top.gg Open in urlscan Pro
2606:4700::6810:ad38 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://cardboard.glitch.me/
Effective URL:
https://top.gg/bot/679361555732627476
Submission: On June 03 via api (June 3rd 2020, 4:39:59 pm UTC) from US

Summary HTTP 80 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 34 IPs in 9 countries across 31 domains to perform 80 HTTP transactions. The main IP is 2606:4700::6810:ad38, located in United States and belongs to CLOUDFLARENET, US. The main domain is top.gg.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on April 7th 2020. Valid for: 6 months.

This is the only time top.gg was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	52.3.101.162 52.3.101.162	14618 (AMAZON-AES) (AMAZON-AES)
5	2606:4700::68... 2606:4700::6810:84e5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2606:4700::68... 2606:4700::6810:ad38	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:218... 2600:9000:2182:d600:4:164e:ca00:93a1	16509 (AMAZON-02) (AMAZON-02)
4	162.159.130.232 162.159.130.232	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	54.76.182.86 54.76.182.86	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
4	151.139.128.11 151.139.128.11	20446 (HIGHWINDS3) (HIGHWINDS3)
1 2	185.199.109.153 185.199.109.153	54113 (FASTLY) (FASTLY)
1 3	2.16.105.213 2.16.105.213	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	2a00:1450:400... 2a00:1450:4001:81b::200e	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f04... 2a03:2880:f046:f:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
4	2a00:1450:400... 2a00:1450:4001:825::2002	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:81f::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:825::2003	15169 (GOOGLE) (GOOGLE)
1	2600:9000:218... 2600:9000:2182:3200:0:1651:6140:21	16509 (AMAZON-02) (AMAZON-02)
5	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
1 4	2a02:6b8::1:119 2a02:6b8::1:119	13238 (YANDEX) (YANDEX)
1	34.95.69.49 34.95.69.49	15169 (GOOGLE) (GOOGLE)
1	2600:9000:219... 2600:9000:2190:7a00:6:266a:9940:21	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f14... 2a03:2880:f146:82:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2600:9000:218... 2600:9000:2182:1e00:1:af78:4c0:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:814::2001	15169 (GOOGLE) (GOOGLE)
4	69.173.144.140 69.173.144.140	26667 (RUBICONPR...) (RUBICONPROJECT)
1	185.255.84.151 185.255.84.151	200271 (IGUANE-) (IGUANE-)
4	37.252.172.250 37.252.172.250	29990 (ASN-APPNEX) (ASN-APPNEX)
2	52.209.94.187 52.209.94.187	16509 (AMAZON-02) (AMAZON-02)
2	72.247.225.98 72.247.225.98	16625 (AKAMAI-AS) (AKAMAI-AS)
2	178.250.2.152 178.250.2.152	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	216.52.2.48 216.52.2.48	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
1	3.127.120.24 3.127.120.24	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:81b::2001	15169 (GOOGLE) (GOOGLE)
1	34.250.167.59 34.250.167.59	16509 (AMAZON-02) (AMAZON-02)
80	34

2 52.3.101.162 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-3-101-162.compute-1.amazonaws.com

cardboard.glitch.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6810:84e5 (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6810:ad38 (United States)

ASN13335 (CLOUDFLARENET, US)

top.gg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2182:d600:4:164e:ca00:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.thisiswaldo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 162.159.130.232 (None, )

ASN13335 (CLOUDFLARENET, US)

images.discordapp.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.76.182.86 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-182-86.eu-west-1.compute.amazonaws.com

secure-us.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.139.128.11 (Dallas, United States)

ASN20446 (HIGHWINDS3, US)

hb.vntsm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.199.109.153 (United States) 1 redirects

ASN54113 (FASTLY, US)

clicksminuteper.github.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2.16.105.213 (Ascension Island) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-16-105-213.deploy.static.akamaitechnologies.com

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81b::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f046:f:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:825::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9d (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81f::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:825::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2182:3200:0:1651:6140:21 (United States)

ASN16509 (AMAZON-02, US)

d1oykxszdrgjgl.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:6b8::1:119 (Moscow, Russian Federation) 1 redirects

ASN13238 (YANDEX, RU)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.95.69.49 (United States)

ASN15169 (GOOGLE, US)
PTR: 49.69.95.34.bc.googleusercontent.com

i.clean.gg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2190:7a00:6:266a:9940:21 (United States)

ASN16509 (AMAZON-02, US)

dw7nrwnn2bkh1.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f146:82:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2182:1e00:1:af78:4c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

vendorlist.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:814::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 69.173.144.140 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.255.84.151 (France)

ASN200271 (IGUANE-, FR)

hb-api.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.252.172.250 (Ascension Island)

ASN29990 (ASN-APPNEX, US)
PTR: 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.209.94.187 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-209-94-187.eu-west-1.compute.amazonaws.com

ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 72.247.225.98 (United States)

ASN16625 (AKAMAI-AS, US)
PTR: a72-247-225-98.deploy.static.akamaitechnologies.com

as-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.2.152 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.52.2.48 (United States)

ASN29791 (VOXEL-DOT-NET, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.127.120.24 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-120-24.eu-central-1.compute.amazonaws.com

tlx.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:81b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

1f73a996fc1e0c2328f93429f4387125.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.250.167.59 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-250-167-59.eu-west-1.compute.amazonaws.com

track.venatusmedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com 1f73a996fc1e0c2328f93429f4387125.safeframe.googlesyndication.com	131 KB
8	doubleclick.net 1 redirects googleads.g.doubleclick.net stats.g.doubleclick.net securepubads.g.doubleclick.net	128 KB
5	top.gg top.gg	47 KB
5	cloudflare.com cdnjs.cloudflare.com	119 KB
4	adnxs.com ib.adnxs.com	5 KB
4	rubiconproject.com fastlane.rubiconproject.com	6 KB
4	yandex.ru 1 redirects mc.yandex.ru	94 KB
4	vntsm.com hb.vntsm.com	236 KB
4	discordapp.net images.discordapp.net	223 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com	2 KB
2	pubmatic.com hbopenbid.pubmatic.com	162 B
2	criteo.com bidder.criteo.com	272 B
2	casalemedia.com as-sec.casalemedia.com	2 KB
2	yieldmo.com ads.yieldmo.com	434 B
2	facebook.com www.facebook.com	359 B
2	cloudfront.net d1oykxszdrgjgl.cloudfront.net dw7nrwnn2bkh1.cloudfront.net	39 KB
2	google.com 1 redirects adservice.google.com www.google.com	336 B
2	google.de adservice.google.de www.google.de	274 B
2	facebook.net connect.facebook.net	160 KB
2	google-analytics.com 1 redirects www.google-analytics.com	18 KB
2	github.io 1 redirects clicksminuteper.github.io	299 B
2	imrworldwide.com 1 redirects secure-us.imrworldwide.com	853 B
2	glitch.me cardboard.glitch.me	7 KB
1	venatusmedia.com track.venatusmedia.com	157 B
1	3lift.com tlx.3lift.com	468 B
1	lijit.com ap.lijit.com	715 B
1	omnitagjs.com hb-api.omnitagjs.com	603 B
1	consensu.org vendorlist.consensu.org	18 KB
1	clean.gg i.clean.gg	104 B
1	googletagservices.com www.googletagservices.com	27 KB
1	thisiswaldo.com cdn.thisiswaldo.com	384 B
80	31

	Domain	Requested by
5	securepubads.g.doubleclick.net	hb.vntsm.com d1oykxszdrgjgl.cloudfront.net securepubads.g.doubleclick.net
5	top.gg	cardboard.glitch.me top.gg
5	cdnjs.cloudflare.com	cardboard.glitch.me top.gg
4	1f73a996fc1e0c2328f93429f4387125.safeframe.googlesyndication.com	d1oykxszdrgjgl.cloudfront.net
4	ib.adnxs.com	hb.vntsm.com
4	fastlane.rubiconproject.com	hb.vntsm.com
4	mc.yandex.ru	1 redirects hb.vntsm.com top.gg
4	hb.vntsm.com	top.gg hb.vntsm.com
4	pagead2.googlesyndication.com	top.gg pagead2.googlesyndication.com
4	images.discordapp.net	top.gg
3	tpc.googlesyndication.com	d1oykxszdrgjgl.cloudfront.net
3	sb.scorecardresearch.com	1 redirects top.gg
2	hbopenbid.pubmatic.com	hb.vntsm.com
2	bidder.criteo.com	hb.vntsm.com
2	as-sec.casalemedia.com	hb.vntsm.com
2	ads.yieldmo.com	hb.vntsm.com
2	www.facebook.com	top.gg
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	connect.facebook.net	top.gg connect.facebook.net
2	www.google-analytics.com	1 redirects top.gg
2	clicksminuteper.github.io	1 redirects top.gg
2	secure-us.imrworldwide.com	1 redirects top.gg
2	cardboard.glitch.me	cardboard.glitch.me
1	track.venatusmedia.com	hb.vntsm.com
1	tlx.3lift.com	hb.vntsm.com
1	ap.lijit.com	hb.vntsm.com
1	hb-api.omnitagjs.com	hb.vntsm.com
1	vendorlist.consensu.org	d1oykxszdrgjgl.cloudfront.net
1	dw7nrwnn2bkh1.cloudfront.net	d1oykxszdrgjgl.cloudfront.net
1	i.clean.gg	d1oykxszdrgjgl.cloudfront.net
1	www.googletagservices.com	pagead2.googlesyndication.com
1	d1oykxszdrgjgl.cloudfront.net	hb.vntsm.com
1	www.google.de	top.gg
1	www.google.com	1 redirects
1	stats.g.doubleclick.net	1 redirects
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	cdn.thisiswaldo.com	top.gg
80	38

This site contains links to these domains. Also see Links.

Domain
blog.medal.tv
discord.gg
medium.com
discordapp.com
donatebot.io
clicksminuteper.net
github.com

Subject Issuer	Validity	Valid
cloudflare.com CloudFlare Inc ECC CA-2	`2020-01-07` - `2020-10-09`	9 months	crt.sh
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2020-04-07` - `2020-10-09`	6 months	crt.sh
cdn.thisiswaldo.com Go Daddy Secure Certificate Authority - G2	`2019-06-16` - `2020-06-16`	a year	crt.sh
ssl565811.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2020-05-19` - `2020-11-25`	6 months	crt.sh
*.imrworldwide.com DigiCert SHA2 Secure Server CA	`2020-01-21` - `2021-02-24`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-05-05` - `2020-07-28`	3 months	crt.sh
*.vntsm.com Sectigo RSA Domain Validation Secure Server CA	`2019-03-13` - `2021-04-08`	2 years	crt.sh
www.github.com DigiCert SHA2 High Assurance Server CA	`2020-05-06` - `2022-04-14`	2 years	crt.sh
sb.scorecardresearch.com DigiCert Secure Site ECC CA-1	`2020-06-02` - `2021-06-02`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-05-20` - `2020-08-12`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-05-14` - `2020-08-05`	3 months	crt.sh
*.google.de GTS CA 1O1	`2020-05-05` - `2020-07-28`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-05-05` - `2020-07-28`	3 months	crt.sh
www.google.de GTS CA 1O1	`2020-05-05` - `2020-07-28`	3 months	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2019-07-17` - `2020-07-05`	a year	crt.sh
mc.yandex.ru Yandex CA	`2019-09-23` - `2020-09-22`	a year	crt.sh
i.clean.gg GTS CA 1D2	`2020-05-04` - `2020-08-02`	3 months	crt.sh
vendorlist.consensu.org Amazon	`2020-02-07` - `2021-03-07`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-05-05` - `2020-07-28`	3 months	crt.sh
*.rubiconproject.com DigiCert SHA2 Secure Server CA	`2019-01-10` - `2021-01-14`	2 years	crt.sh
omnitagjs.com Sectigo RSA Organization Validation Secure Server CA	`2019-03-26` - `2020-06-23`	a year	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
*.yieldmo.com Amazon	`2019-12-11` - `2021-01-11`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2020-03-02` - `2021-04-01`	a year	crt.sh
*.criteo.com DigiCert ECC Secure Server CA	`2020-03-30` - `2020-06-28`	3 months	crt.sh
*.pubmatic.com Sectigo RSA Organization Validation Secure Server CA	`2019-02-22` - `2021-02-21`	2 years	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2020-03-11` - `2021-05-10`	a year	crt.sh
*.3lift.com Amazon	`2019-07-17` - `2020-08-17`	a year	crt.sh
*.venatusmedia.com Amazon	`2020-03-09` - `2021-04-09`	a year	crt.sh

This page contains 10 frames:

Primary Page: https://top.gg/bot/679361555732627476
Frame ID: 02526ECC53D7E1064305E80B2FACD7FF
Requests: 52 HTTP requests in this frame

Frame: https://hb.vntsm.com/v3/live/ad-manager.min.js
Frame ID: E2D41D2FB1F436D9378E51926A4E3315
Requests: 1 HTTP requests in this frame

Frame: https://clicksminuteper.github.io/Gone-Pair-Shaped/
Frame ID: E8A63A8F6DEC02A332824554B146D0D0
Requests: 1 HTTP requests in this frame

Frame: https://hb.vntsm.com/v3/live/ad-manager.min.js
Frame ID: 4915AC9492FBC409BBC48F231CCE54A3
Requests: 22 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20200601/r20190131/zrt_lookup.html
Frame ID: 6BDBE949DF3DF3965ECA12B064467BD9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1065800822998704&output=html&adk=1812271804&adf=3025194257&lmt=1591202386&plaf=1%3A2%2C2%3A2%2C3%3A2%2C4%3A2%2C5%3A2&plat=1%3A32904%2C2%3A32904%2C8%3A32896%2C9%3A32904%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C27%3A128%2C30%3A1081472%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Ftop.gg%2Fbot%2F679361555732627476&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1591202386671&bpp=17&bdt=350&idt=134&shv=r20200601&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7603964299069&frm=20&pv=2&ga_vid=1127924168.1591202387&ga_sid=1591202387&ga_hid=1472232805&ga_fc=0&iag=0&icsg=524450&dssz=22&mdo=0&mso=0&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530451%2C42530453&oid=3&pvsid=416292191534670&pem=317&ref=http%3A%2F%2Fcardboard.glitch.me%2F&rx=0&eae=2&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8208&bc=31&ifi=0&uci=a!0&fsb=1&dtd=155
Frame ID: 9FDFC31245A29D190E067D6739428D7B
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html
Frame ID: F9413ADF75DC6BFC0B87B53C636E0D75
Requests: 1 HTTP requests in this frame

Frame: https://1f73a996fc1e0c2328f93429f4387125.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: ABBF6C5A047868FD366327FA85E5BDD8
Requests: 1 HTTP requests in this frame

Frame: https://1f73a996fc1e0c2328f93429f4387125.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: CB2189D0761F255D0248193AFA71FBAA
Requests: 1 HTTP requests in this frame

Frame: https://1f73a996fc1e0c2328f93429f4387125.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: BC228C69A77A2E66E605AFB4EE1258FD
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://cardboard.glitch.me/ Page URL
http://cardboard.glitch.me/ Page URL
https://top.gg/bot/679361555732627476 Page URL

Detected technologies

Bulma (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]+bulma(?:\.min)?\.css/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

html /<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
script /\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i

Page Statistics

80
Requests

96 %
HTTPS

49 %
IPv6

31
Domains

38
Subdomains

34
IPs

9
Countries

1264 kB
Transfer

3738 kB
Size

9
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://blog.medal.tv/beta5k-valorant-contest/
Title: We're doing a $10,000 Valorant Contest in Partnership with Medal

Search URL Search Domain Scan URL

URL: https://discord.gg/EYHTgJX
Title: Join Discord

Search URL Search Domain Scan URL

URL: https://medium.com/discord-bots
Title: Blog

Search URL Search Domain Scan URL

URL: https://discordapp.com/oauth2/authorize?client_id=679361555732627476&scope=bot&permissions=130048
Title: Invite

Search URL Search Domain Scan URL

URL: https://donatebot.io/checkout/684492926528651336
Title: Donate

Search URL Search Domain Scan URL

URL: https://clicksminuteper.net/
Title: Visit website

Search URL Search Domain Scan URL

URL: https://discord.gg/bPaNnxe
Title: Join Support Server

Search URL Search Domain Scan URL

URL: https://github.com/ClicksMinutePer/GPSBot
Title: Github Repository

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://cardboard.glitch.me/ Page URL
http://cardboard.glitch.me/ Page URL
https://top.gg/bot/679361555732627476 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12

https://secure-us.imrworldwide.com/cgi-bin/m?ci=us-603339h&cg=0&cc=1&ts=noscript HTTP 302
https://secure-us.imrworldwide.com/cgi-bin/m?ci=us-603339h&cg=0&cc=1&ts=noscript&ja=1

Request Chain 19

https://clicksminuteper.github.io/Gone-Pair-Shaped HTTP 301
https://clicksminuteper.github.io/Gone-Pair-Shaped/

Request Chain 30

https://www.google-analytics.com/r/collect?v=1&_v=j82&a=1472232805&t=pageview&_s=1&dl=https%3A%2F%2Ftop.gg%2Fbot%2F679361555732627476&dr=http%3A%2F%2Fcardboard.glitch.me%2F&ul=en-us&de=UTF-8&dt=Cardboard%20Against%20Humankind%20%7C%20Discord%20Bots&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=2085886&gjid=1426581509&cid=1127924168.1591202387&tid=UA-98194944-1&_gid=642903524.1591202387&_r=1&z=26240925 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-98194944-1&cid=1127924168.1591202387&jid=2085886&_gid=642903524.1591202387&gjid=1426581509&_v=j82&z=26240925 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-98194944-1&cid=1127924168.1591202387&jid=2085886&_v=j82&z=26240925 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-98194944-1&cid=1127924168.1591202387&jid=2085886&_v=j82&z=26240925&slf_rd=1&random=1845791350

Request Chain 36

https://sb.scorecardresearch.com/b?c1=2&c2=6035118&ns__t=1591202386831&ns_c=UTF-8&cv=3.5&c8=Cardboard%20Against%20Humankind%20%7C%20Discord%20Bots&c7=https%3A%2F%2Ftop.gg%2Fbot%2F679361555732627476&c9=http%3A%2F%2Fcardboard.glitch.me%2F HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=6035118&ns__t=1591202386831&ns_c=UTF-8&cv=3.5&c8=Cardboard%20Against%20Humankind%20%7C%20Discord%20Bots&c7=https%3A%2F%2Ftop.gg%2Fbot%2F679361555732627476&c9=http%3A%2F%2Fcardboard.glitch.me%2F&cs_ak_ss=1

Request Chain 45

https://mc.yandex.ru/watch/52686565?wmode=7&page-ref=http%3A%2F%2Fcardboard.glitch.me%2F&page-url=https%3A%2F%2Ftop.gg%2Fbot%2F679361555732627476&charset=utf-8&browser-info=ti%3A10%3Ans%3A1591202386243%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20200603183947%3Aet%3A1591202387%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Als%3A733209613576%3Arqn%3A1%3Arn%3A665004865%3Ahid%3A1004898661%3Ads%3A1%2C20%2C52%2C1%2C2%2C0%2C0%2C310%2C0%2C%2C%2C%2C388%3Afp%3A275%3Agdpr%3A14%3Av%3A1877%3Awv%3A2%3Arqnl%3A1%3Ast%3A1591202387%3Au%3A1591202387485560694%3At%3ACardboard%20Against%20Humankind%20%7C%20Discord%20Bots HTTP 302
https://mc.yandex.ru/watch/52686565/1?wmode=7&page-ref=http%3A%2F%2Fcardboard.glitch.me%2F&page-url=https%3A%2F%2Ftop.gg%2Fbot%2F679361555732627476&charset=utf-8&browser-info=ti%3A10%3Ans%3A1591202386243%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20200603183947%3Aet%3A1591202387%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Als%3A733209613576%3Arqn%3A1%3Arn%3A665004865%3Ahid%3A1004898661%3Ads%3A1%2C20%2C52%2C1%2C2%2C0%2C0%2C310%2C0%2C%2C%2C%2C388%3Afp%3A275%3Agdpr%3A14%3Av%3A1877%3Awv%3A2%3Arqnl%3A1%3Ast%3A1591202387%3Au%3A1591202387485560694%3At%3ACardboard%20Against%20Humankind%20%7C%20Discord%20Bots

80 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK / Show response
cardboard.glitch.me/ 5 KB
5 KB 294ms
251ms Document
text/html 52.3.101.162
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: http://cardboard.glitch.me/
Protocol: HTTP/1.1
Server: 52.3.101.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-3-101-162.compute-1.amazonaws.com
Software: /
Resource Hash: 5d8edd3ed4fb5886041f0b87a376a55473fdbc1ffc9bff08f4e3ee715a88fddf

Request headers

Host: cardboard.glitch.me
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Jun 2020 16:39:41 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-cache

GET
H2 200 bowser.min.js Show response
cdnjs.cloudflare.com/ajax/libs/bowser/1.9.4/ 8 KB
3 KB 16ms
16ms Script
application/javascript 2606:4700::6810:84e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/bowser/1.9.4/bowser.min.js

Requested by

Host: cardboard.glitch.me
URL: http://cardboard.glitch.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:84e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b52f6b6011741e76cefa2be41164bbc9b33bba334b9ad15b03abad37b609d983

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: http://cardboard.glitch.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Jun 2020 16:39:41 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 18696604
content-security-policy-report-only: default-src https: data: wss: 'unsafe-eval' 'unsafe-inline'; report-uri https://cdnjs.cloudflare.com/cdn-cgi/beacon/csp?req_id=59dada05cf65323c
status: 200
alt-svc: h3-27=":443"; ma=86400
cf-request-id: 031ca6979a0000323cbe3ac200000001
served-in-seconds: 0.001
timing-allow-origin: *
last-modified: Mon, 02 Jul 2018 14:15:51 GMT
server: cloudflare
etag: W/"5b3a3397-1edd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
cf-ray: 59dada05cf65323c-FRA
expires: Mon, 24 May 2021 16:39:41 GMT

GET
H/1.1 200
OK / Show response
cardboard.glitch.me/ 2 KB
2 KB 164ms
164ms Document
text/html 52.3.101.162
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: http://cardboard.glitch.me/
Requested by: Host: cardboard.glitch.me
URL: http://cardboard.glitch.me/
Protocol: HTTP/1.1
Server: 52.3.101.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-3-101-162.compute-1.amazonaws.com
Software: /
Resource Hash: 10e876ca5c8e137704d63fdb7271870b2a58f9209caecea6f4f5f078b4bd80ec

Request headers

Host: cardboard.glitch.me
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://cardboard.glitch.me/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://cardboard.glitch.me/

Response headers

Date: Wed, 03 Jun 2020 16:39:43 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 1759
Connection: keep-alive
vary: Origin
accept-ranges: bytes
last-modified: Wed, 03 Jun 2020 12:53:03 GMT
cache-control: max-age=0
etag: W/"6df-1727a3dff98"

GET
H2 200 Primary Request 679361555732627476 Show response
top.gg/bot/ 27 KB
8 KB 73ms
52ms Document
text/html 2606:4700::6810:ad38
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://top.gg/bot/679361555732627476

Requested by

Host: cardboard.glitch.me
URL: http://cardboard.glitch.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:ad38 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

99115cf1c9f8653a2413bb0549eaecd878124d4a3ea4026d9268d850965489a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: top.gg
:scheme: https
:path: /bot/679361555732627476
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: http://cardboard.glitch.me/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://cardboard.glitch.me/

Response headers

status: 200
date: Wed, 03 Jun 2020 16:39:46 GMT
content-type: text/html; charset=utf-8
set-cookie: __cfduid=dd00051f1d90c7aeb3e80fb1e62abc2711591202386; expires=Fri, 03-Jul-20 16:39:46 GMT; path=/; domain=.top.gg; HttpOnly; SameSite=Lax; Secure
x-powered-by: Express
x-cacheable: YES
vary: Accept-Encoding
x-varnish: 676628624 677446825
age: 1625
via: 1.1 varnish-v4
cf-cache-status: DYNAMIC
cf-request-id: 031ca6a95c00001f512e293200000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 59dada2229561f51-FRA
content-encoding: br

GET
H2 200 bulma.css
cdnjs.cloudflare.com/ajax/libs/bulma/0.6.2/css/ 218 KB
22 KB 26ms
24ms Stylesheet
text/css 2606:4700::6810:84e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/bulma/0.6.2/css/bulma.css

Requested by

Host: top.gg
URL: https://top.gg/bot/679361555732627476

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:84e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2e5e19f265f9fb4a46c9b5c8112e89f188d4654045710b097d2d34c1b5dd6c6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://top.gg/bot/679361555732627476
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Jun 2020 16:39:46 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 2557065
status: 200
alt-svc: h3-27=":443"; ma=86400
cf-request-id: 031ca6a99c0000323cbe151200000001
served-in-seconds: 0.004
timing-allow-origin: *
last-modified: Thu, 17 May 2018 09:18:17 GMT
server: cloudflare
etag: W/"5afd48d9-367d4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=30672000
cf-ray: 59dada229f1a323c-FRA
expires: Mon, 24 May 2021 16:39:46 GMT

GET
H2 200 thenewstyle.css
top.gg/stylesheets/ 63 KB
12 KB 17ms
15ms Stylesheet
text/css 2606:4700::6810:ad38
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://top.gg/stylesheets/thenewstyle.css

Requested by

Host: top.gg
URL: https://top.gg/bot/679361555732627476

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:ad38 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

ed6fdcffc8ab6e5fcaece97aabd5e5375ea4b4c60bf969c793121189cbbeede1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://top.gg/bot/679361555732627476
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Jun 2020 16:39:46 GMT
via: 1.1 varnish-v4
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1647181
x-powered-by: Express
status: 200
content-encoding: br
vary: Accept-Encoding
cf-request-id: 031ca6a99b00001f512e29e200000001
last-modified: Sat, 07 Mar 2020 15:57:56 GMT
server: cloudflare
etag: W/"fb60-170b5b7a5f3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-varnish: 680986003
content-type: text/css; charset=UTF-8
cache-control: public, max-age=86400
cf-ray: 59dada229a7c1f51-FRA
expires: Thu, 04 Jun 2020 16:39:46 GMT

GET
H2 200 button.css
cdnjs.cloudflare.com/ajax/libs/semantic-ui/2.2.13/components/ 88 KB
9 KB 17ms
16ms Stylesheet
text/css 2606:4700::6810:84e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/semantic-ui/2.2.13/components/button.css

Requested by

Host: top.gg
URL: https://top.gg/bot/679361555732627476

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:84e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

95018f9a8b5082e043203868cc97724763e166fe34cc7d0624bffd7219f22134

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://top.gg/bot/679361555732627476
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Jun 2020 16:39:46 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 2557065
status: 200
alt-svc: h3-27=":443"; ma=86400
cf-request-id: 031ca6a99c0000323cbe152200000001
served-in-seconds: 0.002
timing-allow-origin: *
last-modified: Thu, 17 May 2018 09:26:44 GMT
server: cloudflare
etag: W/"5afd4ad4-15e1c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=30672000
cf-ray: 59dada229f1d323c-FRA
expires: Mon, 24 May 2021 16:39:46 GMT

GET
H2 200 icon.css
cdnjs.cloudflare.com/ajax/libs/semantic-ui/2.2.13/components/ 54 KB
9 KB 20ms
19ms Stylesheet
text/css 2606:4700::6810:84e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/semantic-ui/2.2.13/components/icon.css

Requested by

Host: top.gg
URL: https://top.gg/bot/679361555732627476

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:84e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c757b4ebd129ae8db2350a3caa1462c7934599f983c085e059cc6511e332a86c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://top.gg/bot/679361555732627476
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Jun 2020 16:39:46 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 18696460
status: 200
alt-svc: h3-27=":443"; ma=86400
cf-request-id: 031ca6a99c0000323cbe153200000001
served-in-seconds: 0.001
timing-allow-origin: *
last-modified: Thu, 17 May 2018 09:26:44 GMT
server: cloudflare
etag: W/"5afd4ad4-d7e7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=30672000
cf-ray: 59dada229f1f323c-FRA
expires: Mon, 24 May 2021 16:39:46 GMT

GET
H2 200 3820.js Show response
cdn.thisiswaldo.com/static/js/ 27 B
384 B 69ms
10ms Script
application/javascript 2600:9000:2182:d600:4:164e:ca00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.thisiswaldo.com/static/js/3820.js

Requested by

Host: top.gg
URL: https://top.gg/bot/679361555732627476

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:9000:2182:d600:4:164e:ca00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache/2.4.29 (Ubuntu) /

Resource Hash

5712a53776686fef9a8dc555dac2809e820427e43bf2ca0766a5d81e11fea285

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://top.gg/bot/679361555732627476
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Jun 2020 19:41:00 GMT
via: 1.1 3b811cf25a4fdc818f7cfcb16b38d622.cloudfront.net (CloudFront)
x-content-type-options: nosniff
last-modified: Mon, 01 Jun 2020 19:39:26 GMT
server: Apache/2.4.29 (Ubuntu)
age: 161926
etag: "1b-5a70af3da0287"
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-length: 27
x-amz-cf-id: 2fDEFJ06CWudq3km290d0OulciCa1n4RJRJEgyrrqnNlAUw65iM6CQ==

GET
H2 200 3785a79660b92f7bff5ec698837f4cf3.png
images.discordapp.net/avatars/679361555732627476/ 189 KB
189 KB 450ms
383ms Image
image/png 162.159.130.232
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.discordapp.net/avatars/679361555732627476/3785a79660b92f7bff5ec698837f4cf3.png?size=512
Requested by: Host: top.gg
URL: https://top.gg/bot/679361555732627476
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.130.232 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9a3d4cd1ada309f3b6a0f59e29999c98e758d6130bf2c80597d4c3e017e531a7

Request headers

Referer: https://top.gg/bot/679361555732627476
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Jun 2020 16:39:46 GMT
via: 1.1 varnish (Varnish/5.2)
cf-cache-status: MISS
status: 200
content-type: image/png
content-length: 193443
cf-request-id: 031ca6aa020000d8f98d3f2200000001
x-discord-image-proxy-cache: MISS
last-modified: Wed, 03 Jun 2020 13:23:50 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 515421538
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 59dada2339e5d8f9-AMS
expires: Thu, 03 Jun 2021 16:39:46 GMT

GET
H2 200 e376fa60db0dc9111e70aa1087886e7a.png
images.discordapp.net/avatars/438733159748599813/ 15 KB
15 KB 58ms
30ms Image
image/png 162.159.130.232
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.discordapp.net/avatars/438733159748599813/e376fa60db0dc9111e70aa1087886e7a.png
Requested by: Host: top.gg
URL: https://top.gg/bot/679361555732627476
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.130.232 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c07b080455e4aa0b120a1ac673717385841ea07693f0cd4f30b5a1cc03b68271

Request headers

Referer: https://top.gg/bot/679361555732627476
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Jun 2020 16:39:46 GMT
via: 1.1 varnish (Varnish/5.2)
cf-cache-status: HIT
age: 13839
status: 200
content-type: image/png
content-length: 15464
cf-request-id: 031ca6aa020000d8f98d3f5200000001
x-discord-image-proxy-cache: MISS
last-modified: Tue, 02 Jun 2020 14:44:03 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 345912319
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 59dada2339e9d8f9-AMS
expires: Thu, 03 Jun 2021 16:39:46 GMT

GET
H2 200 dfc6194662959c2d567bec21b5f2df27.png
images.discordapp.net/avatars/317731855317336067/ 9 KB
9 KB 487ms
459ms Image
image/png 162.159.130.232
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.discordapp.net/avatars/317731855317336067/dfc6194662959c2d567bec21b5f2df27.png
Requested by: Host: top.gg
URL: https://top.gg/bot/679361555732627476
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.130.232 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 246e2041d916a23d05ba0a0f17deb24c0b797e3557f9f7ea59f695a2d3e92444

Request headers

Referer: https://top.gg/bot/679361555732627476
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Jun 2020 16:39:46 GMT
via: 1.1 varnish (Varnish/5.2)
cf-cache-status: MISS
status: 200
content-type: image/png
content-length: 9501
cf-request-id: 031ca6aa020000d8f98d3f4200000001
x-discord-image-proxy-cache: MISS
last-modified: Wed, 03 Jun 2020 13:31:16 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 588267035
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 59dada2339e8d8f9-AMS
expires: Thu, 03 Jun 2021 16:39:46 GMT

GET
H2 200 a_93628d16a449653e113673f86bc2ae45.png
images.discordapp.net/avatars/261900651230003201/ 8 KB
9 KB 53ms
26ms Image
image/png 162.159.130.232
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.discordapp.net/avatars/261900651230003201/a_93628d16a449653e113673f86bc2ae45.png
Requested by: Host: top.gg
URL: https://top.gg/bot/679361555732627476
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.130.232 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 59b75f1fc71877b8bf4e2555cc4e3808d8a6e85f4444bebab892ad7c369dc4b1

Request headers

Referer: https://top.gg/bot/679361555732627476
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Jun 2020 16:39:46 GMT
via: 1.1 varnish (Varnish/5.2)
cf-cache-status: HIT
age: 13839
status: 200
content-type: image/png
content-length: 8437
cf-request-id: 031ca6aa020000d8f98d3f3200000001
x-discord-image-proxy-cache: MISS
last-modified: Fri, 29 May 2020 15:31:50 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 1067934018
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 59dada2339e7d8f9-AMS
expires: Thu, 03 Jun 2021 16:39:46 GMT

GET
H2

200

m
secure-us.imrworldwide.com/cgi-bin/
Redirect Chain

https://secure-us.imrworldwide.com/cgi-bin/m?ci=us-603339h&cg=0&cc=1&ts=noscript
https://secure-us.imrworldwide.com/cgi-bin/m?ci=us-603339h&cg=0&cc=1&ts=noscript&ja=1

44 B
332 B

33ms
32ms

Image
image/gif

54.76.182.86
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-us.imrworldwide.com/cgi-bin/m?ci=us-603339h&cg=0&cc=1&ts=noscript&ja=1
Requested by: Host: top.gg
URL: https://top.gg/bot/679361555732627476
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.182.86 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-182-86.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

Referer: https://top.gg/bot/679361555732627476
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Jun 2020 16:39:46 GMT
server: nginx
status: 200
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://www.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin: *
cache-control: no-cache
content-type: image/gif
content-length: 44
expires: Thu, 01 Dec 1994 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 03 Jun 2020 16:39:46 GMT
server: nginx
status: 302
location: https://secure-us.imrworldwide.com/cgi-bin/m?ci=us-603339h&cg=0&cc=1&ts=noscript&ja=1
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://www.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin: *
cache-control: no-cache
content-length: 0
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 107 KB
39 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: top.gg
URL: https://top.gg/bot/679361555732627476

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ee887e32114088bbf4428bd544a6ed0ed5fd00d490dc8d5ec1868d736ac0b894

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://top.gg/bot/679361555732627476
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Jun 2020 16:39:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 39560
x-xss-protection: 0
server: cafe
etag: 8618473993110699134
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 03 Jun 2020 16:39:46 GMT

GET
H/1.1 200
OK ad-manager.min.js
hb.vntsm.com/v3/live/ Frame E2D4 60 KB
0 105ms
71ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Requested by: Host: top.gg
URL: https://top.gg/bot/679361555732627476
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://top.gg/bot/679361555732627476
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Jun 2020 16:39:46 GMT
Content-Encoding: gzip
Venatus-CDN-HB-Rule-Version: 1.1
X-IP: 185.217.171.12
Connection: keep-alive
Content-Length: 195619
Last-Modified: Tue, 02 Jun 2020 14:15:39 GMT
ETag: "62ae8ef59958265a0ea8782cb3e05a6b"
Access-Control-Allow-Methods: GET, OPTIONS
X-HW: 1591202386.cds118.am5.hn,1591202386.cds140.am5.c
Content-Type: application/javascript
Access-Control-Allow-Origin: https://top.gg
Access-Control-Expose-Headers: X-Geo, Content-Type
Cache-Control: max-age=297
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: X-Geo, Content-Type
X-Geo: NL

GET
DATA 200
OK truncated
/ 841 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d3573a4eac212c2acff3d06629135a3b96d8a373b4f92779733d8926f411b818

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 bg-1.svg
top.gg/images/ 70 KB
7 KB 18ms
18ms Image
image/svg+xml 2606:4700::6810:ad38
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://top.gg/images/bg-1.svg

Requested by

Host: top.gg
URL: https://top.gg/bot/679361555732627476

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:ad38 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

014aaf6b67fe0320992f3c7662f9b0cca42e43e6a39ad1f8d55337b126680069

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://top.gg/stylesheets/thenewstyle.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Jun 2020 16:39:46 GMT
via: 1.1 varnish-v4
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1647184
x-powered-by: Express
status: 200
content-encoding: br
vary: Accept-Encoding
cf-request-id: 031ca6a9ee00001f512e2aa200000001
last-modified: Wed, 05 Sep 2018 11:37:53 GMT
server: cloudflare
etag: W/"119d8-165a98643f1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-varnish: 672138992
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 59dada231bd11f51-FRA
expires: Thu, 04 Jun 2020 16:39:46 GMT

GET
H2 200 icons.woff2
cdnjs.cloudflare.com/ajax/libs/semantic-ui/2.2.13/themes/default/assets/fonts/ 75 KB
76 KB 35ms
19ms Font
application/octet-stream 2606:4700::6810:84e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/semantic-ui/2.2.13/themes/default/assets/fonts/icons.woff2

Requested by

Host: top.gg
URL: https://top.gg/bot/679361555732627476

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:84e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://cdnjs.cloudflare.com/ajax/libs/semantic-ui/2.2.13/components/icon.css
Origin: https://top.gg

Response headers

date: Wed, 03 Jun 2020 16:39:46 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 3501004
status: 200
alt-svc: h3-27=":443"; ma=86400
content-length: 77160
cf-request-id: 031ca6aa06000096b6c729a200000001
served-in-seconds: 0.001
timing-allow-origin: *
last-modified: Thu, 17 May 2018 09:26:44 GMT
server: cloudflare
etag: "5afd4ad4-12d68"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 59dada23394e96b6-FRA
expires: Mon, 24 May 2021 16:39:46 GMT

GET
H2 200 Karla-Regular.ttf
top.gg/fonts/ 16 KB
10 KB 17ms
16ms Font
font/ttf 2606:4700::6810:ad38
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://top.gg/fonts/Karla-Regular.ttf

Requested by

Host: top.gg
URL: https://top.gg/bot/679361555732627476

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:ad38 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

e2e0c223601a6a31d42d9a85152169a457938127b07446d26d9e10ddf6084969

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://top.gg/stylesheets/thenewstyle.css
Origin: https://top.gg

Response headers

date: Wed, 03 Jun 2020 16:39:46 GMT
via: 1.1 varnish-v4
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1081513
x-powered-by: Express
status: 200
content-encoding: br
vary: Accept-Encoding
cf-request-id: 031ca6a9f700001f512e2ab200000001
last-modified: Wed, 05 Sep 2018 11:37:53 GMT
server: cloudflare
etag: W/"41b0-165a98643c5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-varnish: 990380144
content-type: font/ttf
cache-control: public, max-age=86400
cf-ray: 59dada232bfa1f51-FRA
expires: Thu, 04 Jun 2020 16:39:46 GMT

GET
H2

200

/
clicksminuteper.github.io/Gone-Pair-Shaped/ Frame E8A6
Redirect Chain

https://clicksminuteper.github.io/Gone-Pair-Shaped
https://clicksminuteper.github.io/Gone-Pair-Shaped/

0
0

109ms
109ms

Document
text/html

185.199.109.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://clicksminuteper.github.io/Gone-Pair-Shaped/

Requested by

Host: top.gg
URL: https://top.gg/bot/679361555732627476

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.199.109.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

GitHub.com /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952

Request headers

:method: GET
:authority: clicksminuteper.github.io
:scheme: https
:path: /Gone-Pair-Shaped/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://top.gg/bot/679361555732627476
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://top.gg/bot/679361555732627476

Response headers

status: 200
server: GitHub.com
content-type: text/html; charset=utf-8
strict-transport-security: max-age=31556952
last-modified: Mon, 18 May 2020 07:55:41 GMT
etag: W/"5ec23f7d-2940"
access-control-allow-origin: *
expires: Wed, 03 Jun 2020 16:49:46 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: CB4A:4213:CB07:FA49:5ED7D252
accept-ranges: bytes
date: Wed, 03 Jun 2020 16:39:46 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-ams21044-AMS
x-cache: MISS
x-cache-hits: 0
x-timer: S1591202387.789080,VS0,VE93
vary: Accept-Encoding
x-fastly-request-id: 5eb698aefcefeb6611e5d934c8cb29b4993b3120
content-length: 3862

Redirect headers

status: 301
server: GitHub.com
content-type: text/html
location: https://clicksminuteper.github.io/Gone-Pair-Shaped/
x-github-request-id: 8FE0:37A6:DFA9:112F9:5ED7D252
accept-ranges: bytes
date: Wed, 03 Jun 2020 16:39:46 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-ams21044-AMS
x-cache: MISS
x-cache-hits: 0
x-timer: S1591202387.679807,VS0,VE92
vary: Accept-Encoding
x-fastly-request-id: 4aaf4364ac773d7df5832299e78b63f5b0fb5807
content-length: 162

GET
DATA 200
OK truncated
/ 456 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 016abb8f9d8ddc950fd1ac7301fd889269908826ccc9188d12080bc81a17f61a

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 Karla-Bold.ttf
top.gg/fonts/ 17 KB
10 KB 34ms
34ms Font
font/ttf 2606:4700::6810:ad38
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://top.gg/fonts/Karla-Bold.ttf

Requested by

Host: top.gg
URL: https://top.gg/bot/679361555732627476

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:ad38 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

6916f29111d92d1b90729c4e207b8f0a766ed1052301808e61ca8b83e994c1ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://top.gg/stylesheets/thenewstyle.css
Origin: https://top.gg

Response headers

date: Wed, 03 Jun 2020 16:39:46 GMT
via: 1.1 varnish-v4
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1124796
x-powered-by: Express
status: 200
content-encoding: br
vary: Accept-Encoding
cf-request-id: 031ca6aa5d00001f512e2b2200000001
last-modified: Wed, 05 Sep 2018 11:37:53 GMT
server: cloudflare
etag: W/"45cc-165a98643c5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-varnish: 508234315
content-type: font/ttf
cache-control: public, max-age=86400
cf-ray: 59dada23cdca1f51-FRA
expires: Thu, 04 Jun 2020 16:39:46 GMT

GET
H/1.1 200
OK beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 86ms
29ms Script
application/x-javascript 2.16.105.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: top.gg
URL: https://top.gg/bot/679361555732627476
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.105.213 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-16-105-213.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: https://top.gg/bot/679361555732627476
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Jun 2020 16:39:46 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=86400
Connection: keep-alive
Content-Length: 884
Expires: Thu, 04 Jun 2020 16:39:46 GMT

GET
H/1.1 200
OK ad-manager.min.js Show response
hb.vntsm.com/v3/live/ Frame 4915 624 KB
192 KB 20ms
18ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Requested by: Host: top.gg
URL: https://top.gg/bot/679361555732627476
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: be40baa5b8d64327409f5f04004bbb9a47367764a399ba49360c5feb7bc6896d

Request headers

Referer: https://top.gg/bot/679361555732627476
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Jun 2020 16:39:46 GMT
Content-Encoding: gzip
Venatus-CDN-HB-Rule-Version: 1.1
X-IP: 185.217.171.12
Connection: keep-alive
Content-Length: 195619
Last-Modified: Tue, 02 Jun 2020 14:15:39 GMT
ETag: "62ae8ef59958265a0ea8782cb3e05a6b"
Access-Control-Allow-Methods: GET, OPTIONS
X-HW: 1591202386.cds118.am5.hn,1591202386.cds140.am5.c
Content-Type: application/javascript
Access-Control-Allow-Origin: https://top.gg
Access-Control-Expose-Headers: X-Geo, Content-Type
Cache-Control: max-age=297
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: X-Geo, Content-Type
X-Geo: NL

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:81b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: top.gg
URL: https://top.gg/bot/679361555732627476

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://top.gg/bot/679361555732627476
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 30 Apr 2020 21:54:13 GMT
server: Golfe2
age: 6207
date: Wed, 03 Jun 2020 14:56:19 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18433
expires: Wed, 03 Jun 2020 16:56:19 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 131 KB
31 KB 33ms
32ms Script
application/x-javascript 2a03:2880:f046:f:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: top.gg
URL: https://top.gg/bot/679361555732627476

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f046:f:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4cb61e44bf63a9e090e666898cd04d382e4c33b55b62cc5e9ff7dab055fbf787

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://top.gg/bot/679361555732627476
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=3600
content-length: 31766
x-xss-protection: 0
pragma: public
x-fb-debug: jRZ3BWll+V3mv2TrjOncrrPvFYKp9DGRBgZtKd91ovkRJ+v71PJus66uJp4C5RrcXDNnxhmJDiwjx/FDyEeWEg==
x-fb-trip-id: 664085054
x-frame-options: DENY
date: Wed, 03 Jun 2020 16:39:46 GMT, Wed, 03 Jun 2020 16:39:46 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
168 B 15ms
14ms Script
application/javascript 2a00:1450:4001:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=top.gg

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://top.gg/bot/679361555732627476
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 03 Jun 2020 16:39:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
168 B 15ms
15ms Script
application/javascript 2a00:1450:4001:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=top.gg

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://top.gg/bot/679361555732627476
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 03 Jun 2020 16:39:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20200601/r20190131/ 215 KB
81 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20200601/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a1d8f20f5186f2f4948dbe549be3f6112d495cd7989790ea0736619eb9ad4024

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://top.gg/bot/679361555732627476
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Jun 2020 16:39:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 82829
x-xss-protection: 0
server: cafe
etag: 16894695404277252247
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Jun 2020 16:39:46 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20200601/r20190131/ Frame 6BDB 0
0 6ms
5ms Document
text/html 2a00:1450:4001:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20200601/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20200601/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://top.gg/bot/679361555732627476
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://top.gg/bot/679361555732627476

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Mon, 01 Jun 2020 16:17:59 GMT
expires: Mon, 15 Jun 2020 16:17:59 GMT
content-type: text/html; charset=UTF-8
etag: 17826495148367054107
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4284
x-xss-protection: 0
cache-control: public, max-age=1209600
age: 174107
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j82&a=1472232805&t=pageview&_s=1&dl=https%3A%2F%2Ftop.gg%2Fbot%2F679361555732627476&dr=http%3A%2F%2Fcardboard.glitch.me%2F&ul=en-us&de=UTF-8&dt=Car...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-98194944-1&cid=1127924168.1591202387&jid=2085886&_gid=642903524.1591202387&gjid=1426581509&_v=j82&z=26240925
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-98194944-1&cid=1127924168.1591202387&jid=2085886&_v=j82&z=26240925
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-98194944-1&cid=1127924168.1591202387&jid=2085886&_v=j82&z=26240925&slf_rd=1&random=1845791350

42 B
106 B

18ms
17ms

Image
image/gif

2a00:1450:4001:825::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-98194944-1&cid=1127924168.1591202387&jid=2085886&_v=j82&z=26240925&slf_rd=1&random=1845791350

Requested by

Host: top.gg
URL: https://top.gg/bot/679361555732627476

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://top.gg/bot/679361555732627476
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Jun 2020 16:39:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 03 Jun 2020 16:39:46 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-98194944-1&cid=1127924168.1591202387&jid=2085886&_v=j82&z=26240925&slf_rd=1&random=1845791350
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 306074476768832 Show response
connect.facebook.net/signals/config/ 517 KB
129 KB 42ms
41ms Script
application/x-javascript 2a03:2880:f046:f:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/306074476768832?v=2.9.18&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f046:f:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2154214b3df0625c56ce6bd139f3add7a0c8eec19899d5c319f2dc0010e88bad

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://top.gg/bot/679361555732627476
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=3600
content-length: 131707
x-xss-protection: 0
pragma: public
x-fb-debug: M5L1aaWKoZyycrLpz+aFmmItfDoe80Xm/ksmgB5GOSjolqc94lDiA0MPMqQfxCeaoNj+VePEvguPsQNE5zV+VQ==
x-fb-trip-id: 664085054
x-frame-options: DENY
date: Wed, 03 Jun 2020 16:39:46 GMT, Wed, 03 Jun 2020 16:39:46 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 script.js Show response
d1oykxszdrgjgl.cloudfront.net/ 100 KB
35 KB 48ms
12ms Script
application/javascript 2600:9000:2182:3200:0:1651:6140:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2182:3200:0:1651:6140:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 646bcfa60237ff1a8c00340210079be9dc02a20e5ab0616302d753e544a33980

Request headers

Referer: https://top.gg/bot/679361555732627476
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Jun 2020 08:01:42 GMT
content-encoding: gzip
last-modified: Wed, 06 May 2020 01:02:21 GMT
server: AmazonS3
age: 31085
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: ZOOTNJRPcUgBhsfe-sUzVBWAKwVsaoV7ulDkC89o43tlaxfEUSengw==
via: 1.1 3b811cf25a4fdc818f7cfcb16b38d622.cloudfront.net (CloudFront)

GET
H/1.1 200
OK 5b608a2046e0fb0001330d9b.enc Show response
hb.vntsm.com/v2/live/ Frame 4915 40 KB
5 KB 54ms
19ms XHR
text/plain 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.vntsm.com/v2/live/5b608a2046e0fb0001330d9b.enc
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: f5708305d549c31b8ac716a868b284307a767e5e1b86587abffa7af441432851

Request headers

Referer: https://top.gg/bot/679361555732627476
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Jun 2020 16:39:46 GMT
Content-Encoding: gzip
Venatus-CDN-HB-Rule-Version: 1.1
X-IP: 185.217.171.12
Connection: keep-alive
Content-Length: 4572
Last-Modified: Mon, 01 Jun 2020 14:09:00 GMT
ETag: "a9575fafc946897dbd2ce36c9036acc0"
Access-Control-Allow-Methods: GET, OPTIONS
X-HW: 1591202386.cds108.am5.hn,1591202386.cds065.am5.c
Content-Type: text/plain
Access-Control-Allow-Origin: https://top.gg
Access-Control-Expose-Headers: X-Geo, Content-Type
Cache-Control: max-age=600
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: X-Geo, Content-Type
X-Geo: NL

GET
H2 403 ads
googleads.g.doubleclick.net/pagead/ Frame 9FDF 0
0 30ms
29ms Document
text/html 2a00:1450:4001:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1065800822998704&output=html&adk=1812271804&adf=3025194257&lmt=1591202386&plaf=1%3A2%2C2%3A2%2C3%3A2%2C4%3A2%2C5%3A2&plat=1%3A32904%2C2%3A32904%2C8%3A32896%2C9%3A32904%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C27%3A128%2C30%3A1081472%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Ftop.gg%2Fbot%2F679361555732627476&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1591202386671&bpp=17&bdt=350&idt=134&shv=r20200601&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7603964299069&frm=20&pv=2&ga_vid=1127924168.1591202387&ga_sid=1591202387&ga_hid=1472232805&ga_fc=0&iag=0&icsg=524450&dssz=22&mdo=0&mso=0&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530451%2C42530453&oid=3&pvsid=416292191534670&pem=317&ref=http%3A%2F%2Fcardboard.glitch.me%2F&rx=0&eae=2&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8208&bc=31&ifi=0&uci=a!0&fsb=1&dtd=155

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200601/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-1065800822998704&output=html&adk=1812271804&adf=3025194257&lmt=1591202386&plaf=1%3A2%2C2%3A2%2C3%3A2%2C4%3A2%2C5%3A2&plat=1%3A32904%2C2%3A32904%2C8%3A32896%2C9%3A32904%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C27%3A128%2C30%3A1081472%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Ftop.gg%2Fbot%2F679361555732627476&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1591202386671&bpp=17&bdt=350&idt=134&shv=r20200601&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7603964299069&frm=20&pv=2&ga_vid=1127924168.1591202387&ga_sid=1591202387&ga_hid=1472232805&ga_fc=0&iag=0&icsg=524450&dssz=22&mdo=0&mso=0&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530451%2C42530453&oid=3&pvsid=416292191534670&pem=317&ref=http%3A%2F%2Fcardboard.glitch.me%2F&rx=0&eae=2&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8208&bc=31&ifi=0&uci=a!0&fsb=1&dtd=155
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://top.gg/bot/679361555732627476
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://top.gg/bot/679361555732627476

Response headers

status: 403
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 03 Jun 2020 16:39:46 GMT
server: cafe
content-length: 46
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 03-Jun-2020 16:54:46 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
27 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200601/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

26ab1f3d53089825fd05700e5518ee60a7ff1290d07fbb4ad5b07b4ac4953685

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://top.gg/bot/679361555732627476
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Jun 2020 16:39:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1590752365362815"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 27673
x-xss-protection: 0
expires: Wed, 03 Jun 2020 16:39:46 GMT

GET
H/1.1

204
No Content

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=6035118&ns__t=1591202386831&ns_c=UTF-8&cv=3.5&c8=Cardboard%20Against%20Humankind%20%7C%20Discord%20Bots&c7=https%3A%2F%2Ftop.gg%2Fbot%2F679361555732627476...
https://sb.scorecardresearch.com/b2?c1=2&c2=6035118&ns__t=1591202386831&ns_c=UTF-8&cv=3.5&c8=Cardboard%20Against%20Humankind%20%7C%20Discord%20Bots&c7=https%3A%2F%2Ftop.gg%2Fbot%2F67936155573262747...

0
528 B

29ms
28ms

Image
text/plain

2.16.105.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=6035118&ns__t=1591202386831&ns_c=UTF-8&cv=3.5&c8=Cardboard%20Against%20Humankind%20%7C%20Discord%20Bots&c7=https%3A%2F%2Ftop.gg%2Fbot%2F679361555732627476&c9=http%3A%2F%2Fcardboard.glitch.me%2F&cs_ak_ss=1
Requested by: Host: top.gg
URL: https://top.gg/bot/679361555732627476
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.105.213 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-16-105-213.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://top.gg/bot/679361555732627476
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 03 Jun 2020 16:39:46 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://sb.scorecardresearch.com/b2?c1=2&c2=6035118&ns__t=1591202386831&ns_c=UTF-8&cv=3.5&c8=Cardboard%20Against%20Humankind%20%7C%20Discord%20Bots&c7=https%3A%2F%2Ftop.gg%2Fbot%2F679361555732627476&c9=http%3A%2F%2Fcardboard.glitch.me%2F&cs_ak_ss=1
Pragma: no-cache
Date: Wed, 03 Jun 2020 16:39:46 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 43 KB
15 KB 95ms
50ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

sffe /

Resource Hash

de900a6d1f0f1c44104ecf357a37b3c6f086779f4d66977b40fb77ef00af692b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://top.gg/bot/679361555732627476
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Jun 2020 16:39:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "532 / 75 of 1000 / last-modified: 1591144195"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14456
x-xss-protection: 0
expires: Wed, 03 Jun 2020 16:39:46 GMT

GET
H/1.1 200
OK tag.js Show response
mc.yandex.ru/metrika/ 359 KB
91 KB 194ms
94ms Script
application/javascript 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.14.2 /

Resource Hash

0b433c0f8b949b33e1296f58020be5649d9e85d60ef6f3f2df2dae37c3c34ba4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://top.gg/bot/679361555732627476
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Jun 2020 16:39:46 GMT
Content-Encoding: br
Last-Modified: Wed, 03 Jun 2020 14:27:03 GMT
Server: nginx/1.14.2
ETag: "5ed7b337-16bee"
Strict-Transport-Security: max-age=31536000
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Content-Length: 93166
Expires: Wed, 03 Jun 2020 17:39:46 GMT

GET
H/1.1 200
OK cmp.complete.bundle.js Show response
hb.vntsm.com/cmp/ 144 KB
39 KB 21ms
21ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.vntsm.com/cmp/cmp.complete.bundle.js?upapi=true
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 2a683adc51666167d40767eff12d21529572c04b6c447c2c8cd25fb6939011c6

Request headers

Referer: https://top.gg/bot/679361555732627476
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Jun 2020 16:39:46 GMT
Content-Encoding: gzip
Venatus-CDN-HB-Rule-Version: 1.1
X-IP: 185.217.171.12
Connection: keep-alive
Content-Length: 39354
Last-Modified: Thu, 15 Aug 2019 10:08:09 GMT
ETag: "41f20dab2999e75109a5faaed264ef54"
Access-Control-Allow-Methods: GET, OPTIONS
X-HW: 1591202386.cds118.am5.hn,1591202386.cds148.am5.c
Content-Type: application/javascript
Access-Control-Allow-Origin: https://top.gg
Access-Control-Expose-Headers: X-Geo, Content-Type
Cache-Control: max-age=297
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: X-Geo, Content-Type
X-Geo: NL

POST
H2 200 1a Show response
i.clean.gg/ 0
104 B 97ms
97ms XHR
application/octet-stream 34.95.69.49
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clean.gg/1a
Requested by: Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.69.49 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 49.69.95.34.bc.googleusercontent.com
Software: nginx/1.17.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://top.gg/bot/679361555732627476
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
x-api-key: cvYGNal5xGaRZYDiS2z80aL3JULuLgSOakuDmdmt
Content-Type: application/json

Response headers

date: Wed, 03 Jun 2020 16:39:47 GMT
via: 1.1 google
server: nginx/1.17.4
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,x-api-key
status: 200
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
alt-svc: clear
content-length: 0

GET
H2 200 958153f1b8b96ec4c4eb2147429105d9.json Show response
dw7nrwnn2bkh1.cloudfront.net/ 3 KB
3 KB 13ms
12ms XHR
application/json 2600:9000:2190:7a00:6:266a:9940:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dw7nrwnn2bkh1.cloudfront.net/958153f1b8b96ec4c4eb2147429105d9.json
Requested by: Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2190:7a00:6:266a:9940:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 383d0f5336e45ea05ac03725c0ec5ab38a02cb1173f825e607b3a5c755d9f59f

Request headers

Referer: https://top.gg/bot/679361555732627476
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
x-api-key: cvYGNal5xGaRZYDiS2z80aL3JULuLgSOakuDmdmt
Content-Type: application/json

Response headers

date: Wed, 03 Jun 2020 15:50:42 GMT
via: 1.1 a4f3f56409fe4e0b42683dc15dd52ef8.cloudfront.net (CloudFront)
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age: 2945
x-cache: Hit from cloudfront
status: 200
content-length: 2792
last-modified: Tue, 02 Jun 2020 15:49:23 GMT
server: AmazonS3
etag: "dce1d3ff2e5a5d518464762cd5234044"
access-control-max-age: 600
access-control-allow-methods: GET, POST
content-type: application/json
access-control-allow-origin: *
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
x-amz-cf-id: bu4WblROtzZ-xQAswx8WE4lEGttN183YmyvihwmrQNGs7upNCQEOEw==

GET
H2 200 /
www.facebook.com/tr/ 44 B
258 B 40ms
40ms Image
image/gif 2a03:2880:f146:82:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=306074476768832&ev=PageView&dl=https%3A%2F%2Ftop.gg%2Fbot%2F679361555732627476&rl=http%3A%2F%2Fcardboard.glitch.me%2F&if=false&ts=1591202387018&sw=1600&sh=1200&v=2.9.18&r=stable&ec=0&o=30&fbp=fb.1.1591202387017.480452470&it=1591202386719&coo=false&rqm=GET

Requested by

Host: top.gg
URL: https://top.gg/bot/679361555732627476

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f146:82:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://top.gg/bot/679361555732627476
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Jun 2020 16:39:47 GMT, Wed, 03 Jun 2020 16:39:47 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-27=":443"; ma=3600
content-length: 44
expires: Wed, 03 Jun 2020 16:39:47 GMT

GET
H2 200 pubads_impl_2020060102.js Show response
securepubads.g.doubleclick.net/gpt/ 247 KB
88 KB 31ms
30ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060102.js

Requested by

Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

sffe /

Resource Hash

999b8d754368d546a94f10701beb184fc2050111e51f2d5650f0eb0f66be78e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://top.gg/bot/679361555732627476
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Jun 2020 16:39:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 01 Jun 2020 17:46:12 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 90146
x-xss-protection: 0
expires: Wed, 03 Jun 2020 16:39:47 GMT

GET
H2 200 vendorlist.json Show response
vendorlist.consensu.org/ 97 KB
18 KB 33ms
12ms Fetch
application/json 2600:9000:2182:1e00:1:af78:4c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vendorlist.consensu.org/vendorlist.json
Requested by: Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2182:1e00:1:af78:4c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6b66ddc95b6900db0e932deed2b097f047606d3dc2cc5c54fe006f14767f15bd

Request headers

Referer: https://top.gg/bot/679361555732627476
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 28 May 2020 16:10:20 GMT
content-encoding: gzip
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age: 520168
x-cache: Hit from cloudfront
status: 200
access-control-allow-origin: *
last-modified: Thu, 28 May 2020 16:00:39 GMT
server: AmazonS3
access-control-max-age: 604800
access-control-allow-methods: GET
x-amz-version-id: RL7zPC8PE9_EtRp64Z4cBGzNxr7l3FAF
via: 1.1 d47fba004c254adb4e354d0cef499808.cloudfront.net (CloudFront)
cache-control: max-age=604800
x-amz-cf-pop: DUS51-C1
content-type: application/json; charset=utf-8
x-amz-cf-id: CaYsl8xIyPfCFlGcnOmJjnswtr9QhcDb1Ah3yPwLTmlqysFnyesNxw==

GET
H/1.1

200
OK

1 Show response
mc.yandex.ru/watch/52686565/
Redirect Chain

https://mc.yandex.ru/watch/52686565?wmode=7&page-ref=http%3A%2F%2Fcardboard.glitch.me%2F&page-url=https%3A%2F%2Ftop.gg%2Fbot%2F679361555732627476&charset=utf-8&browser-info=ti%3A10%3Ans%3A159120238...
https://mc.yandex.ru/watch/52686565/1?wmode=7&page-ref=http%3A%2F%2Fcardboard.glitch.me%2F&page-url=https%3A%2F%2Ftop.gg%2Fbot%2F679361555732627476&charset=utf-8&browser-info=ti%3A10%3Ans%3A1591202...

171 B
713 B

84ms
41ms

XHR
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/52686565/1?wmode=7&page-ref=http%3A%2F%2Fcardboard.glitch.me%2F&page-url=https%3A%2F%2Ftop.gg%2Fbot%2F679361555732627476&charset=utf-8&browser-info=ti%3A10%3Ans%3A1591202386243%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20200603183947%3Aet%3A1591202387%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Als%3A733209613576%3Arqn%3A1%3Arn%3A665004865%3Ahid%3A1004898661%3Ads%3A1%2C20%2C52%2C1%2C2%2C0%2C0%2C310%2C0%2C%2C%2C%2C388%3Afp%3A275%3Agdpr%3A14%3Av%3A1877%3Awv%3A2%3Arqnl%3A1%3Ast%3A1591202387%3Au%3A1591202387485560694%3At%3ACardboard%20Against%20Humankind%20%7C%20Discord%20Bots

Requested by

Host: top.gg
URL: https://top.gg/bot/679361555732627476

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.14.2 /

Resource Hash

0f063ccb09239c54b0557824cfe33d13b7a64ae48af102d02ae68c94a09eb337

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://top.gg/bot/679361555732627476
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 03 Jun 2020 16:39:47 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 03-Jun-2020 16:39:47 GMT
Server: nginx/1.14.2
Strict-Transport-Security: max-age=31536000
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://top.gg
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 171
X-XSS-Protection: 1; mode=block
Expires: Wed, 03-Jun-2020 16:39:47 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 03 Jun 2020 16:39:47 GMT
Last-Modified: Wed, 03-Jun-2020 16:39:47 GMT
Server: nginx/1.14.2
Access-Control-Allow-Origin: https://top.gg
Strict-Transport-Security: max-age=31536000
Location: /watch/52686565/1?wmode=7&page-ref=http%3A%2F%2Fcardboard.glitch.me%2F&page-url=https%3A%2F%2Ftop.gg%2Fbot%2F679361555732627476&charset=utf-8&browser-info=ti%3A10%3Ans%3A1591202386243%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20200603183947%3Aet%3A1591202387%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Als%3A733209613576%3Arqn%3A1%3Arn%3A665004865%3Ahid%3A1004898661%3Ads%3A1%2C20%2C52%2C1%2C2%2C0%2C0%2C310%2C0%2C%2C%2C%2C388%3Afp%3A275%3Agdpr%3A14%3Av%3A1877%3Awv%3A2%3Arqnl%3A1%3Ast%3A1591202387%3Au%3A1591202387485560694%3At%3ACardboard%20Against%20Humankind%20%7C%20Discord%20Bots
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
X-XSS-Protection: 1; mode=block
Expires: Wed, 03-Jun-2020 16:39:47 GMT

GET
H/1.1 200
OK advert.gif
mc.yandex.ru/metrika/ 43 B
425 B 65ms
41ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/metrika/advert.gif

Requested by

Host: top.gg
URL: https://top.gg/bot/679361555732627476

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.14.2 /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://top.gg/bot/679361555732627476
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Jun 2020 16:39:47 GMT
Last-Modified: Fri, 17 Jan 2020 08:05:01 GMT
Server: nginx/1.14.2
ETag: "5e216aad-2b"
Strict-Transport-Security: max-age=31536000
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Wed, 03 Jun 2020 17:39:47 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 7 KB
6 KB 19ms
18ms XHR
application/json 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20200601&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200601/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d26e83df9869c2a0a261f5b74d75f0e58177f1aebcedf825362b128452863396

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://top.gg/bot/679361555732627476
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 03 Jun 2020 16:39:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 5602
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 14 KB
5 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://top.gg/bot/679361555732627476
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Jun 2020 16:39:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1582746470043195"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5456
x-xss-protection: 0
expires: Wed, 03 Jun 2020 16:39:47 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/209/ Frame F941 0
0 7ms
6ms Document
text/html 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html

Requested by

Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/209/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://top.gg/bot/679361555732627476
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://top.gg/bot/679361555732627476

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 5727
date: Wed, 03 Jun 2020 15:45:32 GMT
expires: Thu, 03 Jun 2021 15:45:32 GMT
last-modified: Tue, 25 Feb 2020 17:32:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 3255
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 32ms
31ms Image
image/gif 2a03:2880:f146:82:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=306074476768832&ev=Microdata&dl=https%3A%2F%2Ftop.gg%2Fbot%2F679361555732627476&rl=http%3A%2F%2Fcardboard.glitch.me%2F&if=false&ts=1591202387521&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%5Cn%5Ct%5CtCardboard%20Against%20Humankind%20%7C%20Discord%20Bots%22%2C%22meta%3Adescription%22%3A%22%20Gone%20Pair%20Shaped!%20The%20fun%20card%20matching%20game%20for%20discord.%20(Similar%20to%20%20Cards%20Against%20Humanity%20or%20Apples%20to%20Apples)%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Cardboard%20Against%20Humankind%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Ftop.gg%2F%22%2C%22og%3Adescription%22%3A%22%20Gone%20Pair%20Shaped!%20The%20fun%20card%20matching%20game%20for%20discord.%20(Similar%20to%20%20Cards%20Against%20Humanity%20or%20Apples%20to%20Apples)%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fimages.discordapp.net%2Favatars%2F679361555732627476%2F3785a79660b92f7bff5ec698837f4cf3.png%3Fsize%3D512%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.18&r=stable&ec=1&o=30&fbp=fb.1.1591202387017.480452470&it=1591202386719&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f146:82:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://top.gg/bot/679361555732627476
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Jun 2020 16:39:47 GMT, Wed, 03 Jun 2020 16:39:47 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-27=":443"; ma=3600
content-length: 44
expires: Wed, 03 Jun 2020 16:39:47 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
55 B 39ms
39ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=209&t=2&li=gda_r20200601&jk=416292191534670&bg=!zM-lz9dYsRm23986imwCAAAAUVIAAAAOmQFuqFOMBU2wpG8BNPbcCRcvvDuLsWOPWe8NMcnoUUiCeGsBKbtVQQ03SWwUOZDWq6O64AbCkCfzjLnn01lOly61bFNnFVq24zpowhI9Ks-sK9m7uoGf7_rxXK8vUvGorO9dn5Ls2fKKCoFeVh0oO68J-ukc6FAxPHNAOpwqE1VxnNNqMBUJFrDs7uT7aYu9kjumidwAiqAle25gXHr-0eyPT2cYUO29vyPfQg1cfzVZfePRuxiAPbwYxV4gtcGZetGjr-Ofwwp2GUL7RzLhENOYZBtRfxpi7dHQNvbr-w0qn_kECuITcovMpv6gAwyaVSOFCs_H6noVQm-qeXcUChGQ7tmPGXfZeyyOaiR45u7QY7HeYJo8dRMyeM9VzUr5uFvhLAuu4DwtesW9pl3RD5JdpQjZJO7jMP2nxs8VrKNlffwrLVn4Vykkjv6Sly9g8CV7_yIL1bQGBTYap-yWWlhcu1BQsMxlWH6atawR3yjN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://top.gg/bot/679361555732627476
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Jun 2020 16:39:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 4915 239 B
2 KB 352ms
267ms XHR
application/json 69.173.144.140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13762&site_id=160026&zone_id=767258&size_id=2&gdpr=0&rp_schain=1.0,1!venatusmedia.com,5b608a2046e0fb0001330d9b,1,,,&rf=https%3A%2F%2Ftop.gg%2Fbot%2F679361555732627476&tk_flint=pbjs_lite_v3.15.0&x_source.tid=e25a3624-9e0d-4df2-b1af-760a91adbde1&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.1340547298738417
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: RAS 2.4 /
Resource Hash: d026afae1a30ff2c1762d2b5de872c1f5af8179538f5dc1283826d9ad66803ed

Request headers

Referer: https://top.gg/bot/679361555732627476
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 03 Jun 2020 16:39:52 GMT
Server: RAS 2.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://top.gg
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Type: application/json
Keep-Alive: timeout=5, max=29
Content-Length: 239
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 4915 240 B
2 KB 303ms
218ms XHR
application/json 69.173.144.140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13762&site_id=160026&zone_id=767258&size_id=15&gdpr=0&rp_schain=1.0,1!venatusmedia.com,5b608a2046e0fb0001330d9b,1,,,&rf=https%3A%2F%2Ftop.gg%2Fbot%2F679361555732627476&tk_flint=pbjs_lite_v3.15.0&x_source.tid=418d01c8-1943-41b8-a71e-db5c7ea41c3e&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.25710925254890116
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: RAS 2.4 /
Resource Hash: 67ea5bfd248862be7c2eddf5175a77b20c20a859bf453ba43d11b06e086e7281

Request headers

Referer: https://top.gg/bot/679361555732627476
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 03 Jun 2020 16:39:52 GMT
Server: RAS 2.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://top.gg
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Type: application/json
Keep-Alive: timeout=5, max=469
Content-Length: 240
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 4915 239 B
2 KB 355ms
270ms XHR
application/json 69.173.144.140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13762&site_id=160026&zone_id=767258&size_id=2&gdpr=0&rp_schain=1.0,1!venatusmedia.com,5b608a2046e0fb0001330d9b,1,,,&rf=https%3A%2F%2Ftop.gg%2Fbot%2F679361555732627476&tk_flint=pbjs_lite_v3.15.0&x_source.tid=fc1af91b-4020-4c58-bca5-9b117988b925&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.9598552688141995
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: RAS 2.4 /
Resource Hash: 9a6a8721f1be20e632c8b3c63b55f3464dbed2dd411eab7793175960e8b21d27

Request headers

Referer: https://top.gg/bot/679361555732627476
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 03 Jun 2020 16:39:52 GMT
Server: RAS 2.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://top.gg
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Type: application/json
Keep-Alive: timeout=5, max=498
Content-Length: 239
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 v1 Show response
hb-api.omnitagjs.com/hb-api/prebid/ Frame 4915 187 B
603 B 169ms
113ms XHR
application/json 185.255.84.151
IGUANE-

General

Check archive.org

Show headers Download Go to

Full URL

https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Ftop.gg%2Fbot%2F679361555732627476&CanonicalUrl=https%3A%2F%2Ftop.gg%2Fbot%2F679361555732627476

Requested by

Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.255.84.151 , France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

03a347e6a1369d587a58ea526e27dd04de3f7af1d3727577d0367f406db2bc55

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://top.gg/bot/679361555732627476
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 03 Jun 2020 16:39:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO PSA OUR"
status: 200
x-envoy-upstream-service-time: 88
vary: Accept-Encoding
content-length: 148
pragma: no-cache
server: ayl-lb-fra02
access-control-max-age: 3600
access-control-allow-methods: OPTIONS, POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://top.gg
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Accept-Encoding, Content-Type
expires: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 4915 358 B
1 KB 70ms
26ms XHR
application/json 37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.250 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

f79c96abe383edddfa73485561d5953a526ae5fb43c7c589fe67dab1e80ddd46

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://top.gg/bot/679361555732627476
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 03 Jun 2020 16:39:54 GMT
X-Proxy-Origin: 185.217.171.12; 185.217.171.12; 538.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.184:80
AN-X-Request-Uuid: ca68a9a4-6404-4d2d-bb3c-534a12e66a9f
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://top.gg
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 358
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 204 prebid Show response
ads.yieldmo.com/exchange/ Frame 4915 0
217 B 104ms
37ms XHR
text/plain 52.209.94.187
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/exchange/prebid?p=%5B%7B%22placement_id%22%3A%220-5b608e9746e0fb0001318a60-1%22%2C%22callback_id%22%3A%2212583d32e1c95d5%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%5D%2C%22ym_placement_id%22%3A%222474693366005047465%22%7D%2C%7B%22placement_id%22%3A%221-5b608e8946e0fb0001baabbd-1%22%2C%22callback_id%22%3A%2213da90d6365ff91%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%5D%2C%22ym_placement_id%22%3A%222474693366005047465%22%7D%2C%7B%22placement_id%22%3A%222-5b608e9746e0fb0001318a60-1%22%2C%22callback_id%22%3A%2214d558c0afeaca3%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%5D%2C%22ym_placement_id%22%3A%222474693366005047465%22%7D%5D&page_url=https%3A%2F%2Ftop.gg%2Fbot%2F679361555732627476&bust=1591202392189&pr=https%3A%2F%2Ftop.gg%2Fbot%2F679361555732627476&scrd=1&dnt=false&e=90&description=&title=Cardboard%20Against%20Humankind%20%7C%20Discord%20Bots&w=1600&h=1200&userConsent=%7B%22gdprApplies%22%3Afalse%7D&us_privacy=undefined&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22venatusmedia.com%22%2C%22sid%22%3A%225b608a2046e0fb0001330d9b%22%2C%22hp%22%3A1%7D%5D%7D&
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.209.94.187 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-209-94-187.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://top.gg/bot/679361555732627476
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 03 Jun 2020 16:39:52 GMT
status: 204
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://top.gg
access-control-allow-credentials: true
x-robots-tag: none,NOINDEX,NOFOLLOW
access-control-request-headers: Cache-Control, Pragma

GET
H/1.1 200
OK cygnus Show response
as-sec.casalemedia.com/ Frame 4915 25 B
980 B 202ms
143ms XHR
application/json 72.247.225.98
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/cygnus?s=171882&v=7.2&r=%7B%22id%22%3A%221577e142f052a77%22%2C%22imp%22%3A%5B%7B%22id%22%3A%221687878a4a7cb2a%22%2C%22ext%22%3A%7B%22siteID%22%3A%22171882%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%22176448e1285ca3%22%2C%22ext%22%3A%7B%22siteID%22%3A%22171882%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%221842f6a9427367b%22%2C%22ext%22%3A%7B%22siteID%22%3A%22171882%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A0%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Ftop.gg%2Fbot%2F679361555732627476%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22venatusmedia.com%22%2C%22sid%22%3A%225b608a2046e0fb0001330d9b%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%7D&ac=j&sd=1&
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 72.247.225.98 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-247-225-98.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 878f12637214c8a9ba776b5f7b60d2f18189de94df8b74550d887293bf6d9ffb

Request headers

Referer: https://top.gg/bot/679361555732627476
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 03 Jun 2020 16:39:52 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Access-Control-Allow-Origin: https://top.gg
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 45
Expires: Wed, 03 Jun 2020 16:39:52 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 4915 0
136 B 52ms
17ms XHR
text/plain 178.250.2.152
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=26&wv=3.15.0&cb=60111747163
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.152 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.am5.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://top.gg/bot/679361555732627476
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Wed, 03 Jun 2020 16:39:51 GMT
access-control-allow-credentials: true
server: Finatra
access-control-allow-origin: https://top.gg
timing-allow-origin: *
vary: Origin

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 4915 370 B
1 KB 165ms
124ms XHR
application/json 37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.250 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

0e5fa5d50b6896b935bbbf15ade60402c9f4d2658436cf9635ebcb5c9e94bbe3

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://top.gg/bot/679361555732627476
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 03 Jun 2020 16:39:54 GMT
X-Proxy-Origin: 185.217.171.12; 185.217.171.12; 538.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.119:80
AN-X-Request-Uuid: cc1b1d68-176b-49d9-896b-912b27957318
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://top.gg
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 370
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame 4915 0
109 B 131ms
93ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://top.gg/bot/679361555732627476
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Wed, 03 Jun 2020 16:39:52 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: https://top.gg

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ Frame 4915 47 B
715 B 97ms
59ms XHR
application/json 216.52.2.48
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_3.15.0
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.48 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx /
Resource Hash: 23f8fdf4a2e9f46c0097ff52b1527527b723e1ba35228900457602268380c468

Request headers

Referer: https://top.gg/bot/679361555732627476
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 03 Jun 2020 16:39:52 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://top.gg
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap5ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 65

POST
H2 200 auction Show response
tlx.3lift.com/header/ Frame 4915 19 B
468 B 115ms
66ms XHR
application/json 3.127.120.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=3.15.0&referrer=https%3A%2F%2Ftop.gg%2Fbot%2F679361555732627476&tmax=3500&gdpr=false

Requested by

Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.127.120.24 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-127-120-24.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://top.gg/bot/679361555732627476
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 03 Jun 2020 16:39:52 GMT
status: 200
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin: https://top.gg
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: application/json; charset=utf-8
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame 4915 0
53 B 77ms
77ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://top.gg/bot/679361555732627476
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Wed, 03 Jun 2020 16:39:52 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: https://top.gg

GET
H/1.1 200
OK cygnus Show response
as-sec.casalemedia.com/ Frame 4915 25 B
973 B 143ms
143ms XHR
application/json 72.247.225.98
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/cygnus?s=171882&v=7.2&r=%7B%22id%22%3A%224285ac5ae4351ae%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2243044ff5615d158%22%2C%22ext%22%3A%7B%22siteID%22%3A%22171882%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A0%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Ftop.gg%2Fbot%2F679361555732627476%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22venatusmedia.com%22%2C%22sid%22%3A%225b608a2046e0fb0001330d9b%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%7D&ac=j&sd=1&
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 72.247.225.98 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-247-225-98.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 2954e96a0969861ddfa5282a961e32eb5d7a3e52367676d105382099f69f00a0

Request headers

Referer: https://top.gg/bot/679361555732627476
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 03 Jun 2020 16:39:52 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Access-Control-Allow-Origin: https://top.gg
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 45
Expires: Wed, 03 Jun 2020 16:39:52 GMT

GET
H2 204 prebid Show response
ads.yieldmo.com/exchange/ Frame 4915 0
217 B 37ms
37ms XHR
text/plain 52.209.94.187
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/exchange/prebid?p=%5B%7B%22placement_id%22%3A%221000-5d5561e494fc8910b6354ecc-1%22%2C%22callback_id%22%3A%2245c956af9062229%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%2C%5B970%2C90%5D%5D%2C%22ym_placement_id%22%3A%222474693366005047465%22%7D%5D&page_url=https%3A%2F%2Ftop.gg%2Fbot%2F679361555732627476&bust=1591202392599&pr=https%3A%2F%2Ftop.gg%2Fbot%2F679361555732627476&scrd=1&dnt=false&e=90&description=&title=Cardboard%20Against%20Humankind%20%7C%20Discord%20Bots&w=1600&h=1200&userConsent=%7B%22gdprApplies%22%3Afalse%7D&us_privacy=undefined&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22venatusmedia.com%22%2C%22sid%22%3A%225b608a2046e0fb0001330d9b%22%2C%22hp%22%3A1%7D%5D%7D&
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.209.94.187 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-209-94-187.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://top.gg/bot/679361555732627476
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 03 Jun 2020 16:39:52 GMT
status: 204
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://top.gg
access-control-allow-credentials: true
x-robots-tag: none,NOINDEX,NOFOLLOW
access-control-request-headers: Cache-Control, Pragma

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 4915 143 B
1 KB 102ms
102ms XHR
application/json 37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.250 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

2e8a5d5e8aec3f59a4591e5cbb1ee9240655b46282b0fad455f01dbc9d6f071b

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://top.gg/bot/679361555732627476
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 03 Jun 2020 16:39:54 GMT
X-Proxy-Origin: 185.217.171.12; 185.217.171.12; 538.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.23:80
AN-X-Request-Uuid: c7696100-606e-4fb2-8e14-a07848a4a7b9
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://top.gg
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 143
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 4915 145 B
1 KB 103ms
103ms XHR
application/json 37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.250 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

f8cbe005800c027707eba92c1101ee508969db7cdb8de5d1efd1a81635cd926e

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://top.gg/bot/679361555732627476
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 03 Jun 2020 16:39:54 GMT
X-Proxy-Origin: 185.217.171.12; 185.217.171.12; 538.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.41:80
AN-X-Request-Uuid: 62725101-ab40-4642-b3de-f6e2fa0128db
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://top.gg
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 145
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 4915 259 B
1 KB 266ms
266ms XHR
application/json 69.173.144.140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13762&site_id=160026&zone_id=767258&size_id=2&alt_size_ids=55&gdpr=0&rp_schain=1.0,1!venatusmedia.com,5b608a2046e0fb0001330d9b,1,,,&rf=https%3A%2F%2Ftop.gg%2Fbot%2F679361555732627476&tk_flint=pbjs_lite_v3.15.0&x_source.tid=13366c8a-0c11-411d-b30d-b07155e07bc1&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.9990767653619579
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: RAS 2.4 /
Resource Hash: 6d526a9c97ceda7887728ee58666cb429203be37fdb51e732f934ae7dc8f6ad0

Request headers

Referer: https://top.gg/bot/679361555732627476
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 03 Jun 2020 16:39:52 GMT
Server: RAS 2.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://top.gg
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Type: application/json
Keep-Alive: timeout=5, max=427
Content-Length: 259
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 4915 0
136 B 16ms
16ms XHR
text/plain 178.250.2.152
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=26&wv=3.15.0&cb=78495502940
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.152 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.am5.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://top.gg/bot/679361555732627476
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Wed, 03 Jun 2020 16:39:51 GMT
access-control-allow-credentials: true
server: Finatra
access-control-allow-origin: https://top.gg
timing-allow-origin: *
vary: Origin

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 14 KB
8 KB 454ms
454ms XHR
text/plain 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=416292191534670&correlator=3780430859975736&output=ldjh&impl=fifs&adsid=NT&eid=21066211&vrg=2020060102&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200603&iu_parts=21726375739%2CVM_5b608a2046e0fb0001330d9b&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&prev_scp=hb_pb%3D0.01%26hb_adid%3D5b608e9746e0fb0001318a60-0%26hb_iv%3D1%26sv%3D1%26re_ve%3D4392396-1%26mo%3Dscan%26ac_id%3D5b60894f46e0fb0001baabb9%26si_id%3D5b608a2046e0fb0001330d9b%26pl_id%3D5b608e9746e0fb0001318a60%26co%3DNL%26is_mo%3Dfalse%26br_nm%3Dchrome%26de_ty%3Ddesktop%26os_nm%3Dmac%2520os%26is_ta%3Dtrue%26is_vi%3Dtrue%26is_if%3Dtrue%26pa_ty%3Dshare%26fi%3D0%26pa_fl%3D0%26lo_in%3D1%26gd_en%3Dtrue%26ta_si%3D728x90%26rt_sh%3D0.8%26di_sh%3D0.7&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1591202393&dt=1591202393578&dlt=1591202386321&idt=1058&frm=20&biw=1600&bih=1200&oid=3&adxs=436&adys=135&adks=1789975092&ucis=1&ifi=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Ftop.gg%2Fbot%2F679361555732627476&ref=http%3A%2F%2Fcardboard.glitch.me%2F&dssz=26&icsg=41945738&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x90&msz=1600x90&ga_vid=1127924168.1591202387&ga_sid=1591202387&ga_hid=1472232805&fws=4&ohw=1600

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060102.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

9fb98831a4fa390fd1bdedb7e453fb65b5ba662aad130feac49ea0abda36148f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://top.gg/bot/679361555732627476
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Jun 2020 16:39:54 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8478
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://top.gg
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
1f73a996fc1e0c2328f93429f4387125.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 0
0 50ms
15ms Other
text/html 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://1f73a996fc1e0c2328f93429f4387125.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://top.gg/bot/679361555732627476
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 0
0 6ms
6ms Other
text/html 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://top.gg/bot/679361555732627476
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 14 KB
9 KB 333ms
333ms XHR
text/plain 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=416292191534670&correlator=1697034817967214&output=ldjh&impl=fifs&adsid=NT&eid=21066211&vrg=2020060102&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200603&iu_parts=21726375739%2CVM_5b608a2046e0fb0001330d9b&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&prev_scp=hb_pb%3D0.01%26hb_adid%3D5b608e8946e0fb0001baabbd-1%26hb_iv%3D1%26sv%3D1%26re_ve%3D4392396-1%26mo%3Dscan%26ac_id%3D5b60894f46e0fb0001baabb9%26si_id%3D5b608a2046e0fb0001330d9b%26pl_id%3D5b608e8946e0fb0001baabbd%26co%3DNL%26is_mo%3Dfalse%26br_nm%3Dchrome%26de_ty%3Ddesktop%26os_nm%3Dmac%2520os%26is_ta%3Dtrue%26is_vi%3Dtrue%26is_if%3Dtrue%26pa_ty%3Dshare%26fi%3D0%26pa_fl%3D0%26lo_in%3D1%26gd_en%3Dtrue%26ta_si%3D300x250%26rt_sh%3D0.8%26di_sh%3D0.7&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1591202393&dt=1591202393601&dlt=1591202386321&idt=1058&frm=20&biw=1600&bih=1200&oid=3&adxs=926&adys=296&adks=1630650846&ucis=2&ifi=2&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Ftop.gg%2Fbot%2F679361555732627476&ref=http%3A%2F%2Fcardboard.glitch.me%2F&dssz=26&icsg=41945738&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=455x291&msz=431x250&ga_vid=1127924168.1591202387&ga_sid=1591202387&ga_hid=1472232805&fws=4&ohw=1600

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060102.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

41ee2aa46231a7f4579636afad3cdfc5da3ee8c5d74e84c88103a8aa2832f4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://top.gg/bot/679361555732627476
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Jun 2020 16:39:53 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8412
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://top.gg
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 14 KB
8 KB 389ms
389ms XHR
text/plain 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=416292191534670&correlator=1107564000452013&output=ldjh&impl=fifs&adsid=NT&eid=21066211&vrg=2020060102&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200603&iu_parts=21726375739%2CVM_5b608a2046e0fb0001330d9b&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&prev_scp=hb_pb%3D0.01%26hb_adid%3D5b608e9746e0fb0001318a60-2%26hb_iv%3D1%26sv%3D1%26re_ve%3D4392396-1%26mo%3Dscan%26ac_id%3D5b60894f46e0fb0001baabb9%26si_id%3D5b608a2046e0fb0001330d9b%26pl_id%3D5b608e9746e0fb0001318a60%26co%3DNL%26is_mo%3Dfalse%26br_nm%3Dchrome%26de_ty%3Ddesktop%26os_nm%3Dmac%2520os%26is_ta%3Dtrue%26is_vi%3Dtrue%26is_if%3Dtrue%26pa_ty%3Dshare%26fi%3D0%26pa_fl%3D0%26lo_in%3D1%26gd_en%3Dtrue%26ta_si%3D728x90%26rt_sh%3D0.8%26di_sh%3D0.7&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1591202393&dt=1591202393611&dlt=1591202386321&idt=1058&frm=20&biw=1600&bih=1200&oid=3&adxs=148&adys=791&adks=1789975094&ucis=3&ifi=3&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Ftop.gg%2Fbot%2F679361555732627476&ref=http%3A%2F%2Fcardboard.glitch.me%2F&dssz=26&icsg=41945738&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1304x90&msz=1304x90&ga_vid=1127924168.1591202387&ga_sid=1591202387&ga_hid=1472232805&fws=4&ohw=1600

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060102.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

b3dbad8348dea507ea60afa2506c98a208c18ea485f2359045005c2162dfef6f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://top.gg/bot/679361555732627476
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Jun 2020 16:39:53 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8478
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://top.gg
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 track Show response
track.venatusmedia.com/dual/ Frame 4915 16 B
157 B 32ms
32ms XHR
application/json 34.250.167.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.venatusmedia.com/dual/track
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.250.167.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-250-167-59.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Request headers

Referer: https://top.gg/bot/679361555732627476
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

status: 200
date: Wed, 03 Jun 2020 16:39:53 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://top.gg
content-length: 16
vary: Origin
content-type: application/json

GET ads
securepubads.g.doubleclick.net/gampad/ 0
0

GET
H2 200 container.html
1f73a996fc1e0c2328f93429f4387125.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame ABBF 0
0 8ms
7ms Document
text/html 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://1f73a996fc1e0c2328f93429f4387125.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Requested by

Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 1f73a996fc1e0c2328f93429f4387125.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-37/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://top.gg/bot/679361555732627476
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://top.gg/bot/679361555732627476

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
timing-allow-origin: *
content-length: 2973
date: Wed, 03 Jun 2020 16:39:53 GMT
expires: Thu, 03 Jun 2021 16:39:53 GMT
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 container.html
1f73a996fc1e0c2328f93429f4387125.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame CB21 0
0 7ms
6ms Document
text/html 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://1f73a996fc1e0c2328f93429f4387125.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Requested by

Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 1f73a996fc1e0c2328f93429f4387125.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-37/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://top.gg/bot/679361555732627476
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://top.gg/bot/679361555732627476

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
timing-allow-origin: *
content-length: 2973
date: Wed, 03 Jun 2020 16:39:53 GMT
expires: Thu, 03 Jun 2021 16:39:53 GMT
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 container.html
1f73a996fc1e0c2328f93429f4387125.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame BC22 0
0 7ms
6ms Document
text/html 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://1f73a996fc1e0c2328f93429f4387125.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Requested by

Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 1f73a996fc1e0c2328f93429f4387125.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-37/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://top.gg/bot/679361555732627476
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://top.gg/bot/679361555732627476

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
timing-allow-origin: *
content-length: 2973
date: Wed, 03 Jun 2020 16:39:53 GMT
expires: Thu, 03 Jun 2021 16:39:53 GMT
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=416292191534670&correlator=1874980571428432&output=ldjh&impl=fifs&adsid=NT&eid=21066211&vrg=2020060102&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200603&iu_parts=21726375739%2CVM_5b608a2046e0fb0001330d9b&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C970x90&prev_scp=hb_pb%3D0.01%26hb_adid%3D5d5561e494fc8910b6354ecc-1000%26hb_iv%3D1%26sv%3D1%26re_ve%3D4392396-1%26mo%3Dscan%26ac_id%3D5b60894f46e0fb0001baabb9%26si_id%3D5b608a2046e0fb0001330d9b%26pl_id%3D5d5561e494fc8910b6354ecc%26co%3DNL%26is_mo%3Dfalse%26br_nm%3Dchrome%26de_ty%3Ddesktop%26os_nm%3Dmac%2520os%26is_ta%3Dtrue%26is_vi%3Dtrue%26is_if%3Dtrue%26pa_ty%3Dshare%26fi%3D0%26pa_fl%3D0%26lo_in%3D1%26gd_en%3Dtrue%26ta_si%3D728x90%26rt_sh%3D0.8%26di_sh%3D0.7%26st_ty%3Dhorb&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1591202393&dt=1591202393887&dlt=1591202386321&idt=1058&frm=20&biw=1600&bih=1200&oid=3&adxs=-12245933&adys=-12245933&adks=1466599381&ucis=4&ifi=4&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Ftop.gg%2Fbot%2F679361555732627476&ref=http%3A%2F%2Fcardboard.glitch.me%2F&dssz=26&icsg=41945738&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&ga_vid=1127924168.1591202387&ga_sid=1591202387&ga_hid=1472232805&fws=644&ohw=1600

Verdicts & Comments Add Verdict or Comment

79 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.top.gg/	1970-01-19 18:45:38	Name: _ym_d Value: 1591202387
.top.gg/	1970-01-19 12:09:38	Name: _fbp Value: fb.1.1591202387017.480452470
.top.gg/	1970-01-19 10:01:14	Name: _ym_isad Value: 2
.top.gg/	1970-01-19 18:45:38	Name: _ym_uid Value: 1591202387485560694
.top.gg/	1970-01-19 10:00:02	Name: _gat Value: 1
.top.gg/	1970-01-19 10:01:28	Name: _gid Value: GA1.2.642903524.1591202387
.top.gg/	1970-01-20 03:31:14	Name: _ga Value: GA1.2.1127924168.1591202387
.doubleclick.net/	1970-01-19 10:00:03	Name: test_cookie Value: CheckForPermission
.top.gg/	1970-01-19 10:43:14	Name: __cfduid Value: dd00051f1d90c7aeb3e80fb1e62abc2711591202386

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://cdn.thisiswaldo.com/static/js/3820.js(Line 1) Message: Bad request
console-api	log	URL: https://top.gg/bot/679361555732627476(Line 560) Message: GA Loaded
console-api	log	URL: https://hb.vntsm.com/v3/live/ad-manager.min.js(Line 35) Message: load func

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1f73a996fc1e0c2328f93429f4387125.safeframe.googlesyndication.com
ads.yieldmo.com
adservice.google.com
adservice.google.de
ap.lijit.com
as-sec.casalemedia.com
bidder.criteo.com
cardboard.glitch.me
cdn.thisiswaldo.com
cdnjs.cloudflare.com
clicksminuteper.github.io
connect.facebook.net
d1oykxszdrgjgl.cloudfront.net
dw7nrwnn2bkh1.cloudfront.net
fastlane.rubiconproject.com
googleads.g.doubleclick.net
hb-api.omnitagjs.com
hb.vntsm.com
hbopenbid.pubmatic.com
i.clean.gg
ib.adnxs.com
images.discordapp.net
mc.yandex.ru
pagead2.googlesyndication.com
sb.scorecardresearch.com
secure-us.imrworldwide.com
securepubads.g.doubleclick.net
stats.g.doubleclick.net
tlx.3lift.com
top.gg
tpc.googlesyndication.com
track.venatusmedia.com
vendorlist.consensu.org
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagservices.com
securepubads.g.doubleclick.net
151.139.128.11
162.159.130.232
172.217.16.130
178.250.2.152
185.199.109.153
185.255.84.151
185.64.189.112
2.16.105.213
216.52.2.48
2600:9000:2182:1e00:1:af78:4c0:93a1
2600:9000:2182:3200:0:1651:6140:21
2600:9000:2182:d600:4:164e:ca00:93a1
2600:9000:2190:7a00:6:266a:9940:21
2606:4700::6810:84e5
2606:4700::6810:ad38
2a00:1450:4001:809::2002
2a00:1450:4001:814::2001
2a00:1450:4001:81b::2001
2a00:1450:4001:81b::200e
2a00:1450:4001:81f::2004
2a00:1450:4001:825::2002
2a00:1450:4001:825::2003
2a00:1450:400c:c00::9d
2a02:6b8::1:119
2a03:2880:f046:f:face:b00c:0:3
2a03:2880:f146:82:face:b00c:0:25de
3.127.120.24
34.250.167.59
34.95.69.49
37.252.172.250
52.209.94.187
52.3.101.162
54.76.182.86
69.173.144.140
72.247.225.98
014aaf6b67fe0320992f3c7662f9b0cca42e43e6a39ad1f8d55337b126680069
016abb8f9d8ddc950fd1ac7301fd889269908826ccc9188d12080bc81a17f61a
03a347e6a1369d587a58ea526e27dd04de3f7af1d3727577d0367f406db2bc55
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
0b433c0f8b949b33e1296f58020be5649d9e85d60ef6f3f2df2dae37c3c34ba4
0e5fa5d50b6896b935bbbf15ade60402c9f4d2658436cf9635ebcb5c9e94bbe3
0f063ccb09239c54b0557824cfe33d13b7a64ae48af102d02ae68c94a09eb337
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
10e876ca5c8e137704d63fdb7271870b2a58f9209caecea6f4f5f078b4bd80ec
2154214b3df0625c56ce6bd139f3add7a0c8eec19899d5c319f2dc0010e88bad
23f8fdf4a2e9f46c0097ff52b1527527b723e1ba35228900457602268380c468
246e2041d916a23d05ba0a0f17deb24c0b797e3557f9f7ea59f695a2d3e92444
26ab1f3d53089825fd05700e5518ee60a7ff1290d07fbb4ad5b07b4ac4953685
2954e96a0969861ddfa5282a961e32eb5d7a3e52367676d105382099f69f00a0
2a683adc51666167d40767eff12d21529572c04b6c447c2c8cd25fb6939011c6
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2e5e19f265f9fb4a46c9b5c8112e89f188d4654045710b097d2d34c1b5dd6c6f
2e8a5d5e8aec3f59a4591e5cbb1ee9240655b46282b0fad455f01dbc9d6f071b
2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac
383d0f5336e45ea05ac03725c0ec5ab38a02cb1173f825e607b3a5c755d9f59f
41ee2aa46231a7f4579636afad3cdfc5da3ee8c5d74e84c88103a8aa2832f4e5
4cb61e44bf63a9e090e666898cd04d382e4c33b55b62cc5e9ff7dab055fbf787
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5712a53776686fef9a8dc555dac2809e820427e43bf2ca0766a5d81e11fea285
59b75f1fc71877b8bf4e2555cc4e3808d8a6e85f4444bebab892ad7c369dc4b1
5d8edd3ed4fb5886041f0b87a376a55473fdbc1ffc9bff08f4e3ee715a88fddf
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3
646bcfa60237ff1a8c00340210079be9dc02a20e5ab0616302d753e544a33980
67ea5bfd248862be7c2eddf5175a77b20c20a859bf453ba43d11b06e086e7281
6916f29111d92d1b90729c4e207b8f0a766ed1052301808e61ca8b83e994c1ba
6b66ddc95b6900db0e932deed2b097f047606d3dc2cc5c54fe006f14767f15bd
6d526a9c97ceda7887728ee58666cb429203be37fdb51e732f934ae7dc8f6ad0
878f12637214c8a9ba776b5f7b60d2f18189de94df8b74550d887293bf6d9ffb
95018f9a8b5082e043203868cc97724763e166fe34cc7d0624bffd7219f22134
99115cf1c9f8653a2413bb0549eaecd878124d4a3ea4026d9268d850965489a2
999b8d754368d546a94f10701beb184fc2050111e51f2d5650f0eb0f66be78e7
9a3d4cd1ada309f3b6a0f59e29999c98e758d6130bf2c80597d4c3e017e531a7
9a6a8721f1be20e632c8b3c63b55f3464dbed2dd411eab7793175960e8b21d27
9fb98831a4fa390fd1bdedb7e453fb65b5ba662aad130feac49ea0abda36148f
a1d8f20f5186f2f4948dbe549be3f6112d495cd7989790ea0736619eb9ad4024
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6
b3dbad8348dea507ea60afa2506c98a208c18ea485f2359045005c2162dfef6f
b52f6b6011741e76cefa2be41164bbc9b33bba334b9ad15b03abad37b609d983
be40baa5b8d64327409f5f04004bbb9a47367764a399ba49360c5feb7bc6896d
c07b080455e4aa0b120a1ac673717385841ea07693f0cd4f30b5a1cc03b68271
c757b4ebd129ae8db2350a3caa1462c7934599f983c085e059cc6511e332a86c
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
d026afae1a30ff2c1762d2b5de872c1f5af8179538f5dc1283826d9ad66803ed
d26e83df9869c2a0a261f5b74d75f0e58177f1aebcedf825362b128452863396
d3573a4eac212c2acff3d06629135a3b96d8a373b4f92779733d8926f411b818
de900a6d1f0f1c44104ecf357a37b3c6f086779f4d66977b40fb77ef00af692b
e2e0c223601a6a31d42d9a85152169a457938127b07446d26d9e10ddf6084969
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed6fdcffc8ab6e5fcaece97aabd5e5375ea4b4c60bf969c793121189cbbeede1
ee887e32114088bbf4428bd544a6ed0ed5fd00d490dc8d5ec1868d736ac0b894
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5708305d549c31b8ac716a868b284307a767e5e1b86587abffa7af441432851
f79c96abe383edddfa73485561d5953a526ae5fb43c7c589fe67dab1e80ddd46
f8cbe005800c027707eba92c1101ee508969db7cdb8de5d1efd1a81635cd926e

top.gg Open in urlscan Pro 2606:4700::6810:ad38 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

80 Requests

96 %HTTPS

49 %IPv6

31 Domains

38 Subdomains

34 IPs

9 Countries

1264 kBTransfer

3738 kBSize

9 Cookies

8 Outgoing links

Page URL History

Redirected requests

80 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

top.gg Open in urlscan Pro
2606:4700::6810:ad38 Public Scan

Screenshot
Live screenshot

Full Image

80
Requests

96 %
HTTPS

49 %
IPv6

31
Domains

38
Subdomains

34
IPs

9
Countries

1264 kB
Transfer

3738 kB
Size

9
Cookies

80 HTTP transactions
2 data transactions