCIsImJybm0iOiJDaHJvbWUiLCJicm1qIjoiMTE3Iiwib3NubSI6IldpbmRvd3MiLCJvc3ZyIjoiMTAiLCJieWxkIjpmYWxzZSwiaW1ndSI6dHJ1ZSwiaWVndSI6dHJ1ZSwiaXRndSI6ZmFsc2UsImNtcGUiOmZhbHNlLCJob3N0IjoiaHRtbDUuZ2FtZWRpc3RyaWJ1dGlvbi5jb20ifV0%3D&ts=1695985092701
Requested by: Host: html5.api.gamedistribution.com
URL: https://html5.api.gamedistribution.com/main.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.195.243.149 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-195-243-149.eu-west-1.compute.amazonaws.com
Software: / Express
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://html5.gamedistribution.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 29 Sep 2023 10:58:12 GMT
x-powered-by: Express
content-length: 2
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
content-type: text/plain; charset=utf-8

GET
H2 200 / Show response
game.api.gamedistribution.com/game/v4/get/cc4dc9fdf2494c2dab15ff17678d9602/ Frame 6E0F 4 KB
4 KB 112ms
31ms Fetch
application/json 63.35.62.205
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://game.api.gamedistribution.com/game/v4/get/cc4dc9fdf2494c2dab15ff17678d9602/?domain=th.y8.com&v=1.35.18&localTime=12
Requested by: Host: html5.api.gamedistribution.com
URL: https://html5.api.gamedistribution.com/main.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.35.62.205 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-35-62-205.eu-west-1.compute.amazonaws.com
Software: / Express
Resource Hash: 6fd2704a1320ce483619514a03eb39ec3d6e2e4e6e1746b69703d465e4190c1b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://html5.gamedistribution.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 29 Sep 2023 10:58:12 GMT
cache-control: private, max-age 3600
x-powered-by: Express
content-length: 3691
etag: W/"e6b-+kNKbbCNmoBFm8NsGoiEJuiNE7E"
content-type: application/json; charset=utf-8

POST
H2 200 v1 Show response
playtomic.y8.com/ 139 B
254 B 259ms
26ms XHR
application/json 146.190.225.138
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://playtomic.y8.com/v1?hash=ba16d6454e2d1c43216d
Requested by: Host: cdn.y8.com
URL: https://cdn.y8.com/api/sdk.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 146.190.225.138 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: playtomicfront1.ams3.y8.net
Software: nginx / Express
Resource Hash: 039d1b140d8e27c3292c9564a1733e22cce13859085ed81ecf4df3032939df93

Request headers

Referer: https://th.y8.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 29 Sep 2023 10:58:12 GMT
content-encoding: gzip
server: nginx
x-powered-by: Express
content-type: application/json

GET
H2 200 protection-lists Show response
account.y8.com/api/v1/json/ Frame 8CC2 2 KB
1 KB 62ms
20ms XHR
application/json 188.166.66.250
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://account.y8.com/api/v1/json/protection-lists

Requested by

Host: cdn.y8.com
URL: https://cdn.y8.com/Xd/xd_handler.html?version=44&xdm_e=https%3A%2F%2Fth.y8.com&xdm_c=id_xd_api&xdm_p=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

188.166.66.250 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

web2.ams3.y8.net

Software

nginx /

Resource Hash

82e0a67626f4c9b7fa877c1e8d11097540a67f0dfa1f6613735b235713cbcecc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cdn.y8.com/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 29 Sep 2023 10:58:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-xss-protection: 1; mode=block
x-request-id: 9e46a0d2-00c7-41fc-9c77-b46c323a4776
x-runtime: 0.001984
referrer-policy: strict-origin-when-cross-origin
server: nginx
etag: W/"82e0a67626f4c9b7fa877c1e8d110975"
x-download-options: noopen
access-control-max-age: 7200
access-control-allow-methods: GET, HEAD, POST, PUT, PATCH, DELETE, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://cdn.y8.com
origin-agent-cluster: ?0
access-control-expose-headers
x-frame-options: SAMEORIGIN
access-control-allow-credentials: true
cache-control: max-age=0, private, must-revalidate
vary: Origin

OPTIONS
H2 200 protection-lists
account.y8.com/api/v1/json/ Frame 0
0 80ms
18ms Preflight 188.166.66.250
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://account.y8.com/api/v1/json/protection-lists
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 188.166.66.250 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: web2.ams3.y8.net
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-requested-with
Access-Control-Request-Method: GET
Origin: https://cdn.y8.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: x-requested-with
access-control-allow-methods: GET, HEAD, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin: https://cdn.y8.com
access-control-expose-headers
access-control-max-age: 7200
date: Fri, 29 Sep 2023 10:58:12 GMT
origin-agent-cluster: ?0
server: nginx

GET
H2 200 4fbb62b133968d57c10041b0 Show response
account.y8.com/api/v1/json/client_options/ Frame 8CC2 355 B
860 B 63ms
21ms XHR
application/json 188.166.66.250
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://account.y8.com/api/v1/json/client_options/4fbb62b133968d57c10041b0

Requested by

Host: cdn.y8.com
URL: https://cdn.y8.com/Xd/xd_handler.html?version=44&xdm_e=https%3A%2F%2Fth.y8.com&xdm_c=id_xd_api&xdm_p=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

188.166.66.250 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

web2.ams3.y8.net

Software

nginx /

Resource Hash

a3f37957c55a4e5d4e899ebcfed88c68e4129a0ee9320ea6d538d3164cdac555

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cdn.y8.com/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 29 Sep 2023 10:58:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-xss-protection: 1; mode=block
x-request-id: d0e23e2e-8737-4d19-8653-eec41eaf4eda
x-runtime: 0.002136
referrer-policy: strict-origin-when-cross-origin
server: nginx
etag: W/"a3f37957c55a4e5d4e899ebcfed88c68"
x-download-options: noopen
access-control-max-age: 7200
access-control-allow-methods: GET, HEAD, POST, PUT, PATCH, DELETE, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://cdn.y8.com
origin-agent-cluster: ?0
access-control-expose-headers
x-frame-options: SAMEORIGIN
access-control-allow-credentials: true
cache-control: max-age=3600, private
vary: Origin

OPTIONS
H2 200 4fbb62b133968d57c10041b0
account.y8.com/api/v1/json/client_options/ Frame 0
0 80ms
18ms Preflight 188.166.66.250
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://account.y8.com/api/v1/json/client_options/4fbb62b133968d57c10041b0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 188.166.66.250 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: web2.ams3.y8.net
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-requested-with
Access-Control-Request-Method: GET
Origin: https://cdn.y8.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: x-requested-with
access-control-allow-methods: GET, HEAD, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin: https://cdn.y8.com
access-control-expose-headers
access-control-max-age: 7200
date: Fri, 29 Sep 2023 10:58:12 GMT
origin-agent-cluster: ?0
server: nginx

GET
H2 200 collect Show response
msgrt.gamedistribution.com/ Frame 6E0F 2 B
152 B 28ms
28ms Fetch
text/plain 54.195.243.149
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://msgrt.gamedistribution.com/collect?tp=com.gdsdk.gdfw.success&ar=W3siZ21pZCI6ImNjNGRjOWZkZjI0OTRjMmRhYjE1ZmYxNzY3OGQ5NjAyIiwidGRtbiI6InRoLnk4LmNvbSIsImRvbW4iOiJ0aC55OC5jb20iLCJyZnJyIjoiaHR0cHM6Ly90aC55OC5jb20vZ2FtZXMvYm9keV9yYWNlIiwibHRociI6MTIsImRwdGgiOjEsInZlcnMiOiIxLjM1LjE4IiwidHJhYyI6ZmFsc2UsIndobGIiOmZhbHNlLCJwbGF0IjoiIiwidHBjdCI6MSwiYXJncyI6eyJtZXNzYWdlIjoic3VjY2VzcyJ9LCJ0dGxlIjoiQm9keSBSYWNlIiwic2l6ZSI6IjQ0OCB4IDc2OCIsImJybm0iOiJDaHJvbWUiLCJicm1qIjoiMTE3Iiwib3NubSI6IldpbmRvd3MiLCJvc3ZyIjoiMTAiLCJieWxkIjpmYWxzZSwiaW1ndSI6dHJ1ZSwiaWVndSI6dHJ1ZSwiaXRndSI6ZmFsc2UsImNtcGUiOmZhbHNlLCJob3N0IjoiaHRtbDUuZ2FtZWRpc3RyaWJ1dGlvbi5jb20ifV0%3D&ts=1695985092815
Requested by: Host: html5.api.gamedistribution.com
URL: https://html5.api.gamedistribution.com/main.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.195.243.149 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-195-243-149.eu-west-1.compute.amazonaws.com
Software: / Express
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://html5.gamedistribution.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 29 Sep 2023 10:58:12 GMT
x-powered-by: Express
content-length: 2
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
content-type: text/plain; charset=utf-8

GET
H2 200 collect Show response
msgrt.gamedistribution.com/ Frame 6E0F 2 B
152 B 28ms
28ms Fetch
text/plain 54.195.243.149
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://msgrt.gamedistribution.com/collect?tp=com.gdsdk.gdfw.success&ar=W3siZ21pZCI6ImNjNGRjOWZkZjI0OTRjMmRhYjE1ZmYxNzY3OGQ5NjAyIiwidGRtbiI6InRoLnk4LmNvbSIsImRvbW4iOiJ0aC55OC5jb20iLCJyZnJyIjoiaHR0cHM6Ly90aC55OC5jb20vZ2FtZXMvYm9keV9yYWNlIiwibHRociI6MTIsImRwdGgiOjEsInZlcnMiOiIxLjM1LjE4IiwidHJhYyI6ZmFsc2UsIndobGIiOmZhbHNlLCJwbGF0IjoiIiwidHBjdCI6MiwiYXJncyI6eyJtZXNzYWdlIjoic3VjY2VzcyJ9LCJ0dGxlIjoiQm9keSBSYWNlIiwic2l6ZSI6IjQ0OCB4IDc2OCIsImJybm0iOiJDaHJvbWUiLCJicm1qIjoiMTE3Iiwib3NubSI6IldpbmRvd3MiLCJvc3ZyIjoiMTAiLCJieWxkIjpmYWxzZSwiaW1ndSI6dHJ1ZSwiaWVndSI6dHJ1ZSwiaXRndSI6ZmFsc2UsImNtcGUiOmZhbHNlLCJob3N0IjoiaHRtbDUuZ2FtZWRpc3RyaWJ1dGlvbi5jb20ifV0%3D&ts=1695985092818
Requested by: Host: html5.api.gamedistribution.com
URL: https://html5.api.gamedistribution.com/main.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.195.243.149 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-195-243-149.eu-west-1.compute.amazonaws.com
Software: / Express
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://html5.gamedistribution.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 29 Sep 2023 10:58:12 GMT
x-powered-by: Express
content-length: 2
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
content-type: text/plain; charset=utf-8

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 63 KB
14 KB 443ms
442ms Fetch
text/plain 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=79172713210901&correlator=2759109167323410&eid=31077098%2C31078219%2C44798599&output=ldjh&gdfp_req=1&vrg=202309250101&ptt=17&impl=fifs&iu_parts=83578953%2CY8_Top_of_Games%2CY8_Right_of_games_1%2CY8_Right_of_games_2&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3&prev_iu_szs=728x90%7C468x60%2C300x250%7C250x250%2C300x250%7C250x250&ifi=1&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1695985092854&lmt=1695977892&adxs=266%2C1086%2C1086&adys=102%2C122%2C122&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0&ucis=1%7C2%7C3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fth.y8.com%2Fgames%2Fbody_race&vis=1&psz=852x1183%7C320x40%7C320x40&msz=852x110%7C300x0%7C300x0&fws=4%2C4%2C4&ohw=852%2C320%2C320&ga_vid=1881825116.1695985093&ga_sid=1695985093&ga_hid=85884636&ga_fc=true&ga_wpids=UA-18828733-1&dlt=1695985091897&idt=534&prev_scp=y8%3Ddefault%7Cy8%3Ddefault%7Cy8%3Ddefault&adks=1665130910%2C388789358%2C522691692&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309250101/pubads_impl.js?cb=31078219

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c6035519a214694afe0442a525be3635b355cbe71584d76e10eb2fa267324483

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://th.y8.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 10:58:13 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14746
x-xss-protection: 0
google-lineitem-id: -2,-1,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,-1,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://th.y8.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 56ms
55ms XHR
application/json 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202309250101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309250101/pubads_impl.js?cb=31078219

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5661c8b72895f7dfd971211a7cacec7159351907086bdac675e73be505aa830d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://th.y8.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 10:58:12 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12099
x-xss-protection: 0

GET
H2 200 container.html Show response
e9ffdf102aaa25794a78949e864234b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A13D 6 KB
3 KB 50ms
15ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e9ffdf102aaa25794a78949e864234b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309250101/pubads_impl.js?cb=31078219

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://th.y8.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 29 Sep 2023 10:58:12 GMT
expires: Sat, 28 Sep 2024 10:58:12 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 81ms
61ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309250101/pubads_impl.js?cb=31078219

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://th.y8.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 10:58:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 29 Sep 2023 10:58:12 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B933 13 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://th.y8.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 3939
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 29 Sep 2023 09:52:34 GMT
expires: Sat, 28 Sep 2024 09:52:34 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 5EFA 829 B
1 KB 38ms
16ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

0bb67f1c064e9c2125f46cfbd3b708c653118d72991f324e95142580b3e7b40f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-nA3uM626-PogsRwmhkrtjQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://th.y8.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-nA3uM626-PogsRwmhkrtjQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 29 Sep 2023 10:58:13 GMT
expires: Fri, 29 Sep 2023 10:58:13 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 gamemonkey-sdk.js Show response
cdn.gamemonkey.org/gamemonkey-sdk-javascript/5.1.1/script/ Frame 6E0F 52 KB
12 KB 56ms
6ms Script
application/javascript 99.86.4.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.gamemonkey.org/gamemonkey-sdk-javascript/5.1.1/script/gamemonkey-sdk.js
Requested by: Host: html5.api.gamedistribution.com
URL: https://html5.api.gamedistribution.com/main.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-47.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d4f31876d3647b02707b37456236cecc3c652b935f3252233e349b8c62cffc2e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://html5.gamedistribution.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 08:40:35 GMT
content-encoding: br
via: 1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
last-modified: Thu, 28 Sep 2023 08:39:34 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 8259
x-amz-server-side-encryption: AES256
etag: W/"30db6b18ce39a9e3bfcc24a0863d69e9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: hRoHjfNUghSBGMCcu_WI5hS6iOjeITzZ6AUf5P8UJJteadMrr-pUYw==

GET
H2 200 dmp
tag.atom.gamedistribution.com/v1/ Frame 6E0F 0
0 41ms
30ms Fetch 63.35.62.205
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.atom.gamedistribution.com/v1/dmp?ar=eyJ0cCI6ImdkLmxvY2F0aW9uIiwiY3QiOjAsInZycyI6IjEuMzUuMTgiLCJ1cmwiOiJodHRwczovL3RoLnk4LmNvbS9nYW1lcy9ib2R5X3JhY2UiLCJyZnIiOiJodHRwczovL3RoLnk4LmNvbS8iLCJ0ZG1uIjoidGgueTguY29tIiwiZHB0aCI6MCwiYXJncyI6eyJnaWQiOiJib2R5LXJhY2Utb25saW5lIiwibWQ1IjoiY2M0ZGM5ZmRmMjQ5NGMyZGFiMTVmZjE3Njc4ZDk2MDIiLCJwaWQiOjAsInBubSI6IldlYiBFbnRlcnRhaW5tZW50IExpbWl0ZWQiLCJjdHJ5IjoiREUiLCJsY2wiOiJlbiIsImhsZSI6MSwiYWRzIjoxLCJocmVmIjoiaHR0cHM6Ly9odG1sNS5nYW1lZGlzdHJpYnV0aW9uLmNvbS9jYzRkYzlmZGYyNDk0YzJkYWIxNWZmMTc2NzhkOTYwMi8%2FZ2Rfc2RrX3JlZmVycmVyX3VybD1odHRwcyUzQSUyRiUyRnRoLnk4LmNvbSUyRmdhbWVzJTJGYm9keV9yYWNlJmtleT15OCZ2YWx1ZT1kZWZhdWx0IiwiZGVwdGgiOnsidmFsdWUiOjF9LCJ0b3AiOnsiZG9tYWluIjp7ImZyb20iOiJvcmlnaW5zIiwidmFsdWUiOiJ0aC55OC5jb20ifX0sInBhcnRuZXIiOnsiZG9tYWluIjp7InZhbHVlIjoidGgueTguY29tIiwiZnJvbSI6InBhcnRuZXItdXJsIn0sInVybCI6eyJ2YWx1ZSI6Imh0dHBzOi8vdGgueTguY29tL2dhbWVzL2JvZHlfcmFjZSIsImZyb20iOiJwYXJ0bmVyLXVybCJ9fX0sInVhIjp7ImJybm0iOiJDaHJvbWUiLCJicnZzIjoiMTE3LjAuNTkzOC4xMzIiLCJvc25tIjoiV2luZG93cyIsIm9zdnMiOiIxMCIsInciOjQ0OCwiaCI6NzY4fX0%3D

Requested by

Host: html5.api.gamedistribution.com
URL: https://html5.api.gamedistribution.com/main.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

63.35.62.205 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-63-35-62-205.eu-west-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://html5.gamedistribution.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 10:58:13 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
referrer-policy: no-referrer
x-permitted-cross-domain-policies: none
expect-ct: max-age=0
x-dns-prefetch-control: off
x-frame-options: SAMEORIGIN
x-download-options: noopen
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: no-store, no-cache, private
content-length: 0
x-xss-protection: 0

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 6E0F 145 KB
50 KB 98ms
97ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: html5.api.gamedistribution.com
URL: https://html5.api.gamedistribution.com/main.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

81faa66c3fc13e0e6aac5dc886c5afe58c54402da0d7942a845f5ed46e86384f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://html5.gamedistribution.com/
Origin: https://html5.gamedistribution.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 10:58:13 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50817
x-xss-protection: 0
server: cafe
etag: 14119017664207255872
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 29 Sep 2023 10:58:13 GMT

GET
H2 200 event
ana.headerlift.com/ Frame 6E0F 0
0 70ms
42ms Fetch 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ana.headerlift.com/event?page_url=th.y8.com&game_id=cc4dc9fdf2494c2dab15ff17678d9602&eventtype=2&ts=1695985093022
Requested by: Host: html5.api.gamedistribution.com
URL: https://html5.api.gamedistribution.com/main.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://html5.gamedistribution.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Sep 2023 10:58:13 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-allow-methods: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GdUUqi1pVeSVZmWY5SASPRGUAytmNBag5izWqW1%2FZeOKaXVMIa2Tha3RW06rkGH4r6LjDBLF%2F5gMMDjKqvSwGeItv%2FhXjhmEEDW1Wvu7yTiBtMUgO%2Fmh8FZ8MxfMvDBoAAdWotkWyeRuD%2FtPr%2F9KhqQ%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://html5.gamedistribution.com
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 80e3b5af9f551976-FRA
access-control-allow-headers: *
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H2 200 dmp
tag.atom.gamedistribution.com/v1/ Frame 6E0F 0
0 42ms
34ms Fetch 63.35.62.205
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.atom.gamedistribution.com/v1/dmp?ar=eyJ0cCI6ImhsLmdhbWVsb2FkIiwiY3QiOjAsInZycyI6IjEuMzUuMTgiLCJ1cmwiOiJodHRwczovL3RoLnk4LmNvbS9nYW1lcy9ib2R5X3JhY2UiLCJyZnIiOiJodHRwczovL3RoLnk4LmNvbS8iLCJ0ZG1uIjoidGgueTguY29tIiwiZHB0aCI6MCwiYXJncyI6eyJnaWQiOiJib2R5LXJhY2Utb25saW5lIiwibWQ1IjoiY2M0ZGM5ZmRmMjQ5NGMyZGFiMTVmZjE3Njc4ZDk2MDIiLCJwaWQiOjAsInBubSI6IldlYiBFbnRlcnRhaW5tZW50IExpbWl0ZWQiLCJjdHJ5IjoiREUiLCJsY2wiOiJlbiIsImhsZSI6MSwiYWRzIjoxLCJhcmdzIjp7InBhZ2VfdXJsIjoidGgueTguY29tIiwiZ2FtZV9pZCI6ImNjNGRjOWZkZjI0OTRjMmRhYjE1ZmYxNzY3OGQ5NjAyIiwiZXZlbnR0eXBlIjoyLCJ0cyI6MTY5NTk4NTA5MzAyMn0sImhyZWYiOiJodHRwczovL2h0bWw1LmdhbWVkaXN0cmlidXRpb24uY29tL2NjNGRjOWZkZjI0OTRjMmRhYjE1ZmYxNzY3OGQ5NjAyLz9nZF9zZGtfcmVmZXJyZXJfdXJsPWh0dHBzJTNBJTJGJTJGdGgueTguY29tJTJGZ2FtZXMlMkZib2R5X3JhY2Uma2V5PXk4JnZhbHVlPWRlZmF1bHQiLCJkZXB0aCI6eyJ2YWx1ZSI6MX0sInRvcCI6eyJkb21haW4iOnsiZnJvbSI6Im9yaWdpbnMiLCJ2YWx1ZSI6InRoLnk4LmNvbSJ9fSwicGFydG5lciI6eyJkb21haW4iOnsidmFsdWUiOiJ0aC55OC5jb20iLCJmcm9tIjoicGFydG5lci11cmwifSwidXJsIjp7InZhbHVlIjoiaHR0cHM6Ly90aC55OC5jb20vZ2FtZXMvYm9keV9yYWNlIiwiZnJvbSI6InBhcnRuZXItdXJsIn19LCJwYWdlX3VybCI6InRoLnk4LmNvbSIsImdhbWVfaWQiOiJjYzRkYzlmZGYyNDk0YzJkYWIxNWZmMTc2NzhkOTYwMiIsImV2ZW50dHlwZSI6MiwidHMiOjE2OTU5ODUwOTMwMjJ9LCJ1YSI6eyJicm5tIjoiQ2hyb21lIiwiYnJ2cyI6IjExNy4wLjU5MzguMTMyIiwib3NubSI6IldpbmRvd3MiLCJvc3ZzIjoiMTAiLCJ3Ijo0NDgsImgiOjc2OH19

Requested by

Host: html5.api.gamedistribution.com
URL: https://html5.api.gamedistribution.com/main.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

63.35.62.205 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-63-35-62-205.eu-west-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://html5.gamedistribution.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 10:58:13 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
referrer-policy: no-referrer
x-permitted-cross-domain-policies: none
expect-ct: max-age=0
x-dns-prefetch-control: off
x-frame-options: SAMEORIGIN
x-download-options: noopen
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: no-store, no-cache, private
content-length: 0
x-xss-protection: 0

GET
H2 200 dmp
tag.atom.gamedistribution.com/v1/ Frame 6E0F 0
0 43ms
35ms Fetch 63.35.62.205
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.atom.gamedistribution.com/v1/dmp?ar=eyJ0cCI6ImhsLmNvbmZpZyIsImN0IjowLCJ2cnMiOiIxLjM1LjE4IiwidXJsIjoiaHR0cHM6Ly90aC55OC5jb20vZ2FtZXMvYm9keV9yYWNlIiwicmZyIjoiaHR0cHM6Ly90aC55OC5jb20vIiwidGRtbiI6InRoLnk4LmNvbSIsImRwdGgiOjAsImFyZ3MiOnsiZ2lkIjoiYm9keS1yYWNlLW9ubGluZSIsIm1kNSI6ImNjNGRjOWZkZjI0OTRjMmRhYjE1ZmYxNzY3OGQ5NjAyIiwicGlkIjowLCJwbm0iOiJXZWIgRW50ZXJ0YWlubWVudCBMaW1pdGVkIiwiY3RyeSI6IkRFIiwibGNsIjoiZW4iLCJobGUiOjEsImFkcyI6MSwiYXJncyI6eyJwYWdlX3VybCI6InRoLnk4LmNvbSIsImdhbWVfaWQiOiJjYzRkYzlmZGYyNDk0YzJkYWIxNWZmMTc2NzhkOTYwMiIsImV2ZW50dHlwZSI6MiwidHMiOjE2OTU5ODUwOTMwMjJ9LCJocmVmIjoiaHR0cHM6Ly9odG1sNS5nYW1lZGlzdHJpYnV0aW9uLmNvbS9jYzRkYzlmZGYyNDk0YzJkYWIxNWZmMTc2NzhkOTYwMi8%2FZ2Rfc2RrX3JlZmVycmVyX3VybD1odHRwcyUzQSUyRiUyRnRoLnk4LmNvbSUyRmdhbWVzJTJGYm9keV9yYWNlJmtleT15OCZ2YWx1ZT1kZWZhdWx0IiwiZGVwdGgiOnsidmFsdWUiOjF9LCJ0b3AiOnsiZG9tYWluIjp7ImZyb20iOiJvcmlnaW5zIiwidmFsdWUiOiJ0aC55OC5jb20ifX0sInBhcnRuZXIiOnsiZG9tYWluIjp7InZhbHVlIjoidGgueTguY29tIiwiZnJvbSI6InBhcnRuZXItdXJsIn0sInVybCI6eyJ2YWx1ZSI6Imh0dHBzOi8vdGgueTguY29tL2dhbWVzL2JvZHlfcmFjZSIsImZyb20iOiJwYXJ0bmVyLXVybCJ9fSwicGFnZV91cmwiOiJ0aC55OC5jb20iLCJnYW1lX2lkIjoiY2M0ZGM5ZmRmMjQ5NGMyZGFiMTVmZjE3Njc4ZDk2MDIiLCJldmVudHR5cGUiOjIsInRzIjoxNjk1OTg1MDkzMDIyfSwidWEiOnsiYnJubSI6IkNocm9tZSIsImJydnMiOiIxMTcuMC41OTM4LjEzMiIsIm9zbm0iOiJXaW5kb3dzIiwib3N2cyI6IjEwIiwidyI6NDQ4LCJoIjo3Njh9fQ%3D%3D

Requested by

Host: html5.api.gamedistribution.com
URL: https://html5.api.gamedistribution.com/main.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

63.35.62.205 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-63-35-62-205.eu-west-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://html5.gamedistribution.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 10:58:13 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
referrer-policy: no-referrer
x-permitted-cross-domain-policies: none
expect-ct: max-age=0
x-dns-prefetch-control: off
x-frame-options: SAMEORIGIN
x-download-options: noopen
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: no-store, no-cache, private
content-length: 0
x-xss-protection: 0

GET
H2 200 collect Show response
msgrt.gamedistribution.com/ Frame 6E0F 2 B
152 B 28ms
28ms Fetch
text/plain 54.195.243.149
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://msgrt.gamedistribution.com/collect?tp=com.gdsdk.loaded&ar=W3siZ21pZCI6ImNjNGRjOWZkZjI0OTRjMmRhYjE1ZmYxNzY3OGQ5NjAyIiwidGRtbiI6InRoLnk4LmNvbSIsImRvbW4iOiJ0aC55OC5jb20iLCJyZnJyIjoiaHR0cHM6Ly90aC55OC5jb20vZ2FtZXMvYm9keV9yYWNlIiwibHRociI6MTIsImN0cnkiOiJERSIsImRwdGgiOjEsInZlcnMiOiIxLjM1LjE4IiwicGxhdCI6IiIsInRwY3QiOjEsImFyZ3MiOnsibWVzc2FnZSI6Ik5vIEJsb2NrZXIifSwidHRsZSI6IkJvZHkgUmFjZSIsInNpemUiOiI0NDggeCA3NjgiLCJicm5tIjoiQ2hyb21lIiwiYnJtaiI6IjExNyIsIm9zbm0iOiJXaW5kb3dzIiwib3N2ciI6IjEwIiwiYnlsZCI6ZmFsc2UsImltZ3UiOnRydWUsImllZ3UiOnRydWUsIml0Z3UiOmZhbHNlLCJjbXBlIjpmYWxzZSwiaG9zdCI6Imh0bWw1LmdhbWVkaXN0cmlidXRpb24uY29tIn1d&ts=1695985093024
Requested by: Host: html5.api.gamedistribution.com
URL: https://html5.api.gamedistribution.com/main.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.195.243.149 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-195-243-149.eu-west-1.compute.amazonaws.com
Software: / Express
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://html5.gamedistribution.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 29 Sep 2023 10:58:13 GMT
x-powered-by: Express
content-length: 2
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
content-type: text/plain; charset=utf-8

GET
H2 200 event
ana.headerlift.com/ Frame 6E0F 0
0 72ms
46ms Fetch 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ana.headerlift.com/event?page_url=th.y8.com&game_id=cc4dc9fdf2494c2dab15ff17678d9602&eventtype=1&ts=1695985093024
Requested by: Host: html5.api.gamedistribution.com
URL: https://html5.api.gamedistribution.com/main.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://html5.gamedistribution.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Sep 2023 10:58:13 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-allow-methods: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZuYFYHTs0hbxKysDBJtbfeed2ADbcTY3OMYrQC6neZUn7eReQsLD9ue4Mo96e0I70M9HhdfgAWrEXkQyqHbf2MfN80%2FKvszkn6N%2BwYU%2BOeIEkz%2B9rA0%2FR5cEx%2BDlWm16LD2my8EtgmCBxO8TGZ7z4aY%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://html5.gamedistribution.com
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 80e3b5af9f571976-FRA
access-control-allow-headers: *
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H2 200 dmp
tag.atom.gamedistribution.com/v1/ Frame 6E0F 0
0 40ms
34ms Fetch 63.35.62.205
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.atom.gamedistribution.com/v1/dmp?ar=eyJ0cCI6ImhsLmdhbWVwbGF5IiwiY3QiOjAsInZycyI6IjEuMzUuMTgiLCJ1cmwiOiJodHRwczovL3RoLnk4LmNvbS9nYW1lcy9ib2R5X3JhY2UiLCJyZnIiOiJodHRwczovL3RoLnk4LmNvbS8iLCJ0ZG1uIjoidGgueTguY29tIiwiZHB0aCI6MCwiYXJncyI6eyJnaWQiOiJib2R5LXJhY2Utb25saW5lIiwibWQ1IjoiY2M0ZGM5ZmRmMjQ5NGMyZGFiMTVmZjE3Njc4ZDk2MDIiLCJwaWQiOjAsInBubSI6IldlYiBFbnRlcnRhaW5tZW50IExpbWl0ZWQiLCJjdHJ5IjoiREUiLCJsY2wiOiJlbiIsImhsZSI6MSwiYWRzIjoxLCJhcmdzIjp7InBhZ2VfdXJsIjoidGgueTguY29tIiwiZ2FtZV9pZCI6ImNjNGRjOWZkZjI0OTRjMmRhYjE1ZmYxNzY3OGQ5NjAyIiwiZXZlbnR0eXBlIjoxLCJ0cyI6MTY5NTk4NTA5MzAyNH0sImhyZWYiOiJodHRwczovL2h0bWw1LmdhbWVkaXN0cmlidXRpb24uY29tL2NjNGRjOWZkZjI0OTRjMmRhYjE1ZmYxNzY3OGQ5NjAyLz9nZF9zZGtfcmVmZXJyZXJfdXJsPWh0dHBzJTNBJTJGJTJGdGgueTguY29tJTJGZ2FtZXMlMkZib2R5X3JhY2Uma2V5PXk4JnZhbHVlPWRlZmF1bHQiLCJkZXB0aCI6eyJ2YWx1ZSI6MX0sInRvcCI6eyJkb21haW4iOnsiZnJvbSI6Im9yaWdpbnMiLCJ2YWx1ZSI6InRoLnk4LmNvbSJ9fSwicGFydG5lciI6eyJkb21haW4iOnsidmFsdWUiOiJ0aC55OC5jb20iLCJmcm9tIjoicGFydG5lci11cmwifSwidXJsIjp7InZhbHVlIjoiaHR0cHM6Ly90aC55OC5jb20vZ2FtZXMvYm9keV9yYWNlIiwiZnJvbSI6InBhcnRuZXItdXJsIn19LCJwYWdlX3VybCI6InRoLnk4LmNvbSIsImdhbWVfaWQiOiJjYzRkYzlmZGYyNDk0YzJkYWIxNWZmMTc2NzhkOTYwMiIsImV2ZW50dHlwZSI6MSwidHMiOjE2OTU5ODUwOTMwMjR9LCJ1YSI6eyJicm5tIjoiQ2hyb21lIiwiYnJ2cyI6IjExNy4wLjU5MzguMTMyIiwib3NubSI6IldpbmRvd3MiLCJvc3ZzIjoiMTAiLCJ3Ijo0NDgsImgiOjc2OH19

Requested by

Host: html5.api.gamedistribution.com
URL: https://html5.api.gamedistribution.com/main.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

63.35.62.205 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-63-35-62-205.eu-west-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://html5.gamedistribution.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 10:58:13 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
referrer-policy: no-referrer
x-permitted-cross-domain-policies: none
expect-ct: max-age=0
x-dns-prefetch-control: off
x-frame-options: SAMEORIGIN
x-download-options: noopen
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: no-store, no-cache, private
content-length: 0
x-xss-protection: 0

GET
H2 200 dmp
tag.atom.gamedistribution.com/v1/ Frame 6E0F 0
0 42ms
36ms Fetch 63.35.62.205
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.atom.gamedistribution.com/v1/dmp?ar=eyJ0cCI6ImhsLmNvbmZpZyIsImN0IjowLCJ2cnMiOiIxLjM1LjE4IiwidXJsIjoiaHR0cHM6Ly90aC55OC5jb20vZ2FtZXMvYm9keV9yYWNlIiwicmZyIjoiaHR0cHM6Ly90aC55OC5jb20vIiwidGRtbiI6InRoLnk4LmNvbSIsImRwdGgiOjAsImFyZ3MiOnsiZ2lkIjoiYm9keS1yYWNlLW9ubGluZSIsIm1kNSI6ImNjNGRjOWZkZjI0OTRjMmRhYjE1ZmYxNzY3OGQ5NjAyIiwicGlkIjowLCJwbm0iOiJXZWIgRW50ZXJ0YWlubWVudCBMaW1pdGVkIiwiY3RyeSI6IkRFIiwibGNsIjoiZW4iLCJobGUiOjEsImFkcyI6MSwiYXJncyI6eyJwYWdlX3VybCI6InRoLnk4LmNvbSIsImdhbWVfaWQiOiJjYzRkYzlmZGYyNDk0YzJkYWIxNWZmMTc2NzhkOTYwMiIsImV2ZW50dHlwZSI6MSwidHMiOjE2OTU5ODUwOTMwMjR9LCJocmVmIjoiaHR0cHM6Ly9odG1sNS5nYW1lZGlzdHJpYnV0aW9uLmNvbS9jYzRkYzlmZGYyNDk0YzJkYWIxNWZmMTc2NzhkOTYwMi8%2FZ2Rfc2RrX3JlZmVycmVyX3VybD1odHRwcyUzQSUyRiUyRnRoLnk4LmNvbSUyRmdhbWVzJTJGYm9keV9yYWNlJmtleT15OCZ2YWx1ZT1kZWZhdWx0IiwiZGVwdGgiOnsidmFsdWUiOjF9LCJ0b3AiOnsiZG9tYWluIjp7ImZyb20iOiJvcmlnaW5zIiwidmFsdWUiOiJ0aC55OC5jb20ifX0sInBhcnRuZXIiOnsiZG9tYWluIjp7InZhbHVlIjoidGgueTguY29tIiwiZnJvbSI6InBhcnRuZXItdXJsIn0sInVybCI6eyJ2YWx1ZSI6Imh0dHBzOi8vdGgueTguY29tL2dhbWVzL2JvZHlfcmFjZSIsImZyb20iOiJwYXJ0bmVyLXVybCJ9fSwicGFnZV91cmwiOiJ0aC55OC5jb20iLCJnYW1lX2lkIjoiY2M0ZGM5ZmRmMjQ5NGMyZGFiMTVmZjE3Njc4ZDk2MDIiLCJldmVudHR5cGUiOjEsInRzIjoxNjk1OTg1MDkzMDI0fSwidWEiOnsiYnJubSI6IkNocm9tZSIsImJydnMiOiIxMTcuMC41OTM4LjEzMiIsIm9zbm0iOiJXaW5kb3dzIiwib3N2cyI6IjEwIiwidyI6NDQ4LCJoIjo3Njh9fQ%3D%3D

Requested by

Host: html5.api.gamedistribution.com
URL: https://html5.api.gamedistribution.com/main.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

63.35.62.205 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-63-35-62-205.eu-west-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://html5.gamedistribution.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 10:58:13 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
referrer-policy: no-referrer
x-permitted-cross-domain-policies: none
expect-ct: max-age=0
x-dns-prefetch-control: off
x-frame-options: SAMEORIGIN
x-download-options: noopen
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: no-store, no-cache, private
content-length: 0
x-xss-protection: 0

GET
H2 200 collect Show response
msgrt.gamedistribution.com/ Frame 6E0F 2 B
152 B 35ms
35ms Fetch
text/plain 54.195.243.149
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://msgrt.gamedistribution.com/collect?tp=com.gdsdk.loaded&ar=W3siZ21pZCI6ImNjNGRjOWZkZjI0OTRjMmRhYjE1ZmYxNzY3OGQ5NjAyIiwidGRtbiI6InRoLnk4LmNvbSIsImRvbW4iOiJ0aC55OC5jb20iLCJyZnJyIjoiaHR0cHM6Ly90aC55OC5jb20vZ2FtZXMvYm9keV9yYWNlIiwibHRociI6MTIsImN0cnkiOiJERSIsImRwdGgiOjEsInZlcnMiOiIxLjM1LjE4IiwicGxhdCI6IiIsInRwY3QiOjIsImFyZ3MiOnsibWVzc2FnZSI6Ik5vIEJsb2NrZXIifSwidHRsZSI6IkJvZHkgUmFjZSIsInNpemUiOiI0NDggeCA3NjgiLCJicm5tIjoiQ2hyb21lIiwiYnJtaiI6IjExNyIsIm9zbm0iOiJXaW5kb3dzIiwib3N2ciI6IjEwIiwiYnlsZCI6ZmFsc2UsImltZ3UiOnRydWUsImllZ3UiOnRydWUsIml0Z3UiOmZhbHNlLCJjbXBlIjpmYWxzZSwiaG9zdCI6Imh0bWw1LmdhbWVkaXN0cmlidXRpb24uY29tIn1d&ts=1695985093026
Requested by: Host: html5.api.gamedistribution.com
URL: https://html5.api.gamedistribution.com/main.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.195.243.149 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-195-243-149.eu-west-1.compute.amazonaws.com
Software: / Express
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://html5.gamedistribution.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 29 Sep 2023 10:58:13 GMT
x-powered-by: Express
content-length: 2
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
content-type: text/plain; charset=utf-8

GET
H2 200 index.js Show response
pm.azerioncircle.com/@bygd/gd-sdk-air-dynamic/1.3.16/dist/pluto/iife/ Frame 6E0F 155 KB
50 KB 102ms
21ms Script
application/javascript 2600:9000:225a:6000:17:cf8d:4bc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pm.azerioncircle.com/@bygd/gd-sdk-air-dynamic/1.3.16/dist/pluto/iife/index.js
Requested by: Host: html5.api.gamedistribution.com
URL: https://html5.api.gamedistribution.com/main.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225a:6000:17:cf8d:4bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 3480b4c8f384ad5fb7d71b577e094f3d83be5fa6fadbeb4a6897e72c30b9b3f5

Request headers

Referer: https://html5.gamedistribution.com/
Origin: https://html5.gamedistribution.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 10:01:12 GMT
content-encoding: gzip
via: 1.1 2f927b8fefe61ec7dd1d6dda3df37d18.cloudfront.net (CloudFront)
x-amz-cf-pop: TXL50-P1
age: 3421
x-guploader-uploadid: ADPycdvMs82QuruMcJf0fxq_y2LaV6bz7SlV0Z3gF6R_r-DAiUVo3FM7Uh0dNMRxjOVD0oB4sI2BioCTf0aALyyinmOM0kvORwcK
x-cache: Hit from cloudfront
x-goog-storage-class: STANDARD
x-goog-meta-surrogate-key: gcs
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 50764
last-modified: Wed, 12 Oct 2022 13:44:31 GMT
server: UploadServer
etag: "a803a3d022bcc08b8f323fcd1150501d"
vary: Accept-Encoding
x-goog-generation: 1665582271853777
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-goog-hash: crc32c=4KZMbw==, md5=qAOj0CK8wIuPMj/NEVBQHQ==
access-control-expose-headers: Access-Control-Allow-Origin, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=31536000, immutable
x-goog-stored-content-length: 50764
accept-ranges: bytes
x-amz-cf-id: IjVEoUxIA0b9h2i6vs80OYwv3HBMvDL036-r5LVoaOlKSNwEaLNsdw==
expires: Sat, 28 Sep 2024 10:01:12 GMT

GET
H3 200 BAadeGEE1qHjsQ6c_rqFtjeXulPdvwUFIKdhRpM9mgY.js Show response
pagead2.googlesyndication.com/bg/ Frame B933 37 KB
14 KB 21ms
6ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/BAadeGEE1qHjsQ6c_rqFtjeXulPdvwUFIKdhRpM9mgY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04069d786104d6a1e3b10e9cfeba85b63797ba53ddbf050520a76146933d9a06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 09:05:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6767
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14550
x-xss-protection: 0
last-modified: Mon, 25 Sep 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 28 Sep 2024 09:05:26 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 5EFA 0
0 40ms
40ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202309250101&jk=79172713210901&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

POST
H2 204 pageview Show response
tracker.gamemonkey.org/v1/gamemonkey/track/gd/event/ Frame 6E0F 0
120 B 524ms
126ms XHR
text/plain 52.51.37.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tracker.gamemonkey.org/v1/gamemonkey/track/gd/event/pageview
Requested by: Host: cdn.gamemonkey.org
URL: https://cdn.gamemonkey.org/gamemonkey-sdk-javascript/5.1.1/script/gamemonkey-sdk.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.37.68 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-37-68.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://html5.gamedistribution.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://html5.gamedistribution.com
date: Fri, 29 Sep 2023 10:58:13 GMT
x-cid: gamemonkey-74978fd5b-n7x4m
vary: Origin

POST
H2 204 b4fb5793-7557-409f-a1e5-b633edda70fa
tracker-v4.gamedock.io/v1/events-tracker/track/product/Game%20Distribution/user_id/ Frame 6E0F 0
0 439ms
45ms Fetch 54.154.17.207
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tracker-v4.gamedock.io/v1/events-tracker/track/product/Game%20Distribution/user_id/b4fb5793-7557-409f-a1e5-b633edda70fa
Requested by: Host: html5.api.gamedistribution.com
URL: https://html5.api.gamedistribution.com/main.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.154.17.207 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-154-17-207.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://html5.gamedistribution.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

access-control-allow-origin: https://html5.gamedistribution.com
date: Fri, 29 Sep 2023 10:58:13 GMT
x-cid: gamemonkey-74978fd5b-bhvqq
vary: Origin

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309250101/ Frame 6E0F 380 KB
129 KB 77ms
76ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309250101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2316275586951220&plah=html5.gamedistribution.com&bust=31078215

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

56e0f9a8ae73400bac075ed0f7c4e04d9adc82d2cd19496100b62a6303bd7714

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://html5.gamedistribution.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 10:58:13 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 131788
x-xss-protection: 0
server: cafe
etag: 8091343462175569078
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 29 Sep 2023 10:58:13 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230927/r20190131/ Frame E3FB 10 KB
5 KB 27ms
6ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230927/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://html5.gamedistribution.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2414
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4471
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 29 Sep 2023 10:17:59 GMT
etag: 2603938475786422795
expires: Fri, 13 Oct 2023 10:17:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 headerlift.min.js Show response
hb.improvedigital.com/pbw/ Frame 6E0F 197 KB
62 KB 55ms
7ms Script
application/javascript 2600:9000:2250:e200:4:cd76:8580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.improvedigital.com/pbw/headerlift.min.js?referer=th.y8.com
Requested by: Host: html5.api.gamedistribution.com
URL: https://html5.api.gamedistribution.com/main.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:e200:4:cd76:8580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: UploadServer /
Resource Hash: da2b8bd4621fa033d24a0f4a7178fbf3d8dcc2ec28bccc687f2f540337e2acdb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://html5.gamedistribution.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 10:16:46 GMT
content-encoding: gzip
via: 1.1 109c7a7f1cf897851e09b16d3030a948.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
age: 2487
x-guploader-uploadid: ADPycdt6D1Rg_aS5D9EmZfUGATjaLGAJVJ9U8aO3vHQTiATSKjGB3TzLyRyAXDRCm2vfhpYITIuWqW3PAU7zlOoH7rJdoryP-B2I
x-cache: Hit from cloudfront
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 63124
last-modified: Mon, 27 Mar 2023 13:15:12 GMT
server: UploadServer
etag: "6a4295309a0bd0ad590f677e7bfc562a"
vary: Accept-Encoding
x-goog-generation: 1679922912220684
content-type: application/javascript; charset=utf-8
x-goog-hash: crc32c=Ji1Zsw==, md5=akKVMJoL0K1ZD2d+e/xWKg==
cache-control: public, max-age=3600
x-goog-stored-content-length: 63124
accept-ranges: bytes
x-amz-cf-id: OMVMWGB1m2pjMUlyZwcO6GCKZNX4VBkYYTS6P1VJyadqxICmqPdXHA==
expires: Fri, 29 Sep 2023 10:17:04 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame B933 0
10 B 6ms
6ms Image
text/plain 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?4INKvw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 10:58:13 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 cc4dc9fdf2494c2dab15ff17678d9602-512x512.jpeg
img.gamedistribution.com/ Frame 6E0F 24 KB
24 KB 55ms
6ms Image
image/jpeg 99.86.4.107
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.gamedistribution.com/cc4dc9fdf2494c2dab15ff17678d9602-512x512.jpeg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-107.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d3ae05128dbaf24bed86a7837b28b9740275ffa3db823997dc0a7b47cb0ae074

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://html5.gamedistribution.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-amz-version-id: null
date: Fri, 29 Sep 2023 09:13:22 GMT
via: 1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
last-modified: Tue, 23 Aug 2022 09:17:48 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 6407
etag: "1cf59f3cd872567d7dd7759b1b5ba908"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 24402
x-amz-meta-last-modified: 1661179266000
x-amz-cf-id: ZfxvbaSm5L6ZCDTyoiQP6D3cmXqqWxoPBYEjcSrRHOXNSV2iEtv0cg==

GET
H2 200 opphb Show response
pub.headerlift.com/ Frame 6E0F 5 KB
1 KB 63ms
46ms Fetch
application/json 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pub.headerlift.com/opphb?page_url=th.y8.com&page_type=gd&page_width=450&aid=cc4dc9fdf2494c2dab15ff17678d9602
Requested by: Host: hb.improvedigital.com
URL: https://hb.improvedigital.com/pbw/headerlift.min.js?referer=th.y8.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fa55a36797c9822d62ff2e1eb190b2746aab1008ae228b160df6ff4a68e8dadb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://html5.gamedistribution.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Sep 2023 10:58:13 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-allow-methods: *
content-type: application/json; charset=utf-8
access-control-allow-origin: https://html5.gamedistribution.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uVw2O5htcYYN9wyxkcu24oqzxOJ9qe%2BalzklUYcbWFbENrbD5xMhqJzTH%2B2rCcz%2FYFR%2B7v%2FGy%2FSSVqOYBm4LpfaxFE6EiWSWIbXUFLOhtn3xokYK%2BlTqsVIzrnYefd31iBmX5xglfg8M3HdCEFrC8R4%3D"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 80e3b5b0d90a1976-FRA
access-control-allow-headers: *
alt-svc: h3=":443"; ma=86400

GET
H2 200 prebid-idhb-v7.35.min.js Show response
hb.improvedigital.com/pbw/prebid/ Frame 6E0F 542 KB
170 KB 7ms
7ms Script
application/javascript 2600:9000:2250:e200:4:cd76:8580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.improvedigital.com/pbw/prebid/prebid-idhb-v7.35.min.js
Requested by: Host: hb.improvedigital.com
URL: https://hb.improvedigital.com/pbw/headerlift.min.js?referer=th.y8.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:e200:4:cd76:8580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 2a53791bf6b783af22f18f89fd6cece8bec7c97f899d0a52593d7af7eba053bb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://html5.gamedistribution.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 22 Sep 2023 20:29:38 GMT
content-encoding: gzip
via: 1.1 109c7a7f1cf897851e09b16d3030a948.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
age: 570515
x-guploader-uploadid: ADPycduii6WvCFSRFsipYhn3WX1UxALGwaVhPAzGsTFE9LT5Z8gvAsYD_ItMcj1b24jQO0GqrFlFCNNwvTZj5Yz0Jwsy2Q
x-cache: Hit from cloudfront
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 173114
last-modified: Wed, 01 Feb 2023 15:22:31 GMT
server: UploadServer
etag: "cc8348ad22bc7b1da00eb95556d1e626"
x-goog-generation: 1675264951543037
content-type: application/javascript
content-language: en
x-goog-hash: crc32c=3/FA8Q==, md5=zINIrSK8ex2gDrlVVtHmJg==
cache-control: public, max-age=604800,no-transform
x-goog-stored-content-length: 173114
accept-ranges: bytes
x-amz-cf-id: tUlbAgcn9Bfe0sGy9tah6BJcYrVPRSuRZHxQI1PGrKKMx-ZyTjMvHg==
expires: Fri, 29 Sep 2023 20:29:38 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 6E0F 358 KB
123 KB 40ms
20ms Script
text/javascript 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: html5.api.gamedistribution.com
URL: https://html5.api.gamedistribution.com/main.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

735fa4096e489f911f7a495f251f61c17a69c021622c5b904b9742be95be9f90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://html5.gamedistribution.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 10:58:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 125650
x-xss-protection: 0
expires: Fri, 29 Sep 2023 10:58:13 GMT

GET
H2 200 debugging-standalone.js Show response
cdn.jsdelivr.net/npm/prebid.js@7.34.0/dist/ Frame 6E0F 24 KB
9 KB 50ms
18ms Script
application/javascript 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/prebid.js@7.34.0/dist/debugging-standalone.js

Requested by

Host: hb.improvedigital.com
URL: https://hb.improvedigital.com/pbw/prebid/prebid-idhb-v7.35.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8eb6effb5761cd47e3bee3b0918747a165d60476596678afe39182bcd3d449a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://html5.gamedistribution.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 10:58:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 3992055
x-jsd-version: 7.34.0
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230059-FRA, cache-jnb7024-JNB
x-jsd-version-type: version
server: cloudflare
etag: W/"5f6f-EYbaMIgWVavPTq3yV6gC2e7ddko"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tjx%2FWyJlYc0NDs6BKkNDNmgT%2FRHuDeabA5PlfWjA8RGiyYAbKSa12FPvWsgnqsIkA8yMNYXdZYHYymYgNG2ifiZMe9bf5JqaMCSZzLymoJQ4hv9ovk1JR67WudLTeuikaqo0RdxxYsn5BbBeqpg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 80e3b5b18b989273-FRA

GET
H2 200 bridge3.593.1_en.html Show response
imasdk.googleapis.com/js/core/ Frame B7E6 723 KB
232 KB 7ms
6ms Document
text/html 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.593.1_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92a16b0ef6e10c14737eee5740e07ad4615d58e362b2e43f941bc4724f946224

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://html5.gamedistribution.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 128779
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 237116
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Wed, 27 Sep 2023 23:11:54 GMT
expires: Thu, 26 Sep 2024 23:11:54 GMT
last-modified: Wed, 27 Sep 2023 23:10:20 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 6E0F 44 KB
17 KB 63ms
29ms Script
text/javascript 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://html5.gamedistribution.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 10:58:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 29 Sep 2023 10:58:13 GMT

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 60F2 40 KB
14 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 10:06:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3079
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13893
x-xss-protection: 0
last-modified: Wed, 09 Aug 2023 15:57:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Fri, 29 Sep 2023 11:06:54 GMT

GET
H2 200 collect Show response
msgrt.gamedistribution.com/ Frame 6E0F 2 B
152 B 29ms
29ms Fetch
text/plain 54.195.243.149
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://msgrt.gamedistribution.com/collect?tp=com.gdsdk.adblocker.flw&ar=W3siZ21pZCI6ImNjNGRjOWZkZjI0OTRjMmRhYjE1ZmYxNzY3OGQ5NjAyIiwidGRtbiI6InRoLnk4LmNvbSIsImRvbW4iOiJ0aC55OC5jb20iLCJyZnJyIjoiaHR0cHM6Ly90aC55OC5jb20vZ2FtZXMvYm9keV9yYWNlIiwibHRociI6MTIsImN0cnkiOiJERSIsImRwdGgiOjEsInZlcnMiOiIxLjM1LjE4IiwicGxhdCI6IiIsInRwY3QiOjEsImFyZ3MiOnsibWVzc2FnZSI6Im9rIn0sInR0bGUiOiJCb2R5IFJhY2UiLCJzaXplIjoiNDQ4IHggNzY4IiwiYnJubSI6IkNocm9tZSIsImJybWoiOiIxMTciLCJvc25tIjoiV2luZG93cyIsIm9zdnIiOiIxMCIsImJ5bGQiOmZhbHNlLCJpbWd1Ijp0cnVlLCJpZWd1Ijp0cnVlLCJpdGd1IjpmYWxzZSwiY21wZSI6ZmFsc2UsImhvc3QiOiJodG1sNS5nYW1lZGlzdHJpYnV0aW9uLmNvbSJ9XQ%3D%3D&ts=1695985093352
Requested by: Host: html5.api.gamedistribution.com
URL: https://html5.api.gamedistribution.com/main.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.195.243.149 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-195-243-149.eu-west-1.compute.amazonaws.com
Software: / Express
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://html5.gamedistribution.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 29 Sep 2023 10:58:13 GMT
x-powered-by: Express
content-length: 2
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
content-type: text/plain; charset=utf-8

GET
H2 200 collect Show response
msgrt.gamedistribution.com/ Frame 6E0F 2 B
152 B 28ms
28ms Fetch
text/plain 54.195.243.149
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://msgrt.gamedistribution.com/collect?tp=com.gdsdk.adblocker.adapters&ar=W3siZ21pZCI6ImNjNGRjOWZkZjI0OTRjMmRhYjE1ZmYxNzY3OGQ5NjAyIiwidGRtbiI6InRoLnk4LmNvbSIsImRvbW4iOiJ0aC55OC5jb20iLCJyZnJyIjoiaHR0cHM6Ly90aC55OC5jb20vZ2FtZXMvYm9keV9yYWNlIiwibHRociI6MTIsImN0cnkiOiJERSIsImRwdGgiOjEsInZlcnMiOiIxLjM1LjE4IiwicGxhdCI6IiIsInRwY3QiOjEsImFyZ3MiOnsibWVzc2FnZSI6Im5vbmUifSwidHRsZSI6IkJvZHkgUmFjZSIsInNpemUiOiI0NDggeCA3NjgiLCJicm5tIjoiQ2hyb21lIiwiYnJtaiI6IjExNyIsIm9zbm0iOiJXaW5kb3dzIiwib3N2ciI6IjEwIiwiYnlsZCI6ZmFsc2UsImltZ3UiOnRydWUsImllZ3UiOnRydWUsIml0Z3UiOmZhbHNlLCJjbXBlIjpmYWxzZSwiaG9zdCI6Imh0bWw1LmdhbWVkaXN0cmlidXRpb24uY29tIn1d&ts=1695985093353
Requested by: Host: html5.api.gamedistribution.com
URL: https://html5.api.gamedistribution.com/main.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.195.243.149 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-195-243-149.eu-west-1.compute.amazonaws.com
Software: / Express
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://html5.gamedistribution.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 29 Sep 2023 10:58:13 GMT
x-powered-by: Express
content-length: 2
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
content-type: text/plain; charset=utf-8

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 101D 76 B
391 B 207ms
206ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2316275586951220&output=html&adk=1812271804&adf=3279755397&plat=1%3A16777728%2C2%3A16777728%2C3%3A66048%2C4%3A66048%2C8%3A512%2C9%3A33280%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1049088%2C32%3A32%2C41%3A32%2C42%3A32&channel=4089988593&format=0x0&url=https%3A%2F%2Fth.y8.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695985093137&bpp=3&bdt=649&idt=220&shv=r20230927&mjsv=m202309250101&ptt=9&saldr=aa&nras=1&correlator=5705232052806&rume=1&frm=24&ife=1&pv=2&ga_vid=703023347.1695985093&ga_sid=1695985093&ga_hid=1918410299&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=450&ish=800&ifk=500929938&scr_x=-12245933&scr_y=-12245933&eid=44759926%2C44759875%2C31078215%2C21065724%2C31061691%2C31061693&oid=2&pvsid=1779559608651120&tmod=1915005458&uas=0&nvt=1&fsapi=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C450%2C800&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.qpyx2jtlbm5e&fsb=1&dtd=233

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309250101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2316275586951220&plah=html5.gamedistribution.com&bust=31078215

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a6f3c4eb8378e0bd2852618eacf0a02ff8147155da4d5fb765d89989327cd1cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://html5.gamedistribution.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 66
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 29 Sep 2023 10:58:13 GMT
expires: Fri, 29 Sep 2023 10:58:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6E0F 0
20 B 52ms
52ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&id=gdsdk__splash&ign=false&pw=450&ph=800&x=0&y=715

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://html5.gamedistribution.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Sep 2023 10:58:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6E0F 0
20 B 52ms
51ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&id=gdsdk__splash&ign=false&pw=450&ph=800&x=0&y=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://html5.gamedistribution.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Sep 2023 10:58:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 6E0F 16 KB
12 KB 57ms
56ms XHR
application/json 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230927&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a4c463d07697837ce225ab662fdb639f84b557e6a24db4f98c3be78667d628c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://html5.gamedistribution.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 10:58:13 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12086
x-xss-protection: 0

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012309151607000/ Frame 2C16 223 KB
62 KB 60ms
7ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012309151607000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309250101/pubads_impl.js?cb=31078219

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed0329ded0e3e15f1da42e303456565efd908295a3a4c0fb1984decc0fec3ee7

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://th.y8.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 25 Sep 2023 17:10:58 GMT
age: 323235
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62227
x-xss-protection: 0
server: sffe
etag: "41242159531b2c89"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 24 Sep 2024 17:10:58 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012309151607000/v0/ Frame 2C16 15 KB
5 KB 71ms
18ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012309151607000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309250101/pubads_impl.js?cb=31078219

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed34e84a189ed3e7735ec026a4be0ffa93c4e8f63450a5b0258bd46fc8459241

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://th.y8.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 25 Sep 2023 17:10:58 GMT
age: 323235
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5217
x-xss-protection: 0
server: sffe
etag: "62ebb0de0df26f82"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 24 Sep 2024 17:10:58 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012309151607000/v0/ Frame 2C16 94 KB
28 KB 72ms
20ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012309151607000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309250101/pubads_impl.js?cb=31078219

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0021634309d4f589c6803d3d3dbe0ab9402a524993ab8df667d16c33d23d1fec

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://th.y8.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 25 Sep 2023 17:10:58 GMT
age: 323235
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29001
x-xss-protection: 0
server: sffe
etag: "c5564a9c7a93c19c"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 24 Sep 2024 17:10:58 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012309151607000/v0/ Frame 2C16 5 KB
2 KB 74ms
22ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012309151607000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309250101/pubads_impl.js?cb=31078219

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9ac93a925b888b68155813661a5cd3a2f5e5641ba1176bfb266eb349b38002c5

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://th.y8.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 25 Sep 2023 17:10:58 GMT
age: 323235
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1915
x-xss-protection: 0
server: sffe
etag: "dde9f9175af3842f"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 24 Sep 2024 17:10:58 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012309151607000/v0/ Frame 2C16 40 KB
13 KB 75ms
22ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012309151607000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309250101/pubads_impl.js?cb=31078219

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ceab4ff3d4af4f6402234da5817d688928c26a39ae798050f9da58bca0d415b1

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://th.y8.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 25 Sep 2023 17:10:58 GMT
age: 323235
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12961
x-xss-protection: 0
server: sffe
etag: "97cee024b23d3389"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 24 Sep 2024 17:10:58 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 2C16 4 KB
1 KB 46ms
16ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309250101/pubads_impl.js?cb=31078219

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://th.y8.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 29 Sep 2023 10:58:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 29 Sep 2023 09:59:48 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 29 Sep 2023 10:58:13 GMT

GET
H3 200 th.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 2C16 3 KB
3 KB 8ms
7ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/th.png

Requested by

Host: th.y8.com
URL: https://th.y8.com/games/body_race

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cad58f215d074424bf4b9310a814d9ea51931235a3afe31ee2e69c58e8f75bec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://th.y8.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 02:43:32 GMT
x-content-type-options: nosniff
server: cafe
age: 29681
etag: 12800268860518071124
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3306
x-xss-protection: 0
expires: Sat, 30 Sep 2023 02:43:32 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 2C16 344 B
368 B 8ms
8ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: th.y8.com
URL: https://th.y8.com/games/body_race

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://th.y8.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 06:58:21 GMT
x-content-type-options: nosniff
server: cafe
age: 14392
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 344
x-xss-protection: 0
expires: Sat, 30 Sep 2023 06:58:21 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/17098395588872322434/ Frame 2C16 28 KB
28 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17098395588872322434/14763004658117789537

Requested by

Host: th.y8.com
URL: https://th.y8.com/games/body_race

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7f88cca171fe919c301685893d8da2375ce02125266be32dac2ee6f1427c392

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://th.y8.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 09:07:44 GMT
x-content-type-options: nosniff
age: 352229
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29139
x-xss-protection: 0
last-modified: Sun, 03 Sep 2023 16:28:52 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 24 Sep 2024 09:07:44 GMT

GET
DATA 200
OK truncated
/ Frame 2C16 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 2C16 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8d9598152c7a4fdeca348f6bf899257002503a79be439ceb45b4d7447d466baa

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 6E0F 17 KB
6 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://html5.gamedistribution.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 10:58:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 29 Sep 2023 10:58:13 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 2C16 16 KB
16 KB 29ms
7ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://th.y8.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 17:26:14 GMT
x-content-type-options: nosniff
age: 235919
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Sep 2024 17:26:14 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 2C16 15 KB
15 KB 30ms
8ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://th.y8.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 16:50:19 GMT
x-content-type-options: nosniff
age: 151674
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 26 Sep 2024 16:50:19 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 2A56 13 KB
5 KB 8ms
7ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://html5.gamedistribution.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 3939
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 29 Sep 2023 09:52:34 GMT
expires: Sat, 28 Sep 2024 09:52:34 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 3D16 829 B
769 B 16ms
15ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

6a3a0ae5b1050775cb41be94a4223d81c8c855ac5b4082a6f4aa0ef1661691b4

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-KCOZHMgL9CLapKenOtAV5A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://html5.gamedistribution.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-KCOZHMgL9CLapKenOtAV5A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 29 Sep 2023 10:58:13 GMT
expires: Fri, 29 Sep 2023 10:58:13 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 th.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 2C16 3 KB
3 KB 7ms
6ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/th.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012309151607000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cad58f215d074424bf4b9310a814d9ea51931235a3afe31ee2e69c58e8f75bec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://th.y8.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 02:43:32 GMT
x-content-type-options: nosniff
server: cafe
age: 29681
etag: 12800268860518071124
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3306
x-xss-protection: 0
expires: Sat, 30 Sep 2023 02:43:32 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 2C16 344 B
368 B 7ms
7ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012309151607000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://th.y8.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 06:58:21 GMT
x-content-type-options: nosniff
server: cafe
age: 14392
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 344
x-xss-protection: 0
expires: Sat, 30 Sep 2023 06:58:21 GMT

GET
H3 200 slotcar_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309250101/ Frame 6E0F 90 KB
31 KB 50ms
50ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309250101/slotcar_library_fy2021.js?bust=31078215

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c821dce4e1cccae92997bd66e416d69bef5f3b4236eb3604561eb574736157f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://html5.gamedistribution.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 10:58:13 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31658
x-xss-protection: 0
server: cafe
etag: 862705645507129905
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 29 Sep 2023 10:58:13 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 3D16 0
0 40ms
40ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230927&jk=1779559608651120&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 2C16 0
0 53ms
53ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C-1e6xK0WZbjzNoGI9u8P6uC86A61x9mgc8jKlf_PEfnOi7OiDhABIKHvxilgleKQgqAHoAGIhIT7KcgBCakCrebOtjfAsT7gAgCoAwHIAwqqBP4BT9DvA3WSG6scCyQInXqZnxUfJiSokSiKE6eyD6GOzWW7Ghv-fSj1kjYUJud5wvtq7346UCP_xKcwW1TWvt_YGcc4U2B3DraosXDrZAXE8v3JCtXOEiPYp2x7JY7K0YRc30Nrl7YswjkK8nKpub-6rqqnbgMEBScf6YBtYLK38atcsFegkYhdQMzoNLIsqqOPcDDTGKd_Px4mPhxjGtgo-41zL7zlgbMBjVx01LOkm_fofmEZX48old13GmMzqRVKAGP8h4HndPeKUO2LXWV2Gjp_MByh44w_Gec_P5R0DlXecFQ7_DUFLKHKc9Re1lLDStNAmzOloQrYZYf0i0fABL_09NHIBOAEAYgF1tK53kySBQQIBBgBkgUECAUYBKAGLoAHiLzU2gSoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBDN8wLSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6mgkZaHR0cHM6Ly9xdWVzdHRpcHMuY29tL2RzcoAKAcgLAeINEwjl24Xo1M-BAxUBhP0HHWowD-3YEw3QFQGAFwGyFx4KHAgAEhRwdWItNjEyOTU4MDc5NTQ3ODcwORiZphU&sigh=vr64aKi8jjo&uach_m=[]&ase=2&nis=5&cid=CAQSTADICaaNk5VqjgOA3KkmK-ton6jiS3clW8u0O61-hWKNKdLOANJfIZ10MoUtXksIWCkOdb0lA3-UjEponvYfAHICT-ocFrrRlkNJiGMYAQ&template_id=5000&cbvp=2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://th.y8.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

GET
H3 200 BAadeGEE1qHjsQ6c_rqFtjeXulPdvwUFIKdhRpM9mgY.js Show response
pagead2.googlesyndication.com/bg/ Frame 2A56 37 KB
14 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/BAadeGEE1qHjsQ6c_rqFtjeXulPdvwUFIKdhRpM9mgY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04069d786104d6a1e3b10e9cfeba85b63797ba53ddbf050520a76146933d9a06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 09:05:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6767
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14550
x-xss-protection: 0
last-modified: Mon, 25 Sep 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 28 Sep 2024 09:05:26 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6E0F 0
20 B 41ms
41ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=slotcar&preloadAdBreaks=on&sound=on&onReady=false&event=adcf_cl&client=ca-pub-2316275586951220&bow_v=r20230927&js_v=m202309250101&fetcher=adsense&eid=44759926%2C44759875%2C31078215%2C21065724%2C31061691%2C31061693

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://html5.gamedistribution.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Sep 2023 10:58:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1A77 168 KB
51 KB 446ms
446ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2316275586951220&output=html&h=800&adk=792072791&adf=2873238072&w=450&vpmute=0&channel=4089988593&format=450x800&url=https%3A%2F%2Fth.y8.com%2F&ea=0&pra=3&wgl=1&fa=10&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695985093753&bpp=2&bdt=1264&idt=2&shv=r20230927&mjsv=m202309250101&ptt=9&saldr=aa&prev_fmts=0x0&nras=2&correlator=5705232052806&rume=1&pv_ch=4089988593%2B&frm=24&ife=1&pv=1&ga_vid=703023347.1695985093&ga_sid=1695985093&ga_hid=1918410299&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=450&ish=800&ifk=500929938&scr_x=-12245933&scr_y=-12245933&eid=44759926%2C44759875%2C31078215%2C21065724%2C31061691%2C31061693&oid=2&pvsid=1779559608651120&tmod=1915005458&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C450%2C800&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=2&uci=2.lknzhm10vs68&fsb=1&dtd=5

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8c68b061fd5c2462f8aebcedeeec1a8fc11f66fe1c1aebc8bebcd25713af161e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://html5.gamedistribution.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 51747
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 29 Sep 2023 10:58:14 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 079C 185 KB
54 KB 456ms
456ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2316275586951220&output=html&h=800&adk=792072791&adf=1300378861&w=450&vpmute=0&channel=4089988593&format=450x800&url=https%3A%2F%2Fth.y8.com%2F&ea=0&pra=3&wgl=1&fa=11&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695985093761&bpp=1&bdt=1273&idt=1&shv=r20230927&mjsv=m202309250101&ptt=9&saldr=aa&prev_fmts=0x0%2C450x800&nras=3&correlator=5705232052806&rume=1&pv_ch=4089988593%2B&frm=24&ife=1&pv=1&ga_vid=703023347.1695985093&ga_sid=1695985093&ga_hid=1918410299&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=450&ish=800&ifk=500929938&scr_x=-12245933&scr_y=-12245933&eid=44759926%2C44759875%2C31078215%2C21065724%2C31061691%2C31061693&oid=2&pvsid=1779559608651120&tmod=1915005458&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C450%2C800&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=3&uci=3.ebm642bzzb24&fsb=1&dtd=3

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

101a1c099fb1828888d1dc28b46a68194846fe7a4ade528bc966cae666ffc95c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://html5.gamedistribution.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 55141
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 29 Sep 2023 10:58:14 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 43ms
43ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202309250101&jk=79172713210901&bg=!i4iliMfNAAYEJRtnJCU7ADQBe5WfOCn658EoZX-IX7rjmRG1sjQbU-0EBEhNG24YzXygmyvJf-fVkfQliOjhGkCulWIQAgAAAINSAAAABWgBBwoANjJNiMOmkjc2-CAhixAVfQDJ1jK_Ha_pmh9y53eai6zPLFPJbtydkWH7SMH4stL0VcO1pmJFWZkCr1ILMQA56QX9RDeHxBLOZwBgfEcY6YlC7h8ftgtTlMhGqJsw2YEX1f0sbDBn31Wg7ijmJFpJt2qzUCPRfTQaxck94nsiB4V3Dd-HNnVbrTh7826I6M2zod2pKcH9_NTxxpmX6YqsMQQzl7KDpLGMkweBOUUMr63w_tim4KT4slpvXIdmr-QkujMuS3kFacCw4kPUAKL6A4sYHWpH9cMkZyUpXUkgMZ7zVQn7ka3WZoOTEk-rZDFbd4EI9LeYkRc3vnnA3pFe69HPm-1yu9vQKmm1L7ZY9wR4AKIqyeL3b0pG356clRhJD9f-WmY8aTRC27D8dq7RfWygANtRQh2oHkFVJ_jLZntcg3nAMRpQ7dlrDRgQPqK1qmSyVsZCfWP7L_twAnbo4Lw1pa_Qbm5oTSBs_3RIBFM93y4c6U-e2NuMna3wBGWwlzZErdlDHWwB4X2AXGsxTxL-n35rftuaN2sm-_CkzHe1mDGVgl-sGNne87E17higqvs0q-psRQ3ig9NYxTH8Lo-aV3M8n-Z-2IW4y9B0pGqyqcYk8iSZ0N0On25jhp09JSoTk91waOr7S4jFg4QptTUwPKoeYaadBbQwwsyfoxCfAXUZ8liW61D60XOe0KRtmw-m4vO76EQ8o5XLSjxgfI3kvuO927Vi2uN2orFjV8Sd6lq5vR0AFTLjWUUsjysQmWDbBYaAD7o1bpBTaUKqMzdocZlDg0EKeaVVnt3vJ3MjvQO3ezjXQuH7g5wqEPXAuTgpEq4_BgO5BM92JLR5IJwCGzs6VDMVlz5beX8gS4w_641oz4dgI5JEalCJKP1978RiqOSIBnrvYn40EiB4zZmcTdMoVbfqkOTTV0IS-0TG9jaRM0tQ6agejhrX02eXzUEbjzHYhrUwGTvg3F8n-RQm4KthduHWkA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://th.y8.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 2A56 0
10 B 6ms
6ms Image
text/plain 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?jyghEA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 10:58:13 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H3 204 ping
pagead2.googlesyndication.com/pagead/ Frame 6E0F 0
0 42ms
42ms Fetch
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309250101/slotcar_library_fy2021.js?bust=31078215
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://html5.gamedistribution.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H3 204 ping
pagead2.googlesyndication.com/pagead/ Frame 6E0F 0
0 40ms
40ms Fetch
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://html5.gamedistribution.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 css2
fonts.googleapis.com/ Frame 1A77 4 KB
767 B 17ms
16ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2316275586951220&output=html&h=800&adk=792072791&adf=2873238072&w=450&vpmute=0&channel=4089988593&format=450x800&url=https%3A%2F%2Fth.y8.com%2F&ea=0&pra=3&wgl=1&fa=10&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695985093753&bpp=2&bdt=1264&idt=2&shv=r20230927&mjsv=m202309250101&ptt=9&saldr=aa&prev_fmts=0x0&nras=2&correlator=5705232052806&rume=1&pv_ch=4089988593%2B&frm=24&ife=1&pv=1&ga_vid=703023347.1695985093&ga_sid=1695985093&ga_hid=1918410299&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=450&ish=800&ifk=500929938&scr_x=-12245933&scr_y=-12245933&eid=44759926%2C44759875%2C31078215%2C21065724%2C31061691%2C31061693&oid=2&pvsid=1779559608651120&tmod=1915005458&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C450%2C800&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=2&uci=2.lknzhm10vs68&fsb=1&dtd=5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 29 Sep 2023 10:58:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 29 Sep 2023 09:58:34 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 29 Sep 2023 10:58:14 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 1A77 205 B
651 B 35ms
7ms Image
image/png 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 09:09:18 GMT
x-content-type-options: nosniff
age: 265736
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 25 Sep 2024 09:09:18 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 1A77 604 B
695 B 35ms
7ms Image
image/png 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 14:19:53 GMT
x-content-type-options: nosniff
age: 160701
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 26 Sep 2024 14:19:53 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230927/r20110914/elements/html/ Frame 1A77 20 KB
8 KB 10ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230927/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bd91080d2c7f2120ad82727f5c07bbb439b810ed4035993ddb1825ca1611396b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 28 Sep 2023 17:10:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64068
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8566
x-xss-protection: 0
server: cafe
etag: 5625731030761120726
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 12 Oct 2023 17:10:26 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 079C 2 KB
570 B 24ms
22ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2316275586951220&output=html&h=800&adk=792072791&adf=1300378861&w=450&vpmute=0&channel=4089988593&format=450x800&url=https%3A%2F%2Fth.y8.com%2F&ea=0&pra=3&wgl=1&fa=11&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695985093761&bpp=1&bdt=1273&idt=1&shv=r20230927&mjsv=m202309250101&ptt=9&saldr=aa&prev_fmts=0x0%2C450x800&nras=3&correlator=5705232052806&rume=1&pv_ch=4089988593%2B&frm=24&ife=1&pv=1&ga_vid=703023347.1695985093&ga_sid=1695985093&ga_hid=1918410299&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=450&ish=800&ifk=500929938&scr_x=-12245933&scr_y=-12245933&eid=44759926%2C44759875%2C31078215%2C21065724%2C31061691%2C31061693&oid=2&pvsid=1779559608651120&tmod=1915005458&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C450%2C800&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=3&uci=3.ebm642bzzb24&fsb=1&dtd=3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

289d25d68f730e581e0a16b8bee8f63a061717973f8ac8c29ccf2ba8fed15adf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 29 Sep 2023 10:58:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 29 Sep 2023 09:58:41 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 29 Sep 2023 10:58:14 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 079C 604 B
663 B 13ms
8ms Image
image/png 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2316275586951220&output=html&h=800&adk=792072791&adf=1300378861&w=450&vpmute=0&channel=4089988593&format=450x800&url=https%3A%2F%2Fth.y8.com%2F&ea=0&pra=3&wgl=1&fa=11&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695985093761&bpp=1&bdt=1273&idt=1&shv=r20230927&mjsv=m202309250101&ptt=9&saldr=aa&prev_fmts=0x0%2C450x800&nras=3&correlator=5705232052806&rume=1&pv_ch=4089988593%2B&frm=24&ife=1&pv=1&ga_vid=703023347.1695985093&ga_sid=1695985093&ga_hid=1918410299&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=450&ish=800&ifk=500929938&scr_x=-12245933&scr_y=-12245933&eid=44759926%2C44759875%2C31078215%2C21065724%2C31061691%2C31061693&oid=2&pvsid=1779559608651120&tmod=1915005458&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C450%2C800&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=3&uci=3.ebm642bzzb24&fsb=1&dtd=3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 14:19:53 GMT
x-content-type-options: nosniff
age: 160701
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 26 Sep 2024 14:19:53 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230927/r20110914/elements/html/ Frame 079C 20 KB
8 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230927/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2316275586951220&output=html&h=800&adk=792072791&adf=1300378861&w=450&vpmute=0&channel=4089988593&format=450x800&url=https%3A%2F%2Fth.y8.com%2F&ea=0&pra=3&wgl=1&fa=11&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695985093761&bpp=1&bdt=1273&idt=1&shv=r20230927&mjsv=m202309250101&ptt=9&saldr=aa&prev_fmts=0x0%2C450x800&nras=3&correlator=5705232052806&rume=1&pv_ch=4089988593%2B&frm=24&ife=1&pv=1&ga_vid=703023347.1695985093&ga_sid=1695985093&ga_hid=1918410299&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=450&ish=800&ifk=500929938&scr_x=-12245933&scr_y=-12245933&eid=44759926%2C44759875%2C31078215%2C21065724%2C31061691%2C31061693&oid=2&pvsid=1779559608651120&tmod=1915005458&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C450%2C800&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=3&uci=3.ebm642bzzb24&fsb=1&dtd=3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bd91080d2c7f2120ad82727f5c07bbb439b810ed4035993ddb1825ca1611396b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 28 Sep 2023 17:10:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64068
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8566
x-xss-protection: 0
server: cafe
etag: 5625731030761120726
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 12 Oct 2023 17:10:26 GMT

GET
H3 200 countdown_handler_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230927/r20110914/elements/html/ Frame 079C 18 KB
7 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230927/r20110914/elements/html/countdown_handler_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2316275586951220&output=html&h=800&adk=792072791&adf=1300378861&w=450&vpmute=0&channel=4089988593&format=450x800&url=https%3A%2F%2Fth.y8.com%2F&ea=0&pra=3&wgl=1&fa=11&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695985093761&bpp=1&bdt=1273&idt=1&shv=r20230927&mjsv=m202309250101&ptt=9&saldr=aa&prev_fmts=0x0%2C450x800&nras=3&correlator=5705232052806&rume=1&pv_ch=4089988593%2B&frm=24&ife=1&pv=1&ga_vid=703023347.1695985093&ga_sid=1695985093&ga_hid=1918410299&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=450&ish=800&ifk=500929938&scr_x=-12245933&scr_y=-12245933&eid=44759926%2C44759875%2C31078215%2C21065724%2C31061691%2C31061693&oid=2&pvsid=1779559608651120&tmod=1915005458&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C450%2C800&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=3&uci=3.ebm642bzzb24&fsb=1&dtd=3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

376404b001b2494520956f1b3672b794e22b1982b23ed57a97e50a6a73a29caf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 07:03:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14057
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7440
x-xss-protection: 0
server: cafe
etag: 5262339352073800795
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 13 Oct 2023 07:03:57 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 2984 14 KB
1 KB 21ms
21ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 29 Sep 2023 10:58:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 29 Sep 2023 09:56:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 29 Sep 2023 10:58:14 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/ Frame 2984 2 KB
892 B 12ms
12ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 28 Sep 2023 16:48:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65356
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 12 Oct 2023 16:48:58 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230927/r20110914/ Frame 2984 23 KB
9 KB 11ms
11ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230927/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 28 Sep 2023 16:48:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65357
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9135
x-xss-protection: 0
server: cafe
etag: 9583221549990841032
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 12 Oct 2023 16:48:57 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame C01C 143 B
166 B 12ms
11ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2316275586951220&output=html&h=800&adk=792072791&adf=2873238072&w=450&vpmute=0&channel=4089988593&format=450x800&url=https%3A%2F%2Fth.y8.com%2F&ea=0&pra=3&wgl=1&fa=10&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695985093753&bpp=2&bdt=1264&idt=2&shv=r20230927&mjsv=m202309250101&ptt=9&saldr=aa&prev_fmts=0x0&nras=2&correlator=5705232052806&rume=1&pv_ch=4089988593%2B&frm=24&ife=1&pv=1&ga_vid=703023347.1695985093&ga_sid=1695985093&ga_hid=1918410299&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=450&ish=800&ifk=500929938&scr_x=-12245933&scr_y=-12245933&eid=44759926%2C44759875%2C31078215%2C21065724%2C31061691%2C31061693&oid=2&pvsid=1779559608651120&tmod=1915005458&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C450%2C800&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=2&uci=2.lknzhm10vs68&fsb=1&dtd=5
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2996
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 29 Sep 2023 10:08:18 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/ Frame 2984 3 KB
1 KB 11ms
11ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 09:05:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6764
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 13 Oct 2023 09:05:30 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 86EE 1 KB
643 B 15ms
11ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 10969
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 29 Sep 2023 07:55:25 GMT
etag: 48472445140208031
expires: Sat, 30 Sep 2023 07:55:25 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/ Frame 2984 20 KB
8 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

113c3c3c7de8fe21fe5a6d4b6c367d658dab1dc5b5f820393e0b98fc11032771

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 28 Sep 2023 16:48:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65356
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8282
x-xss-protection: 0
server: cafe
etag: 5314254467506293444
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 12 Oct 2023 16:48:58 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 2984 0
0 19ms
15ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaT79Bw39zcAXe6IIXyCHOk9KTfJ5_H84ItddXtktLliBwX6L1T6PrnJhvFf1tmfuTAJkpqyFDtIaSLms6QQBiB8w9iFcw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2316275586951220&output=html&h=800&adk=792072791&adf=2873238072&w=450&vpmute=0&channel=4089988593&format=450x800&url=https%3A%2F%2Fth.y8.com%2F&ea=0&pra=3&wgl=1&fa=10&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695985093753&bpp=2&bdt=1264&idt=2&shv=r20230927&mjsv=m202309250101&ptt=9&saldr=aa&prev_fmts=0x0&nras=2&correlator=5705232052806&rume=1&pv_ch=4089988593%2B&frm=24&ife=1&pv=1&ga_vid=703023347.1695985093&ga_sid=1695985093&ga_hid=1918410299&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=450&ish=800&ifk=500929938&scr_x=-12245933&scr_y=-12245933&eid=44759926%2C44759875%2C31078215%2C21065724%2C31061691%2C31061693&oid=2&pvsid=1779559608651120&tmod=1915005458&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C450%2C800&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=2&uci=2.lknzhm10vs68&fsb=1&dtd=5
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2984 182 KB
58 KB 84ms
38ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

71ba7e09487750d7426b3bd64cf57facb8eb119939eb7055138ee55f13bb6f05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 10:58:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58285
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1695814262870679"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Sep 2023 10:58:14 GMT

GET
H2 200 fda82c26911938d9c7ca79f9220f8b0c.js Show response
www.gstatic.com/mysidia/ Frame 2984 36 KB
15 KB 20ms
2ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/fda82c26911938d9c7ca79f9220f8b0c.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f1843ba4bdea64726280f2365f8ad8a47e70ee54327f98273daf7fac5120074

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 10:18:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2413
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15328
x-xss-protection: 0
last-modified: Mon, 25 Sep 2023 20:14:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 28 Dec 2023 10:18:01 GMT

GET
H3 200 7a9087b9716ee70ebefd221ff96707f0.js Show response
www.gstatic.com/mysidia/ Frame 84F6 9 KB
4 KB 12ms
11ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/7a9087b9716ee70ebefd221ff96707f0.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2316275586951220&output=html&h=800&adk=792072791&adf=1300378861&w=450&vpmute=0&channel=4089988593&format=450x800&url=https%3A%2F%2Fth.y8.com%2F&ea=0&pra=3&wgl=1&fa=11&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695985093761&bpp=1&bdt=1273&idt=1&shv=r20230927&mjsv=m202309250101&ptt=9&saldr=aa&prev_fmts=0x0%2C450x800&nras=3&correlator=5705232052806&rume=1&pv_ch=4089988593%2B&frm=24&ife=1&pv=1&ga_vid=703023347.1695985093&ga_sid=1695985093&ga_hid=1918410299&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=450&ish=800&ifk=500929938&scr_x=-12245933&scr_y=-12245933&eid=44759926%2C44759875%2C31078215%2C21065724%2C31061691%2C31061693&oid=2&pvsid=1779559608651120&tmod=1915005458&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C450%2C800&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=3&uci=3.ebm642bzzb24&fsb=1&dtd=3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce8f9d182af5969cdafad9b5f0e5c1fb14d5d087b3d798c44ee208b00684cc35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 10:18:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2413
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3907
x-xss-protection: 0
last-modified: Mon, 25 Sep 2023 20:14:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 28 Dec 2023 10:18:01 GMT

GET
H3 200 e90fa93b117dc424f62dd20c7a276c74.js Show response
www.gstatic.com/mysidia/ Frame 84F6 11 KB
5 KB 12ms
12ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/e90fa93b117dc424f62dd20c7a276c74.js?tag=text/vanilla_highlight_ms

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2316275586951220&output=html&h=800&adk=792072791&adf=1300378861&w=450&vpmute=0&channel=4089988593&format=450x800&url=https%3A%2F%2Fth.y8.com%2F&ea=0&pra=3&wgl=1&fa=11&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695985093761&bpp=1&bdt=1273&idt=1&shv=r20230927&mjsv=m202309250101&ptt=9&saldr=aa&prev_fmts=0x0%2C450x800&nras=3&correlator=5705232052806&rume=1&pv_ch=4089988593%2B&frm=24&ife=1&pv=1&ga_vid=703023347.1695985093&ga_sid=1695985093&ga_hid=1918410299&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=450&ish=800&ifk=500929938&scr_x=-12245933&scr_y=-12245933&eid=44759926%2C44759875%2C31078215%2C21065724%2C31061691%2C31061693&oid=2&pvsid=1779559608651120&tmod=1915005458&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C450%2C800&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=3&uci=3.ebm642bzzb24&fsb=1&dtd=3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

86ba91ffdcece964d969b05cff1c7b3b94532e589870491f0714f6da82844971

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 20:40:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 310694
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4835
x-xss-protection: 0
last-modified: Mon, 25 Sep 2023 20:14:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 24 Dec 2023 20:40:00 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 84F6 14 KB
1 KB 16ms
16ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2316275586951220&output=html&h=800&adk=792072791&adf=1300378861&w=450&vpmute=0&channel=4089988593&format=450x800&url=https%3A%2F%2Fth.y8.com%2F&ea=0&pra=3&wgl=1&fa=11&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695985093761&bpp=1&bdt=1273&idt=1&shv=r20230927&mjsv=m202309250101&ptt=9&saldr=aa&prev_fmts=0x0%2C450x800&nras=3&correlator=5705232052806&rume=1&pv_ch=4089988593%2B&frm=24&ife=1&pv=1&ga_vid=703023347.1695985093&ga_sid=1695985093&ga_hid=1918410299&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=450&ish=800&ifk=500929938&scr_x=-12245933&scr_y=-12245933&eid=44759926%2C44759875%2C31078215%2C21065724%2C31061691%2C31061693&oid=2&pvsid=1779559608651120&tmod=1915005458&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C450%2C800&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=3&uci=3.ebm642bzzb24&fsb=1&dtd=3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 29 Sep 2023 10:58:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 29 Sep 2023 09:56:55 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 29 Sep 2023 10:58:14 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/ Frame 84F6 2 KB
892 B 12ms
10ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2316275586951220&output=html&h=800&adk=792072791&adf=1300378861&w=450&vpmute=0&channel=4089988593&format=450x800&url=https%3A%2F%2Fth.y8.com%2F&ea=0&pra=3&wgl=1&fa=11&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695985093761&bpp=1&bdt=1273&idt=1&shv=r20230927&mjsv=m202309250101&ptt=9&saldr=aa&prev_fmts=0x0%2C450x800&nras=3&correlator=5705232052806&rume=1&pv_ch=4089988593%2B&frm=24&ife=1&pv=1&ga_vid=703023347.1695985093&ga_sid=1695985093&ga_hid=1918410299&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=450&ish=800&ifk=500929938&scr_x=-12245933&scr_y=-12245933&eid=44759926%2C44759875%2C31078215%2C21065724%2C31061691%2C31061693&oid=2&pvsid=1779559608651120&tmod=1915005458&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C450%2C800&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=3&uci=3.ebm642bzzb24&fsb=1&dtd=3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 28 Sep 2023 16:48:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65356
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 12 Oct 2023 16:48:58 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230927/r20110914/ Frame 84F6 23 KB
9 KB 12ms
11ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230927/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2316275586951220&output=html&h=800&adk=792072791&adf=1300378861&w=450&vpmute=0&channel=4089988593&format=450x800&url=https%3A%2F%2Fth.y8.com%2F&ea=0&pra=3&wgl=1&fa=11&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695985093761&bpp=1&bdt=1273&idt=1&shv=r20230927&mjsv=m202309250101&ptt=9&saldr=aa&prev_fmts=0x0%2C450x800&nras=3&correlator=5705232052806&rume=1&pv_ch=4089988593%2B&frm=24&ife=1&pv=1&ga_vid=703023347.1695985093&ga_sid=1695985093&ga_hid=1918410299&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=450&ish=800&ifk=500929938&scr_x=-12245933&scr_y=-12245933&eid=44759926%2C44759875%2C31078215%2C21065724%2C31061691%2C31061693&oid=2&pvsid=1779559608651120&tmod=1915005458&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C450%2C800&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=3&uci=3.ebm642bzzb24&fsb=1&dtd=3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 28 Sep 2023 16:48:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65357
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9135
x-xss-protection: 0
server: cafe
etag: 9583221549990841032
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 12 Oct 2023 16:48:57 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/ Frame 84F6 3 KB
1 KB 13ms
11ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2316275586951220&output=html&h=800&adk=792072791&adf=1300378861&w=450&vpmute=0&channel=4089988593&format=450x800&url=https%3A%2F%2Fth.y8.com%2F&ea=0&pra=3&wgl=1&fa=11&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695985093761&bpp=1&bdt=1273&idt=1&shv=r20230927&mjsv=m202309250101&ptt=9&saldr=aa&prev_fmts=0x0%2C450x800&nras=3&correlator=5705232052806&rume=1&pv_ch=4089988593%2B&frm=24&ife=1&pv=1&ga_vid=703023347.1695985093&ga_sid=1695985093&ga_hid=1918410299&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=450&ish=800&ifk=500929938&scr_x=-12245933&scr_y=-12245933&eid=44759926%2C44759875%2C31078215%2C21065724%2C31061691%2C31061693&oid=2&pvsid=1779559608651120&tmod=1915005458&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C450%2C800&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=3&uci=3.ebm642bzzb24&fsb=1&dtd=3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 09:05:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6764
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 13 Oct 2023 09:05:30 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/ Frame 84F6 20 KB
8 KB 12ms
10ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230927/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2316275586951220&output=html&h=800&adk=792072791&adf=1300378861&w=450&vpmute=0&channel=4089988593&format=450x800&url=https%3A%2F%2Fth.y8.com%2F&ea=0&pra=3&wgl=1&fa=11&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695985093761&bpp=1&bdt=1273&idt=1&shv=r20230927&mjsv=m202309250101&ptt=9&saldr=aa&prev_fmts=0x0%2C450x800&nras=3&correlator=5705232052806&rume=1&pv_ch=4089988593%2B&frm=24&ife=1&pv=1&ga_vid=703023347.1695985093&ga_sid=1695985093&ga_hid=1918410299&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=450&ish=800&ifk=500929938&scr_x=-12245933&scr_y=-12245933&eid=44759926%2C44759875%2C31078215%2C21065724%2C31061691%2C31061693&oid=2&pvsid=1779559608651120&tmod=1915005458&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C450%2C800&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=3&uci=3.ebm642bzzb24&fsb=1&dtd=3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

113c3c3c7de8fe21fe5a6d4b6c367d658dab1dc5b5f820393e0b98fc11032771

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 28 Sep 2023 16:48:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65356
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8282
x-xss-protection: 0
server: cafe
etag: 5314254467506293444
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 12 Oct 2023 16:48:58 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 84F6 0
0 18ms
16ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRRyeu_DzAVgK8wGgQJNI0sw7uJf4-dyHymZdA2wqV9oGeRo2HUtppIWLE2x3gCTIBlngx1fdkgZqtyeATC3etE7kl9ZA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2316275586951220&output=html&h=800&adk=792072791&adf=1300378861&w=450&vpmute=0&channel=4089988593&format=450x800&url=https%3A%2F%2Fth.y8.com%2F&ea=0&pra=3&wgl=1&fa=11&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695985093761&bpp=1&bdt=1273&idt=1&shv=r20230927&mjsv=m202309250101&ptt=9&saldr=aa&prev_fmts=0x0%2C450x800&nras=3&correlator=5705232052806&rume=1&pv_ch=4089988593%2B&frm=24&ife=1&pv=1&ga_vid=703023347.1695985093&ga_sid=1695985093&ga_hid=1918410299&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=450&ish=800&ifk=500929938&scr_x=-12245933&scr_y=-12245933&eid=44759926%2C44759875%2C31078215%2C21065724%2C31061691%2C31061693&oid=2&pvsid=1779559608651120&tmod=1915005458&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C450%2C800&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=3&uci=3.ebm642bzzb24&fsb=1&dtd=3
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 84F6 182 KB
57 KB 63ms
48ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2316275586951220&output=html&h=800&adk=792072791&adf=1300378861&w=450&vpmute=0&channel=4089988593&format=450x800&url=https%3A%2F%2Fth.y8.com%2F&ea=0&pra=3&wgl=1&fa=11&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695985093761&bpp=1&bdt=1273&idt=1&shv=r20230927&mjsv=m202309250101&ptt=9&saldr=aa&prev_fmts=0x0%2C450x800&nras=3&correlator=5705232052806&rume=1&pv_ch=4089988593%2B&frm=24&ife=1&pv=1&ga_vid=703023347.1695985093&ga_sid=1695985093&ga_hid=1918410299&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=450&ish=800&ifk=500929938&scr_x=-12245933&scr_y=-12245933&eid=44759926%2C44759875%2C31078215%2C21065724%2C31061691%2C31061693&oid=2&pvsid=1779559608651120&tmod=1915005458&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C450%2C800&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=3&uci=3.ebm642bzzb24&fsb=1&dtd=3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

71ba7e09487750d7426b3bd64cf57facb8eb119939eb7055138ee55f13bb6f05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 10:58:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58285
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1695814262870679"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Sep 2023 10:58:14 GMT

GET
H3 200 fda82c26911938d9c7ca79f9220f8b0c.js Show response
www.gstatic.com/mysidia/ Frame 84F6 36 KB
15 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/fda82c26911938d9c7ca79f9220f8b0c.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2316275586951220&output=html&h=800&adk=792072791&adf=1300378861&w=450&vpmute=0&channel=4089988593&format=450x800&url=https%3A%2F%2Fth.y8.com%2F&ea=0&pra=3&wgl=1&fa=11&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695985093761&bpp=1&bdt=1273&idt=1&shv=r20230927&mjsv=m202309250101&ptt=9&saldr=aa&prev_fmts=0x0%2C450x800&nras=3&correlator=5705232052806&rume=1&pv_ch=4089988593%2B&frm=24&ife=1&pv=1&ga_vid=703023347.1695985093&ga_sid=1695985093&ga_hid=1918410299&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=450&ish=800&ifk=500929938&scr_x=-12245933&scr_y=-12245933&eid=44759926%2C44759875%2C31078215%2C21065724%2C31061691%2C31061693&oid=2&pvsid=1779559608651120&tmod=1915005458&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C450%2C800&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=3&uci=3.ebm642bzzb24&fsb=1&dtd=3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f1843ba4bdea64726280f2365f8ad8a47e70ee54327f98273daf7fac5120074

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 10:18:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2413
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15328
x-xss-protection: 0
last-modified: Mon, 25 Sep 2023 20:14:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 28 Dec 2023 10:18:01 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 86EE
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEOIsc9mwDWrUgnOi30aCorc&google_push=AXcoOmT6qwzqrFelhYAbm3r-37pDdFS9-tQYaprCdEORguhdYKwECG6q5K...

170 B
188 B

16ms
16ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEOIsc9mwDWrUgnOi30aCorc&google_push=AXcoOmT6qwzqrFelhYAbm3r-37pDdFS9-tQYaprCdEORguhdYKwECG6q5KhCyMZ6V-HUFsjV8trf2T22gUSKvGHDwOks5aAsjnOTNt2I

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Sep 2023 10:58:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-fra-eddf8230124-FRA
pragma: no-cache
date: Fri, 29 Sep 2023 10:58:14 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1695985094.407189,VS0,VE95
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEOIsc9mwDWrUgnOi30aCorc&google_push=AXcoOmT6qwzqrFelhYAbm3r-37pDdFS9-tQYaprCdEORguhdYKwECG6q5KhCyMZ6V-HUFsjV8trf2T22gUSKvGHDwOks5aAsjnOTNt2I
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 86EE
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEKTIfIh6bB2X2k1MxsL6fYg&google_cver=1&google_push=AXcoOmTtkiTsPImP7vqVxmYDR7h0Biecx7-OacMEjGSHe7G2WD2JEQC-8gjvM1FfGRKZ-UHbqgNzLJyCN6QeFugg9wZXGfASixLfSP4
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=CEDEF35E4763416A8452DC421D989789&google_push=AXcoOmTtkiTsPImP7vqVxmYDR7h0Biecx7-OacMEjGSHe7G2WD2JEQC-8gjvM1FfGRKZ-UHbqgNzLJyCN6QeFug...

170 B
232 B

18ms
17ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=CEDEF35E4763416A8452DC421D989789&google_push=AXcoOmTtkiTsPImP7vqVxmYDR7h0Biecx7-OacMEjGSHe7G2WD2JEQC-8gjvM1FfGRKZ-UHbqgNzLJyCN6QeFugg9wZXGfASixLfSP4

Requested by

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Sep 2023 10:58:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 29 Sep 2023 10:58:14 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=CEDEF35E4763416A8452DC421D989789&google_push=AXcoOmTtkiTsPImP7vqVxmYDR7h0Biecx7-OacMEjGSHe7G2WD2JEQC-8gjvM1FfGRKZ-UHbqgNzLJyCN6QeFugg9wZXGfASixLfSP4
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Thu, 28 Sep 2023 10:58:14 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 86EE
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEJN0ObrqVr1urWPhn2kE0wc&google_cver=1&google_push=AXcoOmSdA3n4AP-ARpEeJ_o5OyvEn2LXR0oT9F8MLxGQ4nQDT53C2oje6mdC8NF0Tr5OizZDmNNSxU2by-i...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmSdA3n4AP-ARpEeJ_o5OyvEn2LXR0oT9F8MLxGQ4nQDT53C2oje6mdC8NF0Tr5OizZDmNNSxU2by-iqMi2pQBYdZ_M81txm7RMf&google_hm=TsQidrS0T1-cTsm4...

170 B
232 B

16ms
16ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmSdA3n4AP-ARpEeJ_o5OyvEn2LXR0oT9F8MLxGQ4nQDT53C2oje6mdC8NF0Tr5OizZDmNNSxU2by-iqMi2pQBYdZ_M81txm7RMf&google_hm=TsQidrS0T1-cTsm4fM4ei0o

Requested by

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Sep 2023 10:58:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 29 Sep 2023 10:58:14 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmSdA3n4AP-ARpEeJ_o5OyvEn2LXR0oT9F8MLxGQ4nQDT53C2oje6mdC8NF0Tr5OizZDmNNSxU2by-iqMi2pQBYdZ_M81txm7RMf&google_hm=TsQidrS0T1-cTsm4fM4ei0o
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 86EE
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESECk64G0k_aTjlI6eYMDHh38&google_cver=1&google_push=AXcoOmROBqyjQKGPT_WEVKYqyiF9vPKHe1ZUszsvFhh1LIsrGwktUvKnO6NU60VZep8VtCzaanWH1c6aJxf3wU...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI4NDIwMDUxMzI0NTM0NTk0Mw%3D%3D&google_push=AXcoOmROBqyjQKGPT_WEVKYqyiF9vPKHe1ZUszsvFhh1LIsrGwktUvKnO6NU60VZep8VtCzaanWH1c6aJxf3wUJZpd...

170 B
329 B

18ms
16ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI4NDIwMDUxMzI0NTM0NTk0Mw%3D%3D&google_push=AXcoOmROBqyjQKGPT_WEVKYqyiF9vPKHe1ZUszsvFhh1LIsrGwktUvKnO6NU60VZep8VtCzaanWH1c6aJxf3wUJZpdLVSb991v3N5E4

Requested by

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Sep 2023 10:58:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI4NDIwMDUxMzI0NTM0NTk0Mw%3D%3D&google_push=AXcoOmROBqyjQKGPT_WEVKYqyiF9vPKHe1ZUszsvFhh1LIsrGwktUvKnO6NU60VZep8VtCzaanWH1c6aJxf3wUJZpdLVSb991v3N5E4
Date: Fri, 29 Sep 2023 10:58:14 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 86EE
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEJyIuVg5CRCQ0-rt95m7Y8I&google_cver=1&google_push=AXcoOmSkQSQrEGaXMy8JTmGq97FIakhIjVHfNuM0YKyo4_QEbdVjO5Rd8iK8bG4Hz7pK0a4MKCSYOGLQxp1F3GbquLh3uxR...
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEJyIuVg5CRCQ0-rt95m7Y8I&google_cver=1&google_push=AXcoOmSkQSQrEGaXMy8JTmGq97FIakhIjVHfNuM0YKyo4_QEbdVjO5Rd8iK8bG4Hz7pK0a4MKCSYOGLQxp1F3GbquLh3u...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmSkQSQrEGaXMy8JTmGq97FIakhIjVHfNuM0YKyo4_QEbdVjO5Rd8iK8bG4Hz7pK0a4MKCSYOGLQxp1F3GbquLh3uxR7YycGIZy-

170 B
188 B

18ms
17ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmSkQSQrEGaXMy8JTmGq97FIakhIjVHfNuM0YKyo4_QEbdVjO5Rd8iK8bG4Hz7pK0a4MKCSYOGLQxp1F3GbquLh3uxR7YycGIZy-

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Sep 2023 10:58:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmSkQSQrEGaXMy8JTmGq97FIakhIjVHfNuM0YKyo4_QEbdVjO5Rd8iK8bG4Hz7pK0a4MKCSYOGLQxp1F3GbquLh3uxR7YycGIZy-
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame 86EE 43 B
363 B 60ms
17ms Image
image/gif 178.250.7.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmTMY96TplBgJOqX7mwG3yTDCGIm9aMELR3xMIzffMGYoJ9e0hwtL-MQZu0UpWGfGj1eOznqivi_HgkK1z33JgjDXDXoe1p2egs&google_gid=CAESEH5GK4h1hmhxj6YFIzNJtac&google_cver=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Sep 2023 10:58:13 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 321191
expires: Fri, 29 Sep 2023 00:00:00 GMT

GET
H2

200

report
sync.teads.tv/um/ Frame 86EE
Redirect Chain

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEH4nMPAuQuso...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmRKhrZOb09Gmjzu7iR5BUFH3usnnH7FZt8hwVM6E51GCHX_e6iN_-F74uvwN_2aF5CkK73L1f979ihk_ZaJYEBCG1KezFH33vJGBw
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
163 B

41ms
40ms

Image
image/gif

23.35.237.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Protocol: H2
Server: 23.35.237.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-56.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

expires: Fri, 29 Sep 2023 10:58:14 GMT
pragma: no-cache
date: Fri, 29 Sep 2023 10:58:14 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 29 Sep 2023 10:58:14 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 86EE 0
130 B 55ms
15ms Image
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LNH8TU4M5BhmuMPghE0EkUZu78sTibtFwv_RagqfRBkBKl-JtgfsSL9i6lJCeD6CttvWoydQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 10:58:14 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame C01C
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

20ms
19ms

Document
text/html

2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 29 Sep 2023 10:58:14 GMT
expires: Fri, 29 Sep 2023 10:58:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 29 Sep 2023 10:58:14 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 9D7C 143 B
166 B 14ms
9ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2316275586951220&output=html&h=800&adk=792072791&adf=1300378861&w=450&vpmute=0&channel=4089988593&format=450x800&url=https%3A%2F%2Fth.y8.com%2F&ea=0&pra=3&wgl=1&fa=11&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695985093761&bpp=1&bdt=1273&idt=1&shv=r20230927&mjsv=m202309250101&ptt=9&saldr=aa&prev_fmts=0x0%2C450x800&nras=3&correlator=5705232052806&rume=1&pv_ch=4089988593%2B&frm=24&ife=1&pv=1&ga_vid=703023347.1695985093&ga_sid=1695985093&ga_hid=1918410299&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=450&ish=800&ifk=500929938&scr_x=-12245933&scr_y=-12245933&eid=44759926%2C44759875%2C31078215%2C21065724%2C31061691%2C31061693&oid=2&pvsid=1779559608651120&tmod=1915005458&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C450%2C800&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=3&uci=3.ebm642bzzb24&fsb=1&dtd=3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2316275586951220&output=html&h=800&adk=792072791&adf=1300378861&w=450&vpmute=0&channel=4089988593&format=450x800&url=https%3A%2F%2Fth.y8.com%2F&ea=0&pra=3&wgl=1&fa=11&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695985093761&bpp=1&bdt=1273&idt=1&shv=r20230927&mjsv=m202309250101&ptt=9&saldr=aa&prev_fmts=0x0%2C450x800&nras=3&correlator=5705232052806&rume=1&pv_ch=4089988593%2B&frm=24&ife=1&pv=1&ga_vid=703023347.1695985093&ga_sid=1695985093&ga_hid=1918410299&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=450&ish=800&ifk=500929938&scr_x=-12245933&scr_y=-12245933&eid=44759926%2C44759875%2C31078215%2C21065724%2C31061691%2C31061693&oid=2&pvsid=1779559608651120&tmod=1915005458&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C450%2C800&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=3&uci=3.ebm642bzzb24&fsb=1&dtd=3
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2996
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 29 Sep 2023 10:08:18 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 0DE8 1 KB
643 B 9ms
6ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2316275586951220&output=html&h=800&adk=792072791&adf=1300378861&w=450&vpmute=0&channel=4089988593&format=450x800&url=https%3A%2F%2Fth.y8.com%2F&ea=0&pra=3&wgl=1&fa=11&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695985093761&bpp=1&bdt=1273&idt=1&shv=r20230927&mjsv=m202309250101&ptt=9&saldr=aa&prev_fmts=0x0%2C450x800&nras=3&correlator=5705232052806&rume=1&pv_ch=4089988593%2B&frm=24&ife=1&pv=1&ga_vid=703023347.1695985093&ga_sid=1695985093&ga_hid=1918410299&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=450&ish=800&ifk=500929938&scr_x=-12245933&scr_y=-12245933&eid=44759926%2C44759875%2C31078215%2C21065724%2C31061691%2C31061693&oid=2&pvsid=1779559608651120&tmod=1915005458&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C450%2C800&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=3&uci=3.ebm642bzzb24&fsb=1&dtd=3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 10969
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 29 Sep 2023 07:55:25 GMT
etag: 48472445140208031
expires: Sat, 30 Sep 2023 07:55:25 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 6E0F 0
0 46ms
45ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230927&jk=1779559608651120&bg=!bm2lbSLNAAYEJRtnJCU7ADQBe5WfODBk0bKlK6k0EhW_F54-iv0kPqAz2ekFdEbLUHrLkwTdTpwVFEXhHAFrcXhxO9EYAgAAAHtSAAAACWgBB5kC3ubqIQohxfakOUterSl33p1ed7yUXlcQy-DjyR0kEaiJhd6W8ckX8AMpVpw-BB168VIoGvbfHFGY3JZeD0oAE-wLnkQXbVoHt-JXQZzatjoIghYQxJe-6iX7ZgclydK4vAL4IMBjYiToeklXO6M2Yl0iJcWICQGa__FASepPubFoJhHfpu4JYj8UtvhnwH5SUWz9Jt6CJcwDq_FRb_5KTGF4BIK8OMHsluKnsEVgKaa7cJlK3uZiI6h5a2E143UbJ51UeprPpx86N8gpasOEzvJrxSoRKDFRyu44IQP02SdEr6cdog7ve_QH-Wn5danjGAkpsqTdGHsEhZaQzr8_iJ5o8vqR4v840omuzTRAvMkl3eUPhjDb04ZOhHEWJPvkul4MnWnSU_C1K8QevAUh0Q4Bi2M_JOC6DcY29C6O5yWv1ZypZ0NUTon_MQWDJrzQssKdD0l3eZdeEjGWyvGjG9uqHjXf2z4LcP44vz8II2C9qtCAWdBEUGIPIDxGhNEBSySOvwloL1gKxKzFzavV6v-A7DVXDWP4yPTZPqZJACG-yjyaLeZ55ApqFvIMerbmj4Mtv7wvuFp-KtDN1ZU1pKCo8YVkU7Kcjs3if_1jRf2gI2lNiG5y6bw9VNjkB9vCgscATGtx6cAfwuDM_qcv_xGSmOZuRwl3bD1Q_lH_z9ZRXvT5OecY9NwaytCeRKSnTLFVwJkaQj2-9LZSVlpd35Ra85c10dBa76F0yQID6FUQpWopOiMdwCjlPkduYmHFhsVdPDgMBfn0u5z0JysFjeSTPjV9z8qmjYkzEZboMTx-O2sx2NyLE4OUKEalEvO4JV5Il00WjtzrKiN6jAd4Bk4tphIZbjfXamXGCAMPkDglTa1k9uKzjdjKjlO15TGCFRuI8mKQcncup03klfrEVsqpEPNXyerNQ-74sTeghk5JSPW_af054DEjO85Rl-N6zd2dMpZtczTskyIi4HQI
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://html5.gamedistribution.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6E0F 0
20 B 42ms
41ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=slotcar&type=2&src=1&stats=1&timing=749&event=prf_suc&client=ca-pub-2316275586951220&bow_v=r20230927&js_v=m202309250101&fetcher=adsense&eid=44759926%2C44759875%2C31078215%2C21065724%2C31061691%2C31061693

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://html5.gamedistribution.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Sep 2023 10:58:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6E0F 0
20 B 41ms
41ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=slotcar&type=1&src=1&stats=1&timing=768&event=prf_suc&client=ca-pub-2316275586951220&bow_v=r20230927&js_v=m202309250101&fetcher=adsense&eid=44759926%2C44759875%2C31078215%2C21065724%2C31061691%2C31061693

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://html5.gamedistribution.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Sep 2023 10:58:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 0DE8
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEIPg3DsPv8CyZsTgmD59iLc&google_cver=1&google_push=AXcoOmSmnQ_WmoZ8CaABEnbDI7-Va4ADbQjAJlVIJsd8aPReq0XPGPfEv5zFsUmYw3oPNx6haodqvcjzrlQl3fsrfFzdF825UZi-Syi6
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDQ5Mjc2MjA1MDIxNDEwMjAzOA==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEIPg3DsPv8CyZsTgmD59iLc&google_cver=1

43 B
398 B

53ms
25ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEIPg3DsPv8CyZsTgmD59iLc&google_cver=1
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 29 Sep 2023 10:58:14 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Fri, 29 Sep 2023 10:58:14 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEIPg3DsPv8CyZsTgmD59iLc&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame 0DE8 35 B
464 B 39ms
8ms Image
image/gif 2620:116:800d:21:c5a4:625:6563:a5bb
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEHlDcssoZd2IK3tWjAlRHDo&google_cver=1&google_push=AXcoOmS8dUk-jHJHQtdToocTv7YURhFYHKBPblza6bZtWYGNAwsezubNDh_OHvqfGnARtergjGlrprvXdLVYjF2ZIQRRnSBJ24QPPObU

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2316275586951220&output=html&h=800&adk=792072791&adf=1300378861&w=450&vpmute=0&channel=4089988593&format=450x800&url=https%3A%2F%2Fth.y8.com%2F&ea=0&pra=3&wgl=1&fa=11&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695985093761&bpp=1&bdt=1273&idt=1&shv=r20230927&mjsv=m202309250101&ptt=9&saldr=aa&prev_fmts=0x0%2C450x800&nras=3&correlator=5705232052806&rume=1&pv_ch=4089988593%2B&frm=24&ife=1&pv=1&ga_vid=703023347.1695985093&ga_sid=1695985093&ga_hid=1918410299&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=450&ish=800&ifk=500929938&scr_x=-12245933&scr_y=-12245933&eid=44759926%2C44759875%2C31078215%2C21065724%2C31061691%2C31061693&oid=2&pvsid=1779559608651120&tmod=1915005458&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C450%2C800&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=3&uci=3.ebm642bzzb24&fsb=1&dtd=3

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:c5a4:625:6563:a5bb , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Sep 2023 10:58:14 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0DE8
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEDeFdPbUQfSINbA0THNj-Xw&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEDeFdPbUQfSINbA0THNj-Xw&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=VFNBZ0JQSUYxUU1iY2k1&google_gid=CAESEDeFdPbUQfSINbA0THNj-Xw&google_cver=1&google_push=AXcoOmQrqEV0KHRqltXXIGDzBjEU4dI1lynliJG-BT8ci0p...

170 B
188 B

17ms
16ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=VFNBZ0JQSUYxUU1iY2k1&google_gid=CAESEDeFdPbUQfSINbA0THNj-Xw&google_cver=1&google_push=AXcoOmQrqEV0KHRqltXXIGDzBjEU4dI1lynliJG-BT8ci0pMhvVnv-Qol9IO0P6j-o_vC1ZgWKV3bSvMuB1c8eSKQ6dQYTCBeE_uRBaP

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Sep 2023 10:58:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 29 Sep 2023 10:58:13 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-789-g976496f#rel-ec2-master i-09020254b0ff1bdd0@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=VFNBZ0JQSUYxUU1iY2k1&google_gid=CAESEDeFdPbUQfSINbA0THNj-Xw&google_cver=1&google_push=AXcoOmQrqEV0KHRqltXXIGDzBjEU4dI1lynliJG-BT8ci0pMhvVnv-Qol9IO0P6j-o_vC1ZgWKV3bSvMuB1c8eSKQ6dQYTCBeE_uRBaP
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0DE8
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEKTIfIh6bB2X2k1MxsL6fYg&google_cver=1&google_push=AXcoOmQAkV_9yJgv3ubw9JnXag9E8oPto6S-APK37ckHI7igattVdgpZurF877x3ssA4TFexkuyKKnYq6-aKlv4DPI9vkzHxltyNFXO3
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=CEDEF35E4763416A8452DC421D989789&google_push=AXcoOmQAkV_9yJgv3ubw9JnXag9E8oPto6S-APK37ckHI7igattVdgpZurF877x3ssA4TFexkuyKKnYq6-aKlv4...

170 B
188 B

19ms
18ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=CEDEF35E4763416A8452DC421D989789&google_push=AXcoOmQAkV_9yJgv3ubw9JnXag9E8oPto6S-APK37ckHI7igattVdgpZurF877x3ssA4TFexkuyKKnYq6-aKlv4DPI9vkzHxltyNFXO3

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Sep 2023 10:58:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 29 Sep 2023 10:58:14 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=CEDEF35E4763416A8452DC421D989789&google_push=AXcoOmQAkV_9yJgv3ubw9JnXag9E8oPto6S-APK37ckHI7igattVdgpZurF877x3ssA4TFexkuyKKnYq6-aKlv4DPI9vkzHxltyNFXO3
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Thu, 28 Sep 2023 10:58:14 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 0DE8 70 B
149 B 111ms
33ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESELtl60LDHdAaWyFuIBYv2Es&google_cver=1&google_push=AXcoOmRLV4D7fax4_FmS9DfSe9qTtAzSErXsRks-lCen9ydrkGtfWiP3BofXPwb8dc2CIYOU_2F9F3_By6Q9H8zUcPVi2i4ANoa_IEw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2316275586951220&output=html&h=800&adk=792072791&adf=1300378861&w=450&vpmute=0&channel=4089988593&format=450x800&url=https%3A%2F%2Fth.y8.com%2F&ea=0&pra=3&wgl=1&fa=11&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695985093761&bpp=1&bdt=1273&idt=1&shv=r20230927&mjsv=m202309250101&ptt=9&saldr=aa&prev_fmts=0x0%2C450x800&nras=3&correlator=5705232052806&rume=1&pv_ch=4089988593%2B&frm=24&ife=1&pv=1&ga_vid=703023347.1695985093&ga_sid=1695985093&ga_hid=1918410299&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=450&ish=800&ifk=500929938&scr_x=-12245933&scr_y=-12245933&eid=44759926%2C44759875%2C31078215%2C21065724%2C31061691%2C31061693&oid=2&pvsid=1779559608651120&tmod=1915005458&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C450%2C800&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=3&uci=3.ebm642bzzb24&fsb=1&dtd=3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 10:58:14 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0DE8
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEBYrixLSwCP7G7x-11YIpd4&google_cver=1&google_push=AXcoOmR5F90jZwN9LsKwTmO2WvFVAlL3kFWSpqxiqqv_oZDMO0RuvXYiRROQNgrmVByZ1DHNGM1H_J4Q...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEBYrixLSwCP7G7x-11YIpd4&google_cver=1&google_push=AXcoOmR5F90jZwN9LsKwTmO2WvFVAlL3kFWSpqxiqqv_oZDMO0RuvXYiRROQNgrmVByZ1DHNGM1...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODQxNzY0NDQyNDM0ODk4OTIxNg&google_push=AXcoOmR5F90jZwN9LsKwTmO2WvFVAlL3kFWSpqxiqqv_oZDMO0RuvXYiRROQNgrmVByZ1DHNGM1H_J...

170 B
188 B

17ms
17ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODQxNzY0NDQyNDM0ODk4OTIxNg&google_push=AXcoOmR5F90jZwN9LsKwTmO2WvFVAlL3kFWSpqxiqqv_oZDMO0RuvXYiRROQNgrmVByZ1DHNGM1H_J4QypkdRc9DbkJsyprEZnAUBMRF

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Sep 2023 10:58:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 29 Sep 2023 10:58:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODQxNzY0NDQyNDM0ODk4OTIxNg&google_push=AXcoOmR5F90jZwN9LsKwTmO2WvFVAlL3kFWSpqxiqqv_oZDMO0RuvXYiRROQNgrmVByZ1DHNGM1H_J4QypkdRc9DbkJsyprEZnAUBMRF
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0DE8
Redirect Chain

https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESEACVIyDeNAicA2RuQKR57-s&google_cver=1&google_push=AXcoOmSs7I5KzwsFATjGHPvN28Z4fQmVG5SnSgwwhffu6pR2JHdFa29DPTYYCiQDXR...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmSs7I5KzwsFATjGHPvN28Z4fQmVG5SnSgwwhffu6pR2JHdFa29DPTYYCiQDXRYbB1CWJA9d0to3ZGz5RRV_I5yWKCnK32ZjTMyxiQ&google_...

170 B
188 B

17ms
16ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmSs7I5KzwsFATjGHPvN28Z4fQmVG5SnSgwwhffu6pR2JHdFa29DPTYYCiQDXRYbB1CWJA9d0to3ZGz5RRV_I5yWKCnK32ZjTMyxiQ&google_hm=TsQidrS0T1-cTsm4fM4ei0o

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Sep 2023 10:58:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 29 Sep 2023 10:58:14 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmSs7I5KzwsFATjGHPvN28Z4fQmVG5SnSgwwhffu6pR2JHdFa29DPTYYCiQDXRYbB1CWJA9d0to3ZGz5RRV_I5yWKCnK32ZjTMyxiQ&google_hm=TsQidrS0T1-cTsm4fM4ei0o
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 0DE8 0
12 B 18ms
17ms Image
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JCEUqsjFQW8R_01uL9CW3SqUY8k1jgmXHIAtdsfhah5o1Tkyuj_xjL3WPIzoRVLgVW0HLatw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2316275586951220&output=html&h=800&adk=792072791&adf=1300378861&w=450&vpmute=0&channel=4089988593&format=450x800&url=https%3A%2F%2Fth.y8.com%2F&ea=0&pra=3&wgl=1&fa=11&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695985093761&bpp=1&bdt=1273&idt=1&shv=r20230927&mjsv=m202309250101&ptt=9&saldr=aa&prev_fmts=0x0%2C450x800&nras=3&correlator=5705232052806&rume=1&pv_ch=4089988593%2B&frm=24&ife=1&pv=1&ga_vid=703023347.1695985093&ga_sid=1695985093&ga_hid=1918410299&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=450&ish=800&ifk=500929938&scr_x=-12245933&scr_y=-12245933&eid=44759926%2C44759875%2C31078215%2C21065724%2C31061691%2C31061693&oid=2&pvsid=1779559608651120&tmod=1915005458&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C450%2C800&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=3&uci=3.ebm642bzzb24&fsb=1&dtd=3

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 10:58:14 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 AZPNdPW41i0A735LXHzaEcWTfL_m62UD5mZxauhIRCQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 3581 38 KB
15 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/AZPNdPW41i0A735LXHzaEcWTfL_m62UD5mZxauhIRCQ.js

Requested by

Host: th.y8.com
URL: https://th.y8.com/games/body_race

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0193cd74f5b8d62d00ef7e4b5c7cda11c5937cbfe6eb6503e666716ae8484424

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 19:38:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 228006
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14917
x-xss-protection: 0
last-modified: Mon, 25 Sep 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 25 Sep 2024 19:38:08 GMT

GET
H3 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ Frame 2984 61 KB
23 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f12e2c7dba4f94aee8d24dca931ae82a9e35309125d1c48bdc80187bb25d1eb8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 10:57:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23301
x-xss-protection: 0
server: cafe
etag: 14399278723672461634
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Fri, 29 Sep 2023 11:57:13 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 9D7C
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

20ms
19ms

Document
text/html

2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2316275586951220&output=html&h=800&adk=792072791&adf=1300378861&w=450&vpmute=0&channel=4089988593&format=450x800&url=https%3A%2F%2Fth.y8.com%2F&ea=0&pra=3&wgl=1&fa=11&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695985093761&bpp=1&bdt=1273&idt=1&shv=r20230927&mjsv=m202309250101&ptt=9&saldr=aa&prev_fmts=0x0%2C450x800&nras=3&correlator=5705232052806&rume=1&pv_ch=4089988593%2B&frm=24&ife=1&pv=1&ga_vid=703023347.1695985093&ga_sid=1695985093&ga_hid=1918410299&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=450&ish=800&ifk=500929938&scr_x=-12245933&scr_y=-12245933&eid=44759926%2C44759875%2C31078215%2C21065724%2C31061691%2C31061693&oid=2&pvsid=1779559608651120&tmod=1915005458&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C450%2C800&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=3&uci=3.ebm642bzzb24&fsb=1&dtd=3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 29 Sep 2023 10:58:14 GMT
expires: Fri, 29 Sep 2023 10:58:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 29 Sep 2023 10:58:14 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 AZPNdPW41i0A735LXHzaEcWTfL_m62UD5mZxauhIRCQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 6FBF 38 KB
15 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/AZPNdPW41i0A735LXHzaEcWTfL_m62UD5mZxauhIRCQ.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2316275586951220&output=html&h=800&adk=792072791&adf=1300378861&w=450&vpmute=0&channel=4089988593&format=450x800&url=https%3A%2F%2Fth.y8.com%2F&ea=0&pra=3&wgl=1&fa=11&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695985093761&bpp=1&bdt=1273&idt=1&shv=r20230927&mjsv=m202309250101&ptt=9&saldr=aa&prev_fmts=0x0%2C450x800&nras=3&correlator=5705232052806&rume=1&pv_ch=4089988593%2B&frm=24&ife=1&pv=1&ga_vid=703023347.1695985093&ga_sid=1695985093&ga_hid=1918410299&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=450&ish=800&ifk=500929938&scr_x=-12245933&scr_y=-12245933&eid=44759926%2C44759875%2C31078215%2C21065724%2C31061691%2C31061693&oid=2&pvsid=1779559608651120&tmod=1915005458&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C450%2C800&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=3&uci=3.ebm642bzzb24&fsb=1&dtd=3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0193cd74f5b8d62d00ef7e4b5c7cda11c5937cbfe6eb6503e666716ae8484424

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 19:38:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 228006
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14917
x-xss-protection: 0
last-modified: Mon, 25 Sep 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 25 Sep 2024 19:38:08 GMT

GET
H3 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ Frame 84F6 61 KB
23 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2316275586951220&output=html&h=800&adk=792072791&adf=1300378861&w=450&vpmute=0&channel=4089988593&format=450x800&url=https%3A%2F%2Fth.y8.com%2F&ea=0&pra=3&wgl=1&fa=11&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1695985093761&bpp=1&bdt=1273&idt=1&shv=r20230927&mjsv=m202309250101&ptt=9&saldr=aa&prev_fmts=0x0%2C450x800&nras=3&correlator=5705232052806&rume=1&pv_ch=4089988593%2B&frm=24&ife=1&pv=1&ga_vid=703023347.1695985093&ga_sid=1695985093&ga_hid=1918410299&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=450&ish=800&ifk=500929938&scr_x=-12245933&scr_y=-12245933&eid=44759926%2C44759875%2C31078215%2C21065724%2C31061691%2C31061693&oid=2&pvsid=1779559608651120&tmod=1915005458&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C450%2C800&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=3&uci=3.ebm642bzzb24&fsb=1&dtd=3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f12e2c7dba4f94aee8d24dca931ae82a9e35309125d1c48bdc80187bb25d1eb8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 10:57:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23301
x-xss-protection: 0
server: cafe
etag: 14399278723672461634
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Fri, 29 Sep 2023 11:57:13 GMT

POST
H3 204 ping
pagead2.googlesyndication.com/pagead/ Frame 6E0F 0
0 42ms
41ms Fetch
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309250101/slotcar_library_fy2021.js?bust=31078215
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://html5.gamedistribution.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 204 csi
csi.gstatic.com/ Frame 2984 0
54 B 101ms
24ms Ping
image/gif 2a00:1450:400a:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~ln4hqi9i&chm=1&ctx=2&gqid=xa0WZYP0Lr6L1PIPtNKowAw&qqid=CKzDvOjUz4EDFUaHgwcdeAAPYg&met.4=fb.19~lb.3b~cmrload.41~ol.93~bdt.-1bz~bpp.-ct~idt.-ct~dtd.-cq~dt.-cv&met.3=492.1k_1~518.3y~733.6t~748.79~742.6t_i~739.7c~555.8f~556.8f_1~738.91~749.92_2~113.c0_4~113.c4~112.by_6&met.1=1.ln4hqhxk~14.0~15.0~16.0~17.0~18.0~19.1~20.1~21.1~1.ln4hqhkv~6.0~7.1~8.1~9.1~10.1~11.1~12.1~13.cf~14.cl~15.ch~16.ff~17.ff~18.ff~19.ls~20.ls~21.ls&met.7=CAUQCBgBMAE4AQ~CBIQBxgBIC8oLzBNOB5oMHBFeNwLgAGwCYgB7W2qARUKE0dvb2dsZSBTYW5zOjQwMCw1MDCwAQG4AQM~CBwQChgBIDcoNzBMOBVoOHBDeI0JgAHhBogBkA6wAQG4AQM~CAkQChgBIDkoOTBMOBNoOXBEeNtJgAGvR4gB3LcBsAEBuAED~CCgQBRgBIDsoOzBNOBNoPHBHeL0DgAGRAYgBjwGwAQG4AQM~CB4QChgBIDsoOzBNOBJoO3BGeIAMgAHUCYgBgRWwAQG4AQM~CBwQBRgBIDwoPDBROBVoQnBOeJYHgAHqBIgBlgmwAQG4AQM~CBwQChgBIDwoPDBROBVoPXBLeIZDgAHaQIgB3ZwBsAEBuAED~CBsQBhgBID0oPTBTOBY~CE0QChgBID0oPTCeAThgQEFIUVBRWGlgV2htcJQBeNnJA4ABrccDiAGksQuwAQG4AQM~CBsQChgBID4oPjBVOBg~CCgQChgBINoCKNoCMOkCOA9o3AJw6AJ4sbgBgAGFtgGIAezoA7ABAbgBAw~CAUQCBgBMMUDOJAGaAFwvwN4z5YDgAGjlAOIAebACqABt_z_________AbABAbgBAw~CBIQBxgBIMMDKMMDMNUDOBJoxANw1AN4rweAAYMFiAG8I6ABt_z_________AaoBFQoTUm9ib3RvOndnaHRANDAwOzcwMLABAbgBAw~CBsQBhgBINEDKNEDMPcDOCY~CBsQBhgBINEDKNEDMPcDOCY~CEsQChgBINEDKNEDMN4DOA1o1wNw3QN4okWAAfZCiAH4ogGgAbf8_________wGwAQG4AQM
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400a:800::2003 Zurich, Switzerland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Sep 2023 10:58:14 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 84F6 0
234 B 88ms
24ms Ping
image/gif 2a00:1450:400a:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~ln4hqib1&chm=1&ctx=2&gqid=xa0WZdiqL97BgAen1aD4AQ&qqid=CPyUwejUz4EDFRWJ7AodyUYOcA&met.4=fb.20~lb.4j~cmrload.82~ol.8x~bdt.-1cj~bpp.-d5~idt.-d5~dtd.-d3~dt.-d6&met.3=492.4c_1~518.4s~733.53~748.5y~742.52_z~739.65~555.7j~556.7j_3~738.8w~749.8w_1~113.cy_1~113.cz~112.cy_2&met.1=1.ln4hqhy3~14.1~15.0~16.1~17.1~18.1~19.1~20.1~21.1~1.ln4hqhl1~6.1~7.1~8.1~9.1~10.1~12.1~13.cp~14.cx~15.ct~16.ge~17.ge~18.ge~19.m0~20.m0~21.m0&met.7=CAUQCBgBMAE4AQ~CBsQBxgBIEgoSDBWOA4~CBsQBxgBIEgoSDBWOA4~CBIQBxgBIEooSjBcOBFoS3BbeNwLgAGwCYgB7W2qARUKE0dvb2dsZSBTYW5zOjQwMCw1MDCwAQG4AQM~CBwQChgBIEsoSzBZOA9oTHBWeI0JgAHhBogBkA6wAQG4AQM~CAkQChgBIEsoSzBaOA9oTHBXeNtJgAGvR4gB3LcBsAEBuAED~CB4QChgBIEsoSzBaOA9oTHBYeIAMgAHUCYgBgRWwAQG4AQM~CBwQChgBIEsoSzBaOA9oTXBXeIZDgAHaQIgB3ZwBsAEBuAED~CBsQBhgBIEsoSzBdOBI~CE0QChgBIEsoSzCPAThEaFpwiwF42ckDgAGtxwOIAaSxC7ABAbgBAw~CBsQChgBIEsoSzBaOA8~CCgQBRgBIJ8BKJ8BMK8BOBBopAFwrQF4vQOAAZEBiAGPAbABAbgBAw~CBwQBRgBIKABKKABMKsBOAxopAFwqgF4lgeAAeoEiAGWCbABAbgBAw~CCgQChgBINACKNACMNsCOAto0QJw2AJ4sbgBgAGFtgGIAezoA7ABAbgBAw~CAUQCBgBMNEDOJcGaAFwyQN4kbEDgAHlrgOIAdHIC6ABqvz_________AbABAbgBAw~CBIQBxgBIM8DKM8DMOkDOBpo0QNw5wN4ygaAAZ4EiAG2EKABqvz_________AaoBCAoGUm9ib3RvsAEBuAED~CBsQBhgBIOUDKOUDMPIDOA0~CEsQChgBIOUDKOUDMO0DOAho5QNw7AN4okWAAfZCiAH4ogGgAar8_________wGwAQG4AQM~CBwQChgBIOUDKOUDMO4DOAlo5gNw7gN4vDyAAZA6iAG1kAGgAar8_________wGwAQG4AQM
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400a:800::2003 Zurich, Switzerland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Sep 2023 10:58:14 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 2C16 42 B
64 B 44ms
43ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstwBXtpF0eUkyq7WvteODwXuktcbWB0W8ip1HzSFF-HYZ160RwWtHQ0fYtRJqMv_Ot6GrrHOYoAShl7l7MaOp4zBKB4hOHIypysNzARjXGbpwd4P1eysmhR6-A1YI5JepWij4FkM2DOP1VO&sai=AMfl-YQ7MXBPMKtv0-MJULN3yPWBgA-gjK1E4S-Iqth3lQbAP4BjpvtjlW_yVdICfGpbHvPo692uM_8jaWrue1iSj7Vd57csnzMu2ibNPIJris2Wq7DfZLt4Z3aHgSqZuWgNI6owhEOduSRWRvKaNw&sig=Cg0ArKJSzDzLo6RW3fqSEAE&cid=CAQSTADICaaNk5VqjgOA3KkmK-ton6jiS3clW8u0O61-hWKNKdLOANJfIZ10MoUtXksIWCkOdb0lA3-UjEponvYfAHICT-ocFrrRlkNJiGMYAQ&id=ampim&o=1086,122&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1036&mtos=0,0,1036,1036,1036&tos=0,0,1036,0,0&tfs=284&tls=1320&g=100&h=100&tt=1320&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://th.y8.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Sep 2023 10:58:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pd Show response
u.openx.net/w/1.0/ Frame 32B1 0
91 B 42ms
23ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/pd
Requested by: Host: img.y8.com
URL: https://img.y8.com/packs/js/ads/gam_prebid-c71fc2162e1d90d8d246.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://th.y8.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 20
content-type: text/html
date: Fri, 29 Sep 2023 10:58:15 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H2 204 /
onetag-sys.com/usync/ Frame EDD7 0
0 7ms
7ms Document
text/plain 51.75.86.98
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1695985092536

Requested by

Host: img.y8.com
URL: https://img.y8.com/packs/js/ads/gam_prebid-c71fc2162e1d90d8d246.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.75.86.98 , France, ASN16276 (OVH, FR),

Reverse DNS

ip98.ip-51-75-86.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://th.y8.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store
strict-transport-security: max-age=15552000

GET index.html
cdn.districtm.io/ids/ Frame DD30 0
0

GET
H2 200 ixmatch.html Show response
js-sec.indexww.com/um/ Frame 28B7 3 KB
2 KB 37ms
15ms Document
text/html 104.18.24.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: img.y8.com
URL: https://img.y8.com/packs/js/ads/gam_prebid-c71fc2162e1d90d8d246.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.24.18 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer: https://th.y8.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 692
cache-control: public, max-age=14400
cf-cache-status: HIT
cf-ray: 80e3b5c14f821e4e-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 29 Sep 2023 10:58:15 GMT
expires: Fri, 29 Sep 2023 14:58:15 GMT
last-modified: Mon, 25 Jul 2022 19:18:19 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server: cloudflare
vary: Accept-Encoding

GET
H2 200 sync Show response
eb2.3lift.com/ Frame 9EAE 37 B
140 B 45ms
8ms Document
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?
Requested by: Host: img.y8.com
URL: https://img.y8.com/packs/js/ads/gam_prebid-c71fc2162e1d90d8d246.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://th.y8.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif
date: Fri, 29 Sep 2023 10:58:15 GMT

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame B27F 52 KB
17 KB 61ms
14ms Document
text/html 23.35.236.188
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: img.y8.com
URL: https://img.y8.com/packs/js/ads/gam_prebid-c71fc2162e1d90d8d246.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-188.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://th.y8.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Fri, 29 Sep 2023 10:58:15 GMT
ETag: "623de86a-cf34"
Expires: Sat, 30 Sep 2023 10:58:17 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding

GET
H2 204 /
onetag-sys.com/usync/ 0
38 B 7ms
7ms Image
text/plain 51.75.86.98
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/usync/?tag=img

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.75.86.98 , France, ASN16276 (OVH, FR),

Reverse DNS

ip98.ip-51-75-86.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://th.y8.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-store

GET
H2 200 sync
x.bidswitch.net/ 43 B
146 B 225ms
7ms Image
image/gif 18.198.87.254
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=themediagrid
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.198.87.254 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-198-87-254.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://th.y8.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 10:58:16 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2

200

usermatch Show response
ssum-sec.casalemedia.com/ Frame D4BF
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fth.y8.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fth.y8.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

2 KB
817 B

24ms
23ms

Document
text/html

104.18.26.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fth.y8.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7baea39a599d38361eedbf4841ca8ca6c809d4c18c6c3f780a3ccd3e4cc4f966

Request headers

Referer: https://js-sec.indexww.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 80e3b5c1ae5130e4-FRA
content-encoding: br
content-type: text/html
date: Fri, 29 Sep 2023 10:58:15 GMT
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=224yLYOylQo6%2BK%2Ftj%2FLOH4Hf7Qu31Ut6psGbrZS%2FS4J9%2FWiDlWaRaYs%2FzNxb3SRDlpDAwpNiEx49p%2BLB1v5lj%2BCsCaTFQORZ8AXU5guwW%2Fs1YlqPT3wI6JHANLfxzkJ5WOEC0loMgJD2ZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 80e3b5c18e3930e4-FRA
content-length: 0
date: Fri, 29 Sep 2023 10:58:15 GMT
expires: 0
location: /usermatch?d=https%3A%2F%2Fth.y8.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uJd87vXZLzfTSkryFcpABgwaCgc9TcEhj8kWPgPbuRN4OCON5PnS2yx6DHnoLDsHa76FP9JdbsYN4jWOs430TCZvLKIMoCxWJoSsS%2FOQbhGSWRGEMYNMXqxQgUj5%2Bb6f4Vd7i8t%2BGCartw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2

200

bounce Show response
ib.adnxs.com/ Frame B27F
Redirect Chain

https://ib.adnxs.com/async_usersync?cbfn=queuePixels
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

0
646 B

15ms
14ms

Script
text/html

185.89.210.153
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Server

185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Sep 2023 10:58:15 GMT
an-x-request-uuid: 777e6ffc-4830-4e5b-9e0e-418447b3619a
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 45.141.152.74; 45.141.152.74; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 29 Sep 2023 10:58:15 GMT
an-x-request-uuid: b2a2d8c3-f98f-4c46-a691-fd0c59ca77db
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
cache-control: no-store, no-cache, private
x-proxy-origin: 45.141.152.74; 45.141.152.74; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame D4BF
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZRatx-zhu3F2hU6t4P1hTQAABI8AAAIB&gpp=&gpp_sid=
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZRatx-zhu3F2hU6t4P1hTQAABI8AAAIB&gpp=&gpp_sid=&dcc=t

43 B
855 B

128ms
128ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZRatx-zhu3F2hU6t4P1hTQAABI8AAAIB&gpp=&gpp_sid=&dcc=t

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fth.y8.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 29 Sep 2023 10:58:16 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 6CXETEHKSFYQ9B35KQQT
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 29 Sep 2023 10:58:16 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: ZJ0T2Q81KZV5C92DE80X
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZRatx-zhu3F2hU6t4P1hTQAABI8AAAIB&gpp=&gpp_sid=&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame D4BF 70 B
148 B 33ms
33ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fth.y8.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 10:58:15 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H3

200

usermatchredir
ssum-sec.casalemedia.com/ Frame D4BF
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZRatx-zhu3F2hU6t4P1hTQAABI8AAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESENZUVA07PRpGEfcG7Ziv1io&google_cver=1

43 B
770 B

24ms
24ms

Image
image/gif

104.18.27.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESENZUVA07PRpGEfcG7Ziv1io&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fth.y8.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H3
Server: 104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Sep 2023 10:58:16 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=si%2BF9Ay8wgbNWC7Tw4a48PBzR4AZjkAeZRsE0%2BxyntoBFjyilAmbl1slixqEQu%2BWlaGyxAeCDc9rSz5xbT5OOTZOe6uSNzIMj%2B5LpxzyVlfEJrwW3rkkcTDn9wt%2FishzRjGpp2caGMbYcQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 80e3b5c1ff5c914a-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 29 Sep 2023 10:58:15 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESENZUVA07PRpGEfcG7Ziv1io&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 364
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame D4BF
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZRatx.zhu3F2hU6t4P1hTQAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEAyaKCVX1TebaYfwu443i-0&google_cver=1&google_hm=2

43 B
737 B

23ms
23ms

Image
image/gif

104.18.27.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEAyaKCVX1TebaYfwu443i-0&google_cver=1&google_hm=2
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fth.y8.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H3
Server: 104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Sep 2023 10:58:16 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gdk%2BcsbB%2FwAhnLBNm1eycZ40zIbZ5mUwUo1KUNjXRew8SiWOhKu%2Bb9iroK12Ehalf%2FrEPxfta9z%2F9zgt5KiuU9O7FRT75WZyYzr9H3ZkUzDf9zUFU9U%2BKZdt2GH3qbg5LyEg8k%2FSqRrdYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 80e3b5c22fa8914a-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 29 Sep 2023 10:58:16 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEAyaKCVX1TebaYfwu443i-0&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 330
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ix
ad4m.at/ad/sim/ Frame D4BF 0
0 45ms
27ms Image
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad4m.at/ad/sim/ix
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fth.y8.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ Frame D4BF 0
187 B 53ms
13ms Image
text/plain 98.98.134.243
ZEN-ECN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fth.y8.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 98.98.134.243 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS: ddos.com
Software: A /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
date: Fri, 29 Sep 2023 10:58:15 GMT
cache-control: max-age=0,no-cache,no-store
server: A
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame D4BF
Redirect Chain

https://p.rfihub.com/cm?in=1&pub=2079
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5108559730036173508

43 B
736 B

24ms
24ms

Image
image/gif

104.18.27.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5108559730036173508
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fth.y8.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H3
Server: 104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Sep 2023 10:58:16 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YnOfWeJVixRSNL0K%2BMPVo12YcpySJzfTFd79wj2iNFf5hfCU1es%2BNMruJGnGJ%2BG8WVqSZIoIxvt7HrpfVPgaUiieCk%2FECmNtntx7hN1u%2ByziNpvYb8NHFgLWR7GZuI%2BinFBn59BSdkr2TQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 80e3b5c2d8ac914a-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5108559730036173508
Date: Fri, 29 Sep 2023 10:58:16 GMT
Server: Jetty(9.4.51.v20230217)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/ Frame D4BF
Redirect Chain

https://dpm.demdex.net/ibs:dpid=23728&dpuuid=ZRatx.zhu3F2hU6t4P1hTQAA%261167?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=ZRatx.zhu3F2hU6t4P1hTQAA%261167

42 B
942 B

35ms
34ms

Image
image/gif

52.211.144.29
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=ZRatx.zhu3F2hU6t4P1hTQAA%261167

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fth.y8.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

HTTP/1.1

Server

52.211.144.29 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-211-144-29.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v050-08fbac455.edge-irl1.demdex.com 4 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: WnqYNmblTLo=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-1-v050-0fb6a4853.edge-irl1.demdex.com 1 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: Ot2i5hjwRek=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=ZRatx.zhu3F2hU6t4P1hTQAA%261167
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 htw-pixel.gif
cdn.indexww.com/ht/ Frame D4BF 43 B
229 B 27ms
14ms Image
image/gif 104.18.24.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.indexww.com/ht/htw-pixel.gif?ZRatx.zhu3F2hU6t4P1hTQAA%261167
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fth.y8.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.24.18 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 10:58:15 GMT
cf-cache-status: HIT
last-modified: Tue, 24 Jan 2017 19:36:04 GMT
server: cloudflare
age: 62362
etag: "761e21-2b-546dc3a097100"
vary: Accept-Encoding
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control: cache-maxage=1h
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 80e3b5c1e8631e4e-FRA
content-length: 43
expires: Sat, 30 Sep 2023 10:58:15 GMT

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame B27F 0
595 B 13ms
13ms Script
text/html 185.89.210.153
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Sep 2023 10:58:16 GMT
an-x-request-uuid: 651283c2-3c46-4bde-ae1f-5d22e675ef2d
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 45.141.152.74; 45.141.152.74; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: dmx.districtm.io
URL: https://dmx.districtm.io/b/v1

Domain: tag.1rx.io
URL: https://tag.1rx.io/rmp/216840/0/mvo?z=1r&hbv=5.8,2.1

Domain: cdn.districtm.io
URL: https://cdn.districtm.io/ids/index.html

Verdicts & Comments Add Verdict or Comment

124 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

40 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
th.y8.com/games	1970-01-20 15:07:51	Name: co4fbb62b133968d57c10041b0 Value: {"name":"Y8.com","status":"accepted","leaderboards":true,"playerlevels":true,"achievements":true,"stats":false,"advertisements":"pending","block_ads":true,"contest":false,"permissions":["nickname","email","first_name","date_of_birth","gender"],"ads_enabled":false,"afg_channel_id":"","ad_timing":300,"distribution_blocked":true}
.bit.ly/	1970-01-20 19:25:37	Name: _bit Value: n8taWb-072770b08b4dd01c5d-00s
.y8.com/	1970-01-20 23:52:01	Name: played_games_ids Value: [199042]
.y8.com/	1970-01-21 00:42:25	Name: parental_filter Value: false
.y8.com/	1970-01-21 00:42:25	Name: parental_labels Value:
.y8.com/	1970-01-21 00:42:25	Name: __utma Value: 56407924.1881825116.1695985093.1695985093.1695985093.1
.y8.com/	1970-01-20 15:06:26	Name: __utmb Value: 56407924.0.10.1695985093
.y8.com/	1969-12-31 23:59:59	Name: __utmc Value: 56407924
.y8.com/	1970-01-20 19:29:13	Name: __utmz Value: 56407924.1695985093.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
th.y8.com/	1970-01-21 00:32:20	Name: _pk_id.1.d830 Value: 87333bab1f9fed6d.1695985093.
th.y8.com/	1970-01-20 15:06:26	Name: _pk_ses.1.d830 Value: 1
.y8.com/	1970-01-21 00:28:01	Name: __gads Value: ID=a72fe302514feb79:T=1695985092:RT=1695985092:S=ALNI_Ma3LKWbxWE6CdNffjGIpNUgKJDAAQ
.y8.com/	1970-01-21 00:28:01	Name: __gpi Value: UID=00000c882fdd1270:T=1695985092:RT=1695985092:S=ALNI_MbUUa_6S1g9Bl5o-biGpAE5WWXekA
.doubleclick.net/	1970-01-21 00:28:01	Name: IDE Value: AHWqTUmV0_KjE_EtYfQ78sKAdV1r69levF1Zyq-5RE8quvJdQiMPB0Ht6fXYkIvS-s8
.adfarm1.adition.com/	1970-01-20 17:16:01	Name: UserID1 Value: 7284200513245345943
.ctnsnet.com/	1970-01-20 23:52:01	Name: gid_CAESEJN0ObrqVr1urWPhn2kE0wc Value: 1
.simpli.fi/	1970-01-20 23:53:27	Name: suid Value: CEDEF35E4763416A8452DC421D989789
.doubleclick.net/	1970-01-20 15:06:28	Name: DSID Value: NO_DATA
.de17a.com/	1970-01-20 23:44:49	Name: guid Value: 1.5331162708882907917
.everesttech.net/	1970-01-20 23:52:01	Name: everest_g_v2 Value: g_surferid~ZRatxgAUDgu_4wAb
.ctnsnet.com/	1970-01-20 23:52:01	Name: gid_CAESEACVIyDeNAicA2RuQKR57-s Value: 1
.ctnsnet.com/	1970-01-20 23:52:01	Name: cid Value: 4ec42276b4b44f5f9c4ec9b87cce1e8b
.quantserve.com/	1970-01-20 17:16:01	Name: d Value: EDoBCQGIKoEA
.quantserve.com/	1970-01-21 00:36:39	Name: mc Value: 6516adc6-885d0-b4673-d6815
.w55c.net/	1970-01-21 00:36:39	Name: wfivefivec Value: TSAgBPIF1QMbci5
.w55c.net/	1970-01-20 15:49:37	Name: matchgoogle Value: 5
.turn.com/	1970-01-20 19:25:37	Name: uid Value: 4492762050214102038
.adform.net/	1970-01-20 15:49:37	Name: C Value: 1
.adform.net/	1970-01-20 16:32:49	Name: uid Value: 8417644424348989216
.casalemedia.com/	1970-01-20 23:52:01	Name: CMID Value: ZRatx.zhu3F2hU6t4P1hTQAA
.casalemedia.com/	1970-01-20 17:16:01	Name: CMPS Value: 1167
.casalemedia.com/	1970-01-20 17:16:01	Name: CMPRO Value: 1167
.adnxs.com/	1970-01-20 17:16:01	Name: uuid2 Value: 1602060652064159195
.demdex.net/	1970-01-20 19:25:37	Name: demdex Value: 82831708992245139031836042381866543781
.rfihub.com/	1970-01-21 00:28:01	Name: eud Value: H4sIAAAAAAAA__vFyGtoZmlqaWFqYGlmaGQKAOpOFKQQAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAA_-MSNjU0sDA1tTQ3NjAwNjM0NzY1sBDiM9QtDy_LCzcISwzMsQwEAJZP1GglAAAA
.rfihub.com/	1970-01-21 00:28:01	Name: rud Value: H4sIAAAAAAAA_-MSNjU0sDA1tTQ3NjAwNjM0NzY1sBDiM9QtDy_LCzcISwzMsQwEAJZP1GglAAAA
.dpm.demdex.net/	1970-01-20 19:25:37	Name: dpm Value: 82831708992245139031836042381866543781
.amazon-adsystem.com/	1970-01-20 19:32:49	Name: ad-id Value: A9fn96p-tEN9qcQXO7glFsg
.amazon-adsystem.com/	1970-01-21 00:42:25	Name: ad-privacy Value: 0

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js(Line 9) Message: Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
network	error	URL: https://dmx.districtm.io/b/v1 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
javascript	error	URL: https://th.y8.com/games/body_race Message: Access to XMLHttpRequest at 'https://tag.1rx.io/rmp/216840/0/mvo?z=1r&hbv=5.8,2.1' from origin 'https://th.y8.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://tag.1rx.io/rmp/216840/0/mvo?z=1r&hbv=5.8,2.1 Message: Failed to load resource: net::ERR_FAILED
deprecation	warning	URL: https://html5.api.gamedistribution.com/main.min.js(Line 7) Message: Listener added for a synchronous 'DOMNodeInserted' DOM Mutation Event. This event type is deprecated (https://w3c.github.io/uievents/#legacy-event-types) and work is underway to remove it from this browser. Usage of this event listener will cause performance issues today, and represents a risk of future incompatibility. Consider using MutationObserver instead.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

account.y8.com
acdn.adnxs.com
ad.turn.com
ad4m.at
adsparc-d.openx.net
adx.adform.net
ana.headerlift.com
bit.ly
btlr.sharethrough.com
c1.adform.net
cdn.ampproject.org
cdn.districtm.io
cdn.gamemonkey.org
cdn.indexww.com
cdn.jsdelivr.net
cdn.y8.com
cm.g.doubleclick.net
cms.quantserve.com
csi.gstatic.com
d5p.de17a.com
dis.criteo.com
dmx.districtm.io
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
e9ffdf102aaa25794a78949e864234b8.safeframe.googlesyndication.com
eb2.3lift.com
fonts.googleapis.com
fonts.gstatic.com
game.api.gamedistribution.com
gcm.ctnsnet.com
googleads.g.doubleclick.net
grid.bidswitch.net
hb.improvedigital.com
htlb.casalemedia.com
html5.api.gamedistribution.com
html5.gamedistribution.com
ib.adnxs.com
ice.360yield.com
imasdk.googleapis.com
img.gamedistribution.com
img.y8.com
ius.ctnsnet.com
js-sec.indexww.com
match.adsrvr.org
matomo.y8.com
msgrt.gamedistribution.com
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
pixel-sync.sitescout.com
playtomic.y8.com
pm.azerioncircle.com
pm.w55c.net
prg.smartadserver.com
pub.headerlift.com
r.turn.com
s.amazon-adsystem.com
s0.2mdn.net
s7.addthis.com
securepubads.g.doubleclick.net
ssl.google-analytics.com
ssum-sec.casalemedia.com
sync-tm.everesttech.net
sync.teads.tv
tag.1rx.io
tag.atom.gamedistribution.com
th.y8.com
tlx.3lift.com
tpc.googlesyndication.com
tracker-v4.gamedock.io
tracker.gamemonkey.org
u.openx.net
um.simpli.fi
www.google.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
cdn.districtm.io
dmx.districtm.io
tag.1rx.io
104.18.24.18
104.18.26.193
104.18.27.193
104.236.66.218
13.224.189.55
13.248.245.213
142.250.185.66
146.190.225.138
151.101.66.49
156.146.33.2
161.35.246.134
178.250.7.11
18.193.11.140
18.198.87.254
185.89.210.153
188.166.66.250
193.0.160.130
2001:678:cb4:bbbb::11
212.102.56.166
213.155.156.169
23.35.236.188
23.35.237.56
23.45.238.53
2600:9000:211e:a000:5:4275:8dc0:93a1
2600:9000:2250:e200:4:cd76:8580:93a1
2600:9000:225a:6000:17:cf8d:4bc0:93a1
2606:4700:20::ac43:4a81
2606:4700::6810:5514
2620:116:800d:21:c5a4:625:6563:a5bb
2a00:1450:4001:803::2002
2a00:1450:4001:808::2001
2a00:1450:4001:80b::2002
2a00:1450:4001:80b::2008
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::2006
2a00:1450:4001:811::2001
2a00:1450:4001:811::200a
2a00:1450:4001:812::200a
2a00:1450:4001:828::2003
2a00:1450:4001:82a::2001
2a00:1450:4001:82b::2003
2a00:1450:4001:82b::2004
2a00:1450:4001:831::2002
2a00:1450:400a:800::2003
2a06:98c1:3120::3
3.64.91.193
34.249.150.14
35.157.117.145
35.186.193.173
35.204.158.49
35.244.159.8
35.71.131.137
37.157.5.132
37.157.6.243
51.75.86.98
52.211.144.29
52.29.101.205
52.46.151.131
52.51.37.68
54.154.17.207
54.195.243.149
63.35.62.205
67.199.248.11
85.114.159.118
89.149.192.193
98.98.134.243
99.86.4.107
99.86.4.47
0021634309d4f589c6803d3d3dbe0ab9402a524993ab8df667d16c33d23d1fec
0193cd74f5b8d62d00ef7e4b5c7cda11c5937cbfe6eb6503e666716ae8484424
021f9558875e54c5975208e99e6891e2fce9d30d041f5998e7feffca0fd5005c
039d1b140d8e27c3292c9564a1733e22cce13859085ed81ecf4df3032939df93
04069d786104d6a1e3b10e9cfeba85b63797ba53ddbf050520a76146933d9a06
041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
073795c14e10b8b985ddd0e5eb2915f5802e7429847dfd875eb312f9384e1517
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bb67f1c064e9c2125f46cfbd3b708c653118d72991f324e95142580b3e7b40f
0f53e8b0a717ca4ce313eec62b90d41db62c2f4946259a65c93bf8e84c5b0c44
101a1c099fb1828888d1dc28b46a68194846fe7a4ade528bc966cae666ffc95c
113c3c3c7de8fe21fe5a6d4b6c367d658dab1dc5b5f820393e0b98fc11032771
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
1529b83e97a9d6e554b467ab277765d4789fb0f606a30a0fef66b6e0d6aa0a60
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1ed1a9b74050fe9b34dd3ec6ebca282694092f59f096f43d4b556b58cb3e4823
20a1e0eb6cebc392cd52f7733c597c06ef54dbc371132bdb5fee694cf9ce3d2c
289d25d68f730e581e0a16b8bee8f63a061717973f8ac8c29ccf2ba8fed15adf
2a53791bf6b783af22f18f89fd6cece8bec7c97f899d0a52593d7af7eba053bb
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2e8532a590128939bb830fc46e7b9db1c8ae6d03b4ea5f4ef47ebe04b81807ef
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3480b4c8f384ad5fb7d71b577e094f3d83be5fa6fadbeb4a6897e72c30b9b3f5
376404b001b2494520956f1b3672b794e22b1982b23ed57a97e50a6a73a29caf
39a0beccdfc7f49006b149fac3ada88e4d2c2f23cbb1f623abfc1e6710f558ff
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3c821dce4e1cccae92997bd66e416d69bef5f3b4236eb3604561eb574736157f
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3da76f47ebd8d76464a716728688290bd8dfb0309a2b07d1552c1c9369f33613
3ff4ef8db1e622267d2ea3ccabbf793eab624976029bef1146bfe303333124c6
4168acf5c1b8cb25f708cac02cf5042b9a09c7e20fd177a4ee766aa7fa88998c
430437c52bde732e84c0dbdfe2c67718a03f778095e068ea15cc4a681fdd3795
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4ab3226e538cdebef3922e1a661a69de2a04222103ea11b938f137ff90bdb675
4af856e8e680feb00681ef18dcd2bce8a76c12504c5688f0a366b04adabb3090
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4dbfc55438341402c96e6ce2c85457034430c9e3d0aa0135a2bd2ec6ddff95b9
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f00b285be1315663e8db77ad547c2493c1f733c01e98943663185d2f0ccaa18
53758b07ac5f200ab72564fde8da33febffc18399e83d057e8bfa92e5d4b819e
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5563bdb16d584ac6eac015183efd44a4a9a351d556f09649c024b40b33f5db9a
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5661c8b72895f7dfd971211a7cacec7159351907086bdac675e73be505aa830d
56e0f9a8ae73400bac075ed0f7c4e04d9adc82d2cd19496100b62a6303bd7714
5c3151f8794be637b9b4a942136cf96b815641f32944a2c85023169190653d21
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
601600d5df154cf3bf57c979b43c198626febe8df59c8f90cea14efcbbb50f82
60ebd7a933099d852716d8da81b6570aad98e77c496fbe5bec623ae73d38d560
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
6a3a0ae5b1050775cb41be94a4223d81c8c855ac5b4082a6f4aa0ef1661691b4
6be4f7c2df4651732d7f2ead3a66ba349f255f4eaf19a88b351414dff6242828
6d65e400a88dfa3973e9ba2924e65bc70cedd447bec398d12343b62c3ffba503
6fd2704a1320ce483619514a03eb39ec3d6e2e4e6e1746b69703d465e4190c1b
71ba7e09487750d7426b3bd64cf57facb8eb119939eb7055138ee55f13bb6f05
735fa4096e489f911f7a495f251f61c17a69c021622c5b904b9742be95be9f90
7398fab9cccc735352d69257b0eab6583450813f5564b5d00ee185b7de79cc2f
796de064b8d80eba7ccacb8ba67d77fdbcdf4b385c844645d452c24537b3108f
7a4c463d07697837ce225ab662fdb639f84b557e6a24db4f98c3be78667d628c
7baea39a599d38361eedbf4841ca8ca6c809d4c18c6c3f780a3ccd3e4cc4f966
81faa66c3fc13e0e6aac5dc886c5afe58c54402da0d7942a845f5ed46e86384f
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
82e0a67626f4c9b7fa877c1e8d11097540a67f0dfa1f6613735b235713cbcecc
8444c99111e919959e41445b050f70a0601607147df1c260c79453a2ffbc6273
86ba91ffdcece964d969b05cff1c7b3b94532e589870491f0714f6da82844971
875f8c1368931f82a6cc8d0dcdbd11fb3cbe205d7c2227b90332e1b28d3984c1
89f12c641417c9648f82665333dc9badef79d73473ae41338374ffa2266e5965
8c68b061fd5c2462f8aebcedeeec1a8fc11f66fe1c1aebc8bebcd25713af161e
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8d9598152c7a4fdeca348f6bf899257002503a79be439ceb45b4d7447d466baa
8e3fb34d32c2aa9e326861db564657614f92712f8b18accdc3617ff39e21798e
8e546ee5f98863cd756f55863b3c5b0de0420bf360b08b6de889974de08fda3f
8eb6effb5761cd47e3bee3b0918747a165d60476596678afe39182bcd3d449a4
8f1843ba4bdea64726280f2365f8ad8a47e70ee54327f98273daf7fac5120074
90f26e5e33af333e437c1991e5ee4c8ea8b7ffba59b77563e33d37b5023a0f63
92a16b0ef6e10c14737eee5740e07ad4615d58e362b2e43f941bc4724f946224
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068
9772c112b97f3feb9ed595890bdc884483afd1d7f492d2799129fe7705884866
987ac7f5e6c580f6d797c2c5956737dc872e68f69e195c9297519a1f41188669
9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ac93a925b888b68155813661a5cd3a2f5e5641ba1176bfb266eb349b38002c5
9e168c0bf87a05baf01d31be651944d9a7f73c5eff9a00029d71668217ac5240
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a27fcff0eda4a9c2c801214f7d161e04efe822425b8361b754e5c1a876ef647e
a3f37957c55a4e5d4e899ebcfed88c68e4129a0ee9320ea6d538d3164cdac555
a6f3c4eb8378e0bd2852618eacf0a02ff8147155da4d5fb765d89989327cd1cc
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ad38c14c5eb1cd62716693e5609e7110f2637a0b921a55818ba8d27b999968dc
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b66e78406472380930e3e5ab8595cf8e7965b59ea065f68383071512568bd6ae
b98d68dfcac900dd387f517a3e8e5d84bc1c3b775222660221c780a73d729fb7
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb4dbec7b8f174db5ef2141c08f8811679c0f1d5c940ed91754053b604a1bee8
bce2f309470952b7affa62ff4d91b454334c68cefa541429b502904d20696875
bd91080d2c7f2120ad82727f5c07bbb439b810ed4035993ddb1825ca1611396b
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c3d73d6bb9cda7ef47493d33d8e3e687d6586d7783cd3c5c1ad542fb52073a61
c4797945f3842000f0189f6f569b1d3ecb39dd144e095dc6dfd15ec50d8be92f
c6035519a214694afe0442a525be3635b355cbe71584d76e10eb2fa267324483
ca12bb49c14d41df7ac6d120b3c0c28b15babf0552dca23809a296de531ba9e7
cad58f215d074424bf4b9310a814d9ea51931235a3afe31ee2e69c58e8f75bec
ccab2c75261455e949949247917a53dbb053e5ea1f9fac4af2496c6546f74fa6
cd9b67010c15f50ddba56455deff2bb9002ea39a844a18c0e8879ac2ce596d13
ce8f9d182af5969cdafad9b5f0e5c1fb14d5d087b3d798c44ee208b00684cc35
ceab4ff3d4af4f6402234da5817d688928c26a39ae798050f9da58bca0d415b1
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d3ae05128dbaf24bed86a7837b28b9740275ffa3db823997dc0a7b47cb0ae074
d4f31876d3647b02707b37456236cecc3c652b935f3252233e349b8c62cffc2e
d741f7ebb7582eaaa7b0c709e0b59d93c860785405709dad0a653ad9e195152a
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d7fc375178c93a2fc15fd888e30170eedf4ef3d04497e7f951ab7bfe0c921693
da2b8bd4621fa033d24a0f4a7178fbf3d8dcc2ec28bccc687f2f540337e2acdb
de6291f2a74e6d83189a6259386f6872b0599e88daa1857644bc995204fa1580
e1f64c17b4e4672e42045750d6284d69fab98c16a2c5a09c745eddb245f47773
e28623379e4f0bb90304bea10b50beccf108e9ff26f59d77e212a82f0dd7b25c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e68d07119a3442b1a54d0929c41c15b7aba96d4119c96bdb81f9ed101c526921
e81f825fdcd70ca3c6ff75f5864b225a3fce6f6fa8d9ebc1b1c3b7ae5ac38e3a
ed0329ded0e3e15f1da42e303456565efd908295a3a4c0fb1984decc0fec3ee7
ed34e84a189ed3e7735ec026a4be0ffa93c4e8f63450a5b0258bd46fc8459241
ee94e99f640538eea06eb6607e0b4e577aa08838d5b6b3f78f314f3fb6a962c0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f12e2c7dba4f94aee8d24dca931ae82a9e35309125d1c48bdc80187bb25d1eb8
f475c34186022ba531ebc8bba97fc10df7e4c3ea854f314a18ab0644c851620d
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6c0c095a9f22aa7d2e9f57ba061f618eb36e6854caefe73ba06181c467036d0
f784e92719e340c4d288cd36b0076d764a9ff4d16879664bd927b40fd1f10bb6
f7f88cca171fe919c301685893d8da2375ce02125266be32dac2ee6f1427c392
f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390
f9f5560ef9671cef36de14bfe708221930948e4cbb4283245d6c536a7285188f
fa55a36797c9822d62ff2e1eb190b2746aab1008ae228b160df6ff4a68e8dadb

th.y8.com Open in urlscan Pro 161.35.246.134 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

245 Requests

92 %HTTPS

34 %IPv6

48 Domains

78 Subdomains

60 IPs

10 Countries

3008 kBTransfer

8066 kBSize

40 Cookies

28 Outgoing links

Page URL History

Redirected requests

245 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

th.y8.com Open in urlscan Pro
161.35.246.134 Public Scan

Screenshot
Live screenshot

Full Image

245
Requests

92 %
HTTPS

34 %
IPv6

48
Domains

78
Subdomains

60
IPs

10
Countries

3008 kB
Transfer

8066 kB
Size

40
Cookies

245 HTTP transactions
5 data transactions