wtycoon.minigame.vip Open in urlscan Pro
104.18.3.128 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://wtycoon.minigame.vip/
Submission: On January 11 via api (January 11th 2024, 7:00:49 pm UTC) from US — Scanned from US

Summary HTTP 76 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 14 IPs in 2 countries across 10 domains to perform 76 HTTP transactions. The main IP is 104.18.3.128, located in and belongs to CLOUDFLARENET, US. The main domain is wtycoon.minigame.vip.
TLS certificate: Issued by RapidSSL Global TLS RSA4096 SHA256 20... on January 8th 2024. Valid for: a year.

This is the only time wtycoon.minigame.vip was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
10	104.18.3.128 104.18.3.128	13335 (CLOUDFLAR...) (CLOUDFLARENET)
15	142.251.40.226 142.251.40.226	15169 (GOOGLE) (GOOGLE)
1 5	142.250.80.98 142.250.80.98	15169 (GOOGLE) (GOOGLE)
14	142.251.41.14 142.251.41.14	15169 (GOOGLE) (GOOGLE)
3	142.250.176.202 142.250.176.202	15169 (GOOGLE) (GOOGLE)
6	142.250.80.99 142.250.80.99	15169 (GOOGLE) (GOOGLE)
15	142.250.81.225 142.250.81.225	15169 (GOOGLE) (GOOGLE)
2	142.251.42.35 142.251.42.35	15169 (GOOGLE) (GOOGLE)
1	142.251.40.206 142.251.40.206	15169 (GOOGLE) (GOOGLE)
1	172.217.135.71 172.217.135.71	15169 (GOOGLE) (GOOGLE)
2	142.250.80.35 142.250.80.35	15169 (GOOGLE) (GOOGLE)
2	142.250.80.34 142.250.80.34	15169 (GOOGLE) (GOOGLE)
1	142.251.35.164 142.251.35.164	15169 (GOOGLE) (GOOGLE)
76	14

10 104.18.3.128 (None, )

ASN13335 (CLOUDFLARENET, US)

wtycoon.minigame.vip	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
res.minigame.vip	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 142.251.40.226 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s39-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.80.98 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: lga34s36-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 142.251.41.14 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s40-in-f14.1e100.net

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.176.202 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s37-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.80.99 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s36-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 142.250.81.225 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s74-in-f1.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.42.35 (United States)

ASN15169 (GOOGLE, US)
PTR: bom12s20-in-f3.1e100.net

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.40.206 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s38-in-f14.1e100.net

i1.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.135.71 (United States)

ASN15169 (GOOGLE, US)
PTR: iad23s95-in-f7.1e100.net

rr2---sn-p5qlsny6.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.80.35 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s34-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.80.34 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s34-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.35.164 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s78-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 140 tpc.googlesyndication.com — Cisco Umbrella Rank: 185	476 KB
15	google.com fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1187 www.google.com — Cisco Umbrella Rank: 6	71 KB
10	gstatic.com www.gstatic.com csi.gstatic.com fonts.gstatic.com	131 KB
10	minigame.vip wtycoon.minigame.vip res.minigame.vip — Cisco Umbrella Rank: 122711	374 KB
5	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 68	109 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 115	3 KB
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 173
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 271	130 KB
1	googlevideo.com rr2---sn-p5qlsny6.googlevideo.com — Cisco Umbrella Rank: 38522	774 KB
1	ytimg.com i1.ytimg.com — Cisco Umbrella Rank: 2361	11 KB
76	10

	Domain	Requested by
15	tpc.googlesyndication.com	wtycoon.minigame.vip googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
14	fundingchoicesmessages.google.com	pagead2.googlesyndication.com wtycoon.minigame.vip
13	pagead2.googlesyndication.com	wtycoon.minigame.vip pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
6	www.gstatic.com	wtycoon.minigame.vip googleads.g.doubleclick.net
6	wtycoon.minigame.vip	wtycoon.minigame.vip
5	googleads.g.doubleclick.net	1 redirects pagead2.googlesyndication.com
4	res.minigame.vip	wtycoon.minigame.vip
3	fonts.googleapis.com	googleads.g.doubleclick.net wtycoon.minigame.vip
2	www.googleadservices.com	wtycoon.minigame.vip
2	fonts.gstatic.com	fonts.googleapis.com
2	csi.gstatic.com	www.gstatic.com
2	www.googletagservices.com	wtycoon.minigame.vip googleads.g.doubleclick.net
1	www.google.com	tpc.googlesyndication.com
1	rr2---sn-p5qlsny6.googlevideo.com	googleads.g.doubleclick.net
1	i1.ytimg.com	googleads.g.doubleclick.net
76	15

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
play.google.com
www.minigame.vip
about.minigame.vip

Subject Issuer	Validity	Valid
*.minigame.vip RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2024-01-08` - `2025-02-06`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.c.docs.google.com GTS CA 1C3	`2024-01-02` - `2024-03-12`	2 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh

This page contains 10 frames:

Primary Page: https://wtycoon.minigame.vip/
Frame ID: 97C42E4BDFB8984252984118C9CEF298
Requests: 33 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20190131/zrt_lookup_nohtml_fy2021.html?hello=world
Frame ID: 610E4E9269E85B6145752F991DC4A8ED
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3962242587190395&output=html&adk=1812271804&adf=1573534164&lmt=1704698144&plaf=1%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x810_l%7C500x810_r&format=0x0&url=https%3A%2F%2Fwtycoon.minigame.vip%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704999642773&bpp=4&bdt=131&idt=200&shv=r20240109&mjsv=m202401020101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3881577581502&frm=20&pv=2&ga_vid=2057024283.1704999643&ga_sid=1704999643&ga_hid=1068603364&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320239%2C31079438%2C31080263%2C42532599%2C44809005%2C44809531%2C95320868%2C95320888&oid=2&pvsid=3995175955020067&tmod=746563122&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=221
Frame ID: 7B9D5D7C788369D7559B2D0D673424DE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3962242587190395&output=html&h=280&adk=1290130597&adf=3025194257&w=1200&fwrn=4&fwrnh=100&lmt=1704698144&rafmt=1&format=1200x280&url=https%3A%2F%2Fwtycoon.minigame.vip%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704999642777&bpp=2&bdt=135&idt=225&shv=r20240109&mjsv=m202401020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3881577581502&frm=20&pv=1&ga_vid=2057024283.1704999643&ga_sid=1704999643&ga_hid=1068603364&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320239%2C31079438%2C31080263%2C42532599%2C44809005%2C44809531%2C95320868%2C95320888&oid=2&pvsid=3995175955020067&tmod=746563122&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=231
Frame ID: 6B4ACEE303EE3F0816D8B6ABE379002D
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1
Frame ID: F52FA033ED9D213165467C9E156248F7
Requests: 6 HTTP requests in this frame

Frame: https://www.gstatic.com/mysidia/4b0ef9dfa83525e0607f42119c034d23.js?tag=client_fast_engine_2019
Frame ID: E8EAFD59EF71E61F37D931CE66315566
Requests: 13 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/CsDssBYGUYU3wQ4v_Nbag4c_M5htIHGtZ2tYNmCPRTQ.js
Frame ID: BE2394D28C519B6FB54A24F16E996D5E
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/CsDssBYGUYU3wQ4v_Nbag4c_M5htIHGtZ2tYNmCPRTQ.js
Frame ID: C66D4AD3F733D534909A20CD540C1CEB
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B6A4E25D390FD925E4634C3997B860F6
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B8C0D8EAD4994AA8FA892C91393D867F
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Play Minigame and Have Fun

Detected technologies

Handlebars (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

handlebars(?:\.runtime)?(?:-v([\d.]+?))?(?:\.min)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Page Statistics

76
Requests

99 %
HTTPS

0 %
IPv6

10
Domains

15
Subdomains

14
IPs

2
Countries

2079 kB
Transfer

3834 kB
Size

5
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/Minigamevip-109189840518002
Title: Facebook Page

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/developer?id=MiniGame.vip
Title: Google Play

Search URL Search Domain Scan URL

URL: https://www.minigame.vip/
Title: https://www.minigame.vip

Search URL Search Domain Scan URL

URL: https://about.minigame.vip/
Title: About

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 59

https://googleads.g.doubleclick.net/pagead/adview?ai=CYS1-2zqgZZ2-AsSdxtYPvMOYmA2PsLWIdZrGyYfVD5qUm6roDhABIPSV-ooBYMmumY3spIAQoAHQ4rO8AcgBCagDAcgDywSqBNIBT9CHGrGdHcskajAZgxp2htOZtFHqwCp7ODdEpV6VvPNPc2A1pt7KYwPu1UbykmoDgOesXBvd7f29SKrn1F__6-2OrxPEEuw2dxa4u5cbUTVUyrLojNsvvdrloi1T0KjXPp4gQYxNRvjt0XKPAVZl25P-edmOi1UOSaKNmiFoaDiQaXywDmQb6aUjEKeAyC-Nw8_HokAFlxs7ZDt9ppOSCnUEQvbKEJDcFzRkqq0iNEWjJRM6xMVZK5_6jyJLdMpsy0JExAdFWqN2HJ-s1BSNO-J7wATerO287gOIBfffxKE9kgUECAQYAZIFBAgFGASgBi6AB5idzMMCqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwUQ6Z2TAtIIHwiAYRABGB8yAooCOgSAQIBASL39wTpY1_vC0ILWgwOaCRhodHRwczovL3NlYXJjaC55YWhvby5jb22ACgHICwHaDBEKCxDAsdft7OXP9cwBEgIBA7gT5APYEwyIFAHQFQGYFgGAFwGyFxwKGggAEhRwdWItMzk2MjI0MjU4NzE5MDM5NRgA&sigh=AcXto41aiaU&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTgAvHhf_cJdEEn3ojDI3a_5srgPvcMxd2Up6oMfeRrtRFHqjzdcTCK12wfxy7bKm1NL-GJe7be99liyQ3zdpJw_eyTGLBTtL8Y5yKG1BbBgB&template_id=484&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xc17336bf860103930000000000000000%22,%222%22:%220xa7589279ba193630000000000000000%22,%223%22:%220x654aa44e0f3a06830000000000000000%22,%224%22:%220xed63273f6a113cab0000000000000000%22,%225%22:%220xaeca84165e2de77b0000000000000000%22},%22debug_key%22:%221168038512619104598%22,%22debug_reporting%22:true,%22destination%22:%22https://yahoo.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22395112784%22],%2222%22:[%22true%22],%224%22:[%2201-11%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2215797477912597816769%22}&andc=true

76 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
wtycoon.minigame.vip/ 142 KB
22 KB 320ms
31ms Document
text/html 104.18.3.128
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wtycoon.minigame.vip/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.3.128 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 224581d4b4756eae254d42cc58abdea0bc79c90bc67649afcd0f56884732d2d1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 289541
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 843f67764cb65908-IAD
content-encoding: br
content-md5: 39PafUvOFAfvUs2HdTc/wA==
content-type: text/html; charset=utf-8
date: Thu, 11 Jan 2024 19:00:42 GMT
expires: Thu, 11 Jan 2024 20:00:42 GMT
last-modified: Mon, 08 Jan 2024 07:15:44 GMT
server: cloudflare
vary: Accept-Encoding
x-oss-hash-crc64ecma: 16528004209263536916
x-oss-object-type: Normal
x-oss-request-id: 659BCFD5AA0DCC3235E347A4
x-oss-server-time: 5
x-oss-storage-class: Standard

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 148 KB
51 KB 88ms
45ms Script
text/javascript 142.251.40.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3962242587190395

Requested by

Host: wtycoon.minigame.vip
URL: https://wtycoon.minigame.vip/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f2.1e100.net

Software

cafe /

Resource Hash

52a0dcd4144af6b27373a4f6362d4678656b6e161655f3f7d22113cfb40a8898

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wtycoon.minigame.vip/
Origin: https://wtycoon.minigame.vip
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 19:00:42 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51446
x-xss-protection: 0
server: cafe
etag: 11286251171981696910
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Thu, 11 Jan 2024 19:00:42 GMT

GET
H2 200 handlebars.runtime.min.js Show response
wtycoon.minigame.vip/static/lib/handlebars/ 20 KB
7 KB 23ms
21ms Script
application/javascript 104.18.3.128
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wtycoon.minigame.vip/static/lib/handlebars/handlebars.runtime.min.js
Requested by: Host: wtycoon.minigame.vip
URL: https://wtycoon.minigame.vip/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.3.128 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e7d4f2087bafa41335f248a267683d382489057856bb3c66465be2220964d749

Request headers

accept-language: en-US,en;q=0.9
Referer: https://wtycoon.minigame.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 19:00:42 GMT
content-encoding: br
x-oss-request-id: 659BD9DE87C3E83533A9BAC2
cf-cache-status: HIT
content-md5: X2z1BWNKJrnwIuSjST/VMg==
age: 286972
alt-svc: h3=":443"; ma=86400
x-oss-object-type: Normal
last-modified: Thu, 28 Dec 2023 06:09:12 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600
x-oss-storage-class: Standard
cf-ray: 843f67769d075908-IAD
x-oss-hash-crc64ecma: 2534428391629716180
x-oss-server-time: 4
expires: Thu, 11 Jan 2024 20:00:42 GMT

GET
H3 200 gamebox.precompiled.min.js Show response
wtycoon.minigame.vip/static/scripts/ 13 KB
2 KB 29ms
27ms Script
application/javascript 104.18.3.128
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wtycoon.minigame.vip/static/scripts/gamebox.precompiled.min.js
Requested by: Host: wtycoon.minigame.vip
URL: https://wtycoon.minigame.vip/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.3.128 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f474329659302bd1c84413b3df3c1116c0543de959f2bdd0df76d9c3afdc10a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://wtycoon.minigame.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 19:00:42 GMT
content-encoding: br
x-oss-request-id: 659C0FD4E69BAC32350471AD
cf-cache-status: HIT
content-md5: DUlCu6XmAp03xGnNTbmPsg==
age: 273158
alt-svc: h3=":443"; ma=86400
x-oss-object-type: Normal
last-modified: Thu, 28 Dec 2023 06:09:12 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600
x-oss-storage-class: Standard
cf-ray: 843f6776db112090-IAD
x-oss-hash-crc64ecma: 13727359308223823417
x-oss-server-time: 6
expires: Thu, 11 Jan 2024 20:00:42 GMT

GET
H2 200 logo.png
wtycoon.minigame.vip/static/images/ 14 KB
14 KB 18ms
17ms Image
image/png 104.18.3.128
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wtycoon.minigame.vip/static/images/logo.png
Requested by: Host: wtycoon.minigame.vip
URL: https://wtycoon.minigame.vip/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.3.128 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4bc803e447f49e61597a4c90d248dcb7098817333def46729b401a1d5df4e741

Request headers

accept-language: en-US,en;q=0.9
Referer: https://wtycoon.minigame.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 19:00:42 GMT
x-oss-request-id: 659BD9DE18BC1F3036B98C09
cf-cache-status: HIT
content-md5: i+AzHroWkZ5wqNgpa9JPcw==
age: 286972
cf-polished: origSize=16270
alt-svc: h3=":443"; ma=86400
content-length: 14395
x-oss-object-type: Normal
cf-bgj: imgq:100,h2pri
last-modified: Thu, 28 Dec 2023 06:09:12 GMT
server: cloudflare
etag: "8BE0331EBA16919E70A8D8296BD24F73"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=3600
x-oss-storage-class: Standard
accept-ranges: bytes
cf-ray: 843f67769d025908-IAD
x-oss-hash-crc64ecma: 6350996011986990953
x-oss-server-time: 6
expires: Thu, 11 Jan 2024 20:00:42 GMT

GET
H2 200 email-decode.min.js Show response
wtycoon.minigame.vip/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
851 B 11ms
10ms Script
application/javascript 104.18.3.128
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wtycoon.minigame.vip/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: wtycoon.minigame.vip
URL: https://wtycoon.minigame.vip/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.3.128 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://wtycoon.minigame.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 19:00:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 27 Dec 2023 10:36:07 GMT
server: cloudflare
etag: W/"658bfe17-4d7"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 843f67769d055908-IAD
expires: Sat, 13 Jan 2024 19:00:42 GMT

GET
H3 200 lazy-img.png
wtycoon.minigame.vip/static/images/ 20 KB
20 KB 19ms
19ms Image
image/png 104.18.3.128
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wtycoon.minigame.vip/static/images/lazy-img.png
Requested by: Host: wtycoon.minigame.vip
URL: https://wtycoon.minigame.vip/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.3.128 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4d30d9a500c3b6166184038d730883c4f8111383bdc3e03a24e7100d3d98dc0c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://wtycoon.minigame.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 19:00:42 GMT
x-oss-request-id: 659BFBCEF3C1973035FBAC47
cf-cache-status: HIT
content-md5: GLJ93Vr492O9Jj9Xpbuvpw==
age: 278284
cf-polished: origSize=25970
alt-svc: h3=":443"; ma=86400
content-length: 20081
x-oss-object-type: Normal
cf-bgj: imgq:100,h2pri
last-modified: Thu, 28 Dec 2023 06:09:12 GMT
server: cloudflare
etag: "18B27DDD5AF8F763BD263F57A5BBAFA7"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=3600
x-oss-storage-class: Standard
accept-ranges: bytes
cf-ray: 843f67772b742090-IAD
x-oss-hash-crc64ecma: 8113879449524815603
x-oss-server-time: 5
expires: Thu, 11 Jan 2024 20:00:42 GMT

GET
H2 200 rope-king_banner.png
res.minigame.vip/gc-assets/rope-king/ 39 KB
39 KB 536ms
39ms Image
image/png 104.18.3.128
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://res.minigame.vip/gc-assets/rope-king/rope-king_banner.png
Requested by: Host: wtycoon.minigame.vip
URL: https://wtycoon.minigame.vip/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.3.128 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 99970406c12b6fa22843306b60cda77a0fbcd82d9e8cd98dc616e49d5ac51cff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://wtycoon.minigame.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 19:00:43 GMT
x-oss-request-id: 658BC628D5AF493732EEBC95
cf-cache-status: HIT
content-md5: Tl3FtwIjXMKneGT8TP/mCQ==
age: 130778
cf-polished: origSize=43537
alt-svc: h3=":443"; ma=86400
content-length: 40059
x-oss-object-type: Normal
cf-bgj: imgq:100,h2pri
last-modified: Wed, 13 Dec 2023 08:11:27 GMT
server: cloudflare
etag: "4E5DC5B702235CC2A77864FC4CFFE609"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=1382400
x-oss-storage-class: Standard
accept-ranges: bytes
cf-ray: 843f677a49525908-IAD
x-oss-hash-crc64ecma: 4474783333578689331
x-oss-server-time: 11
expires: Sat, 27 Jan 2024 19:00:43 GMT

GET
H2 200 fish-go-io_banner.png
res.minigame.vip/gc-assets/fish-go-io/ 96 KB
96 KB 515ms
19ms Image
image/png 104.18.3.128
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://res.minigame.vip/gc-assets/fish-go-io/fish-go-io_banner.png
Requested by: Host: wtycoon.minigame.vip
URL: https://wtycoon.minigame.vip/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.3.128 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 57b08f14d72bb1f3f67321e043dcfc3a245d31e72f5cc68b0b831c91f9532afa

Request headers

accept-language: en-US,en;q=0.9
Referer: https://wtycoon.minigame.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 19:00:43 GMT
x-oss-request-id: 658BC41428CBA431370A7AE0
cf-cache-status: HIT
content-md5: Iktxeq3nSLNiBQuCoNE1Ig==
age: 131516
cf-polished: origSize=101311
alt-svc: h3=":443"; ma=86400
content-length: 97833
x-oss-object-type: Normal
cf-bgj: imgq:100,h2pri
last-modified: Tue, 19 Dec 2023 09:22:41 GMT
server: cloudflare
etag: "224B717AADE748B362050B82A0D13522"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=1382400
x-oss-storage-class: Standard
accept-ranges: bytes
cf-ray: 843f677a49505908-IAD
x-oss-hash-crc64ecma: 11994825936391344531
x-oss-server-time: 5
expires: Sat, 27 Jan 2024 19:00:43 GMT

GET
H2 200 survival-raft_banner.png
res.minigame.vip/gc-assets/survival-raft/ 92 KB
93 KB 525ms
29ms Image
image/png 104.18.3.128
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://res.minigame.vip/gc-assets/survival-raft/survival-raft_banner.png
Requested by: Host: wtycoon.minigame.vip
URL: https://wtycoon.minigame.vip/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.3.128 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f2290d67ad6c11a5805d9e07b1bb7acfd033e5634bbb8f2c908465a9ca1f329c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://wtycoon.minigame.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 19:00:43 GMT
x-oss-request-id: 65786400C3E0A230321CCB37
cf-cache-status: HIT
content-md5: ILNXGAoi3qt9Yo4HmzYqfQ==
age: 191425
cf-polished: origSize=97991
alt-svc: h3=":443"; ma=86400
content-length: 94513
x-oss-object-type: Normal
cf-bgj: imgq:100,h2pri
last-modified: Wed, 06 Dec 2023 06:11:18 GMT
server: cloudflare
etag: "20B357180A22DEAB7D628E079B362A7D"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=1382400
x-oss-storage-class: Standard
accept-ranges: bytes
cf-ray: 843f677a494f5908-IAD
x-oss-hash-crc64ecma: 17037535498994923188
x-oss-server-time: 16
expires: Sat, 27 Jan 2024 19:00:43 GMT

GET
H2 200 boss-go-go_banner.png
res.minigame.vip/gc-assets/boss-go-go/ 79 KB
79 KB 531ms
35ms Image
image/png 104.18.3.128
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://res.minigame.vip/gc-assets/boss-go-go/boss-go-go_banner.png
Requested by: Host: wtycoon.minigame.vip
URL: https://wtycoon.minigame.vip/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.3.128 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 729b0a5590c68a75b733455a25e8697e254e0b7abba576b666d8ff2e07c55ad3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://wtycoon.minigame.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 19:00:43 GMT
x-oss-request-id: 658BD78A2ABDCB3534E86464
cf-cache-status: HIT
content-md5: 6V4PTbdo2QjvEwt0tczWIA==
age: 126406
cf-polished: origSize=84014
alt-svc: h3=":443"; ma=86400
content-length: 80536
x-oss-object-type: Normal
cf-bgj: imgq:100,h2pri
last-modified: Tue, 19 Dec 2023 09:44:09 GMT
server: cloudflare
etag: "E95E0F4DB768D908EF130B74B5CCD620"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=1382400
x-oss-storage-class: Standard
accept-ranges: bytes
cf-ray: 843f677a49535908-IAD
x-oss-hash-crc64ecma: 11806036815987439993
x-oss-server-time: 6
expires: Sat, 27 Jan 2024 19:00:43 GMT

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401020101/ 403 KB
136 KB 101ms
71ms Script
text/javascript 142.251.40.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401020101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3962242587190395

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f2.1e100.net

Software

cafe /

Resource Hash

1a56ac4a646735bb6c4f3c9bdb9fffd3cd442371ffd7d3aea737e94c20eb6e5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://wtycoon.minigame.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 19:00:42 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 139397
x-xss-protection: 0
server: cafe
etag: 10631431714402181318
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 Jan 2024 19:00:42 GMT

GET
H2 200 zrt_lookup_nohtml_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240109/r20190131/ Frame 610E 9 KB
4 KB 52ms
14ms Document
text/html 142.250.80.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240109/r20190131/zrt_lookup_nohtml_fy2021.html?hello=world

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3962242587190395

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f2.1e100.net

Software

cafe /

Resource Hash

df7a397b8ce58f6251a395e02608b4f620e934a958bdfe6702c6f2033593eed0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wtycoon.minigame.vip/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 10580
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4155
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 11 Jan 2024 16:04:22 GMT
etag: 5035419970550746386
expires: Thu, 25 Jan 2024 16:04:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7B9D 246 KB
60 KB 652ms
651ms Document
text/html 142.250.80.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3962242587190395&output=html&adk=1812271804&adf=1573534164&lmt=1704698144&plaf=1%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x810_l%7C500x810_r&format=0x0&url=https%3A%2F%2Fwtycoon.minigame.vip%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704999642773&bpp=4&bdt=131&idt=200&shv=r20240109&mjsv=m202401020101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3881577581502&frm=20&pv=2&ga_vid=2057024283.1704999643&ga_sid=1704999643&ga_hid=1068603364&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320239%2C31079438%2C31080263%2C42532599%2C44809005%2C44809531%2C95320868%2C95320888&oid=2&pvsid=3995175955020067&tmod=746563122&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=221

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401020101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f2.1e100.net

Software

cafe /

Resource Hash

bead379f69d00767e601c46e96f45ec7b97ca4fd79a5d6c3cf21945616cc28e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wtycoon.minigame.vip/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 61093
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 11 Jan 2024 19:00:43 GMT
expires: Thu, 11 Jan 2024 19:00:43 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6B4A 120 KB
40 KB 1361ms
1360ms Document
text/html 142.250.80.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3962242587190395&output=html&h=280&adk=1290130597&adf=3025194257&w=1200&fwrn=4&fwrnh=100&lmt=1704698144&rafmt=1&format=1200x280&url=https%3A%2F%2Fwtycoon.minigame.vip%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704999642777&bpp=2&bdt=135&idt=225&shv=r20240109&mjsv=m202401020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3881577581502&frm=20&pv=1&ga_vid=2057024283.1704999643&ga_sid=1704999643&ga_hid=1068603364&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320239%2C31079438%2C31080263%2C42532599%2C44809005%2C44809531%2C95320868%2C95320888&oid=2&pvsid=3995175955020067&tmod=746563122&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=231

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401020101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f2.1e100.net

Software

cafe /

Resource Hash

08ac4ca46e0d261241581b391d9844b381ddca8185ab62f99eb4402ce269433a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wtycoon.minigame.vip/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 40882
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 11 Jan 2024 19:00:44 GMT
expires: Thu, 11 Jan 2024 19:00:44 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401020101/ 161 KB
55 KB 70ms
69ms Script
text/javascript 142.251.40.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401020101/reactive_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401020101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f2.1e100.net

Software

cafe /

Resource Hash

e1312cb887be0ca55c2c1b2c10c99b520ab188d2622ec59bb27400bd2ce63b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://wtycoon.minigame.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 19:00:43 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56246
x-xss-protection: 0
server: cafe
etag: 15076789424696068990
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 Jan 2024 19:00:43 GMT

GET
H2 200 ca-pub-3962242587190395 Show response
fundingchoicesmessages.google.com/i/ 182 KB
61 KB 112ms
59ms Script
application/javascript 142.251.41.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-3962242587190395?ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401020101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.41.14 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f14.1e100.net

Software

ESF /

Resource Hash

48b8b7a25149872872d7b72c5993c511ba6cd252bbddb26e399701e493764c26

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-RrECDblw3bc7Guo6vCU-mA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://wtycoon.minigame.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 19:00:43 GMT
content-security-policy: script-src 'report-sample' 'nonce-RrECDblw3bc7Guo6vCU-mA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 slotcar_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401020101/ 93 KB
32 KB 44ms
44ms Script
text/javascript 142.251.40.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401020101/slotcar_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3962242587190395

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f2.1e100.net

Software

cafe /

Resource Hash

7f71cebc981ec97d2bc89d4d725296789babdf7ca04799ce05f969ffbbb231c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://wtycoon.minigame.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 19:00:43 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32959
x-xss-protection: 0
server: cafe
etag: 14135413581694636473
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 Jan 2024 19:00:43 GMT

GET
H3 200 zrt_lookup_nohtml_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/ Frame F52F 9 KB
4 KB 15ms
15ms Document
text/html 142.250.80.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401020101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f2.1e100.net

Software

cafe /

Resource Hash

df7a397b8ce58f6251a395e02608b4f620e934a958bdfe6702c6f2033593eed0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wtycoon.minigame.vip/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 71487
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4155
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 10 Jan 2024 23:09:16 GMT
etag: 5035419970550746386
expires: Wed, 24 Jan 2024 23:09:16 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 AGSKWxX66zZSWFA5WctjwYJ1F_81lDICPA8oAzQmguhXBndXgIEuc5GVZafWl02mEBBsyYrcScMbWRV549WVOgzpvrH_QdN7LdByvNW5_G4eyKj7AUGE2gFESYCjBfJjEeqJA-MNBooeVQ== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 54ms
53ms Script
application/javascript 142.251.41.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxX66zZSWFA5WctjwYJ1F_81lDICPA8oAzQmguhXBndXgIEuc5GVZafWl02mEBBsyYrcScMbWRV549WVOgzpvrH_QdN7LdByvNW5_G4eyKj7AUGE2gFESYCjBfJjEeqJA-MNBooeVQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA0OTk5NjQzLDkxMjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly93dHljb29uLm1pbmlnYW1lLnZpcC8iLG51bGwsW1s4LCIwZ05ObWRPM3ZnUSJdLFs5LCJlbi1VUyJdLFsxOCwiW1tbMF1dXSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.0gNNmdO3vgQ.es5.O/am=wA/d=1/rs=AJlcJMz2Me5VRzmgipKAl6Yl4-bTHdpcAQ/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.41.14 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f14.1e100.net

Software

ESF /

Resource Hash

db9b917448bfae9e078df0d0e5ecdbd9fa9b436d1ad920ab30426e192ab8b790

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-NPBzTSM2VRV0iiQ_oDT-ZA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://wtycoon.minigame.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 19:00:43 GMT
content-security-policy: script-src 'report-sample' 'nonce-NPBzTSM2VRV0iiQ_oDT-ZA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 ping
pagead2.googlesyndication.com/pagead/ 0
0 42ms
41ms Fetch
text/html 142.251.40.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3962242587190395
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.40.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: lga34s39-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Referer: https://wtycoon.minigame.vip/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 css2
fonts.googleapis.com/ Frame F52F 4 KB
1 KB 69ms
28ms Stylesheet
text/css 142.250.176.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.176.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f10.1e100.net

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 11 Jan 2024 19:00:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 11 Jan 2024 17:19:20 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 11 Jan 2024 19:00:43 GMT

GET
H2 200 4b0ef9dfa83525e0607f42119c034d23.js Show response
www.gstatic.com/mysidia/ Frame E8EA 9 KB
4 KB 66ms
28ms Script
text/javascript 142.250.80.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/4b0ef9dfa83525e0607f42119c034d23.js?tag=client_fast_engine_2019

Requested by

Host: wtycoon.minigame.vip
URL: https://wtycoon.minigame.vip/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f3.1e100.net

Software

sffe /

Resource Hash

97c530c44249746307c2b01b37eed0f53757d139bc4243798f468c71da9844da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 09:06:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 122082
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4079
x-xss-protection: 0
last-modified: Fri, 05 Jan 2024 00:56:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 09 Apr 2024 09:06:01 GMT

GET
H2 200 e8b1d04b6e6f4e04515fcd99d0a161d6.js Show response
www.gstatic.com/mysidia/ Frame E8EA 174 KB
64 KB 59ms
22ms Script
text/javascript 142.250.80.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/e8b1d04b6e6f4e04515fcd99d0a161d6.js?tag=gpa/dynamic_fig_web_banner_v2

Requested by

Host: wtycoon.minigame.vip
URL: https://wtycoon.minigame.vip/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f3.1e100.net

Software

sffe /

Resource Hash

35079361d6c10065e29e5249e4263807091188fb35d41e25b68df9ca82a09009

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 08:55:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 122735
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64925
x-xss-protection: 0
last-modified: Tue, 09 Jan 2024 01:55:29 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 09 Apr 2024 08:55:08 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame E8EA 11 KB
1 KB 69ms
51ms Stylesheet
text/css 142.250.176.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%7CGoogle%20Sans%20Display%3A400%2C500

Requested by

Host: wtycoon.minigame.vip
URL: https://wtycoon.minigame.vip/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.176.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f10.1e100.net

Software

ESF /

Resource Hash

e5688319ea093a91c367a5f64f22b2012affd2a2bf80a8e31a6f4e02c67fb1ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 11 Jan 2024 19:00:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 11 Jan 2024 17:45:18 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 11 Jan 2024 19:00:43 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/ Frame E8EA 2 KB
902 B 64ms
25ms Script
text/javascript 142.250.81.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: wtycoon.minigame.vip
URL: https://wtycoon.minigame.vip/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.81.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s74-in-f1.1e100.net

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 18:10:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2999
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Jan 2024 18:10:45 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/ Frame E8EA 23 KB
9 KB 52ms
14ms Script
text/javascript 142.250.81.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/abg_lite_fy2021.js

Requested by

Host: wtycoon.minigame.vip
URL: https://wtycoon.minigame.vip/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.81.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s74-in-f1.1e100.net

Software

cafe /

Resource Hash

428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 12:47:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22410
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9276
x-xss-protection: 0
server: cafe
etag: 3558958386372919956
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Jan 2024 12:47:14 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/ Frame E8EA 3 KB
1 KB 64ms
27ms Script
text/javascript 142.250.81.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/window_focus_fy2021.js

Requested by

Host: wtycoon.minigame.vip
URL: https://wtycoon.minigame.vip/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.81.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s74-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 18:10:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3003
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Jan 2024 18:10:41 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/ Frame E8EA 20 KB
8 KB 59ms
21ms Script
text/javascript 142.250.81.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: wtycoon.minigame.vip
URL: https://wtycoon.minigame.vip/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.81.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s74-in-f1.1e100.net

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 08:51:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36540
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Jan 2024 08:51:44 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame E8EA 205 KB
65 KB 80ms
36ms Script
text/javascript 142.251.40.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: wtycoon.minigame.vip
URL: https://wtycoon.minigame.vip/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f2.1e100.net

Software

sffe /

Resource Hash

ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 19:00:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66227
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1704891455226136"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 11 Jan 2024 19:00:44 GMT

GET
H2 200 4cee352c918c506f58256258d534a665.js Show response
www.gstatic.com/mysidia/ Frame E8EA 37 KB
16 KB 46ms
14ms Script
text/javascript 142.250.80.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/4cee352c918c506f58256258d534a665.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: wtycoon.minigame.vip
URL: https://wtycoon.minigame.vip/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f3.1e100.net

Software

sffe /

Resource Hash

e6b20a1535a6d3ca3d7a611ae199a6f4b464e0b67b450379ed43a7ef3e66957c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 08:47:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 123185
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15452
x-xss-protection: 0
last-modified: Fri, 05 Jan 2024 00:56:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 09 Apr 2024 08:47:38 GMT

GET
H2 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/elements/html/ Frame F52F 16 KB
7 KB 50ms
18ms Script
text/javascript 142.250.81.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.81.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s74-in-f1.1e100.net

Software

cafe /

Resource Hash

972f7a26f860f2f122dcf2a4c5cae616df3a4a83e0c8318a1afb824c766fb651

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 18:53:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 433
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6823
x-xss-protection: 0
server: cafe
etag: 11129212757755515379
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Jan 2024 18:53:31 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame F52F 205 B
296 B 60ms
34ms Image
image/png 142.250.80.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f3.1e100.net

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 08:58:46 GMT
x-content-type-options: nosniff
age: 122517
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 09 Jan 2025 08:58:46 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame F52F 604 B
920 B 58ms
33ms Image
image/png 142.250.80.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f3.1e100.net

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 06:13:40 GMT
x-content-type-options: nosniff
age: 132423
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 09 Jan 2025 06:13:40 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/elements/html/ Frame F52F 22 KB
9 KB 52ms
23ms Script
text/javascript 142.250.81.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.81.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s74-in-f1.1e100.net

Software

cafe /

Resource Hash

7a519c62e734157227e61ce5209158e1b7b484b5f2b68e3ccaed1ffe444de36d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 18:53:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 433
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9422
x-xss-protection: 0
server: cafe
etag: 10624764489894593518
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Jan 2024 18:53:31 GMT

GET
H3 200 AGSKWxWBajCdq_qceuXPi4AA7CoWTkb_n3NVvyKt7ctn5B0PE4_3s9zNpJF2x9_qu1Z4ZDdR8pzyp1bS8YYtCHZiXDIBi4FElxat2mug1bKSHRziWFwqBNm4dgtDof3TR-yl4qswqSUyaQ== Show response
fundingchoicesmessages.google.com/f/ 12 KB
5 KB 51ms
50ms Script
application/javascript 142.251.41.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWBajCdq_qceuXPi4AA7CoWTkb_n3NVvyKt7ctn5B0PE4_3s9zNpJF2x9_qu1Z4ZDdR8pzyp1bS8YYtCHZiXDIBi4FElxat2mug1bKSHRziWFwqBNm4dgtDof3TR-yl4qswqSUyaQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA0OTk5NjQzLDk3MzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyLG51bGwsImVuIl0sImh0dHBzOi8vd3R5Y29vbi5taW5pZ2FtZS52aXAvIixudWxsLFtbOCwiMGdOTm1kTzN2Z1EiXSxbOSwiZW4tVVMiXSxbMTgsIltbWzBdXV0iXSxbMTksIjIiXSxbMTcsIlswXSJdXV0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.14 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f14.1e100.net

Software

ESF /

Resource Hash

1ebe1e07567a248cfb945cc990255922da6b568073a5de4724a448caf2160362

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-VYOs1a9RVNYt2DU78XdO9A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://wtycoon.minigame.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 19:00:44 GMT
content-security-policy: script-src 'report-sample' 'nonce-VYOs1a9RVNYt2DU78XdO9A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame E8EA 0
234 B 1336ms
428ms Ping
image/gif 142.251.42.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lr9krl3g&c=1819746936561&slotId=909873468280.5&qqid=CJWuwtCC1oMDFd8qswAd04oL0w&sei=44752538%2C44807615%2C75259414%2C420706098&nsei=44714510%2C44729911%2C44730425%2C44730426%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=ssc&ulv=1&ua_e=1
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/e8b1d04b6e6f4e04515fcd99d0a161d6.js?tag=gpa/dynamic_fig_web_banner_v2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.42.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: bom12s20-in-f3.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 19:00:45 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 hq1.jpg
i1.ytimg.com/vi/xO00NwWOxB4/ Frame E8EA 11 KB
11 KB 74ms
15ms Image
image/jpeg 142.251.40.206
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.ytimg.com/vi/xO00NwWOxB4/hq1.jpg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s38-in-f14.1e100.net

Software

sffe /

Resource Hash

d2e9593ad6ed10049138456cbcbe54c5613363894093206e443a9b0083b5b96b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 18:56:50 GMT
x-content-type-options: nosniff
age: 234
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10927
x-xss-protection: 0
server: sffe
etag: "1701788323"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 11 Jan 2024 20:56:50 GMT

GET
H/1.1 206
Partial Content videoplayback
rr2---sn-p5qlsny6.googlevideo.com/ Frame E8EA 773 KB
774 KB 84ms
29ms Media
video/mp4 172.217.135.71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr2---sn-p5qlsny6.googlevideo.com/videoplayback?expire=1705028443&ei=2zqgZeioIq_cxtYP9deC6A0&ip=217.114.38.4&id=c4ed3437058ec41e&itag=18&source=youtube&requiressl=yes&xpc=Eghovf3BOnoBAQ==&mh=Qr&mm=31&mn=sn-p5qlsny6&ms=au&mv=m&mvi=2&pl=24&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=15.104&lmt=1701788269355278&mt=1704999195&cpn=FMhZgog_7snFeeDG&txp=6310224&sparams=expire,ei,ip,id,itag,source,requiressl,xpc,susc,acao,ctier,mime,vprv,dur,lmt&sig=AJfQdSswRAIgHrXZSALcPtVhyYHO61bPhdrhEsJx9VsUQB61SDli0TMCIEsEcSbz_TZjbkXnUjAW4BWAn1C72GQ63sXZEnOelw0d&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AAO5W4owRAIgBBDBmzLM-IFTu_PaY1Q-oFjwCOtXCGsIEU2kkBGbhokCIHzaxHaUymf95BcGiGGVY9OpS90Pme3H_Kh3FzXolRf8

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

172.217.135.71 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

iad23s95-in-f7.1e100.net

Software

gvs 1.0 /

Resource Hash

2ad848a561981ce51ffd7714faccd3c3f6c68c2020aea8664ace385b47c0a909

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Range: bytes=0-

Response headers

Date: Thu, 11 Jan 2024 19:00:44 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 05 Dec 2023 14:57:49 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Content-Range: bytes 0-791663/791664
Cache-Control: private, max-age=28499
Cross-Origin-Resource-Policy: cross-origin
Connection: close
Accept-Ranges: bytes
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 791664
Expires: Thu, 11 Jan 2024 19:00:44 GMT

GET
H3 200 CsDssBYGUYU3wQ4v_Nbag4c_M5htIHGtZ2tYNmCPRTQ.js Show response
pagead2.googlesyndication.com/bg/ Frame BE23 50 KB
19 KB 15ms
15ms Script
text/javascript 142.251.40.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/CsDssBYGUYU3wQ4v_Nbag4c_M5htIHGtZ2tYNmCPRTQ.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_nohtml_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f2.1e100.net

Software

sffe /

Resource Hash

0ac0ecb01606518537c10e2ffcd6da83873f33986d2071ad676b5836608f4534

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 08:52:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 122909
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19695
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 09 Jan 2025 08:52:15 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 6B4A 4 KB
751 B 31ms
29ms Stylesheet
text/css 142.250.176.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3962242587190395&output=html&h=280&adk=1290130597&adf=3025194257&w=1200&fwrn=4&fwrnh=100&lmt=1704698144&rafmt=1&format=1200x280&url=https%3A%2F%2Fwtycoon.minigame.vip%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704999642777&bpp=2&bdt=135&idt=225&shv=r20240109&mjsv=m202401020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3881577581502&frm=20&pv=1&ga_vid=2057024283.1704999643&ga_sid=1704999643&ga_hid=1068603364&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320239%2C31079438%2C31080263%2C42532599%2C44809005%2C44809531%2C95320868%2C95320888&oid=2&pvsid=3995175955020067&tmod=746563122&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=231

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.176.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f10.1e100.net

Software

ESF /

Resource Hash

f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 11 Jan 2024 19:00:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 11 Jan 2024 17:09:01 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 11 Jan 2024 19:00:44 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/ Frame 6B4A 2 KB
856 B 15ms
14ms Script
text/javascript 142.250.81.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.81.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s74-in-f1.1e100.net

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 18:10:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2999
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Jan 2024 18:10:45 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/ Frame 6B4A 23 KB
9 KB 17ms
16ms Script
text/javascript 142.250.81.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.81.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s74-in-f1.1e100.net

Software

cafe /

Resource Hash

428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 12:47:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22410
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9276
x-xss-protection: 0
server: cafe
etag: 3558958386372919956
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Jan 2024 12:47:14 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/ Frame 6B4A 3 KB
1 KB 18ms
17ms Script
text/javascript 142.250.81.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.81.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s74-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 18:10:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3003
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Jan 2024 18:10:41 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/ Frame 6B4A 20 KB
8 KB 15ms
15ms Script
text/javascript 142.250.81.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.81.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s74-in-f1.1e100.net

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 08:51:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36540
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Jan 2024 08:51:44 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6B4A 205 KB
65 KB 1176ms
1175ms Script
text/javascript 142.251.40.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f2.1e100.net

Software

sffe /

Resource Hash

ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 19:00:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66227
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1704891455226136"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 11 Jan 2024 19:00:45 GMT

GET
H2 200 4cee352c918c506f58256258d534a665.js Show response
www.gstatic.com/mysidia/ Frame 6B4A 37 KB
15 KB 17ms
16ms Script
text/javascript 142.250.80.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/4cee352c918c506f58256258d534a665.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f3.1e100.net

Software

sffe /

Resource Hash

e6b20a1535a6d3ca3d7a611ae199a6f4b464e0b67b450379ed43a7ef3e66957c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 08:47:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 123186
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15452
x-xss-protection: 0
last-modified: Fri, 05 Jan 2024 00:56:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 09 Apr 2024 08:47:38 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/16301324581442726697/ Frame 6B4A 42 KB
42 KB 87ms
86ms Image
image/jpeg 142.250.81.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16301324581442726697/14763004658117789537?w=600&h=314&tw=1&q=75

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.81.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s74-in-f1.1e100.net

Software

sffe /

Resource Hash

7862a51993fefe72670f5113b66415c89dba5b0d3cf73aa476ca8dae177c49a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

allow-fenced-frame-automatic-beacons: true
date: Thu, 11 Jan 2024 19:00:44 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42932
x-xss-protection: 0
last-modified: Tue, 28 Jun 2022 13:57:48 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 10 Jan 2025 19:00:44 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/3233864280957263260/ Frame 6B4A 3 KB
3 KB 23ms
23ms Image
image/jpeg 142.250.81.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3233864280957263260/14763004658117789537?w=100&h=100&tw=1&q=75

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.81.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s74-in-f1.1e100.net

Software

sffe /

Resource Hash

ae04b9d9ad8bb448c594ff84844d47f5ae4370ffa8b11e966ce2e4d8ada1a2ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires: Wed, 08 Jan 2025 16:25:16 GMT
date: Tue, 09 Jan 2024 16:25:16 GMT
x-content-type-options: nosniff
age: 182128
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3043
x-xss-protection: 0
last-modified: Sun, 26 Jun 2022 19:53:55 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
DATA 200
OK truncated
/ Frame 6B4A 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6db7e9e2c4c2b76c1c5533506e834b3caca3db8443eb62e0c852af35dd66f929

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
68 B 40ms
39ms Image
image/gif 142.251.41.14
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=1&rn=2.781607863712514

Requested by

Host: wtycoon.minigame.vip
URL: https://wtycoon.minigame.vip/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.14 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f14.1e100.net

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-nGZ9IEA5OKGmsEcBSd4h7g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://wtycoon.minigame.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 19:00:45 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-nGZ9IEA5OKGmsEcBSd4h7g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
68 B 42ms
42ms Image
image/gif 142.251.41.14
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=2&rn=1.1921851665931305

Requested by

Host: wtycoon.minigame.vip
URL: https://wtycoon.minigame.vip/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.14 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f14.1e100.net

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-T8r7plbqPO0K_sQJYSv0ww' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://wtycoon.minigame.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 19:00:45 GMT
content-security-policy: script-src 'report-sample' 'nonce-T8r7plbqPO0K_sQJYSv0ww' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxXaS6tT6rpylP5GACKxOg0BzdPhB1TWiZty6CQXfdNDi_HSfDxWfpp1tU5HeNBP1pVFHTVvYnn44wVlYmOcAqibMXMJlrrRibbFsLK1OGtDP9RpHLyYE5CkzpzxPyp_FqVG-RQAOw== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 68ms
37ms XHR
text/html 142.251.41.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXaS6tT6rpylP5GACKxOg0BzdPhB1TWiZty6CQXfdNDi_HSfDxWfpp1tU5HeNBP1pVFHTVvYnn44wVlYmOcAqibMXMJlrrRibbFsLK1OGtDP9RpHLyYE5CkzpzxPyp_FqVG-RQAOw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.14 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-bwMh_qePjjN_JVg0hehUyA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://wtycoon.minigame.vip/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 11 Jan 2024 19:00:45 GMT
content-security-policy: script-src 'report-sample' 'nonce-bwMh_qePjjN_JVg0hehUyA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://wtycoon.minigame.vip
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame E8EA 0
54 B 428ms
428ms Ping
image/gif 142.251.42.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lr9krl3p&c=1819746936561&slotId=909873468280.5&qqid=CJWuwtCC1oMDFd8qswAd04oL0w&umsem=0&ple=1&ape=1&met.4=vil.lr9krl8w~vfl.lr9krl9l
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/e8b1d04b6e6f4e04515fcd99d0a161d6.js?tag=gpa/dynamic_fig_web_banner_v2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.42.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: bom12s20-in-f3.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 19:00:45 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 6B4A 16 KB
16 KB 60ms
14ms Font
font/woff2 142.250.80.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s34-in-f3.1e100.net

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 09:33:07 GMT
x-content-type-options: nosniff
age: 120458
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 Jan 2025 09:33:07 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 6B4A 15 KB
15 KB 65ms
22ms Font
font/woff2 142.250.80.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s34-in-f3.1e100.net

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 04:14:19 GMT
x-content-type-options: nosniff
age: 139586
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 Jan 2025 04:14:19 GMT

GET
H3 200 floaty_rotator_homadconfig. Show response
fundingchoicesmessages.google.com/f/AGSKWxXxYCChSYb7kq0B9c_alWai-Df2dEFGHt_ETfinR5xddikGuWC91oCQ9hyPTbkpmwwU6x5Bdyr2uySVC-_5JhdtG-mTu9o5h7aA-XhY-tr21Awm0whgx7JwVEzsM0EwXLoW_E3rRYzdKC00R--a2EI928Moy... 54 B
109 B 43ms
42ms Script
application/javascript 142.251.41.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXxYCChSYb7kq0B9c_alWai-Df2dEFGHt_ETfinR5xddikGuWC91oCQ9hyPTbkpmwwU6x5Bdyr2uySVC-_5JhdtG-mTu9o5h7aA-XhY-tr21Awm0whgx7JwVEzsM0EwXLoW_E3rRYzdKC00R--a2EI928MoyJAZR7X0MxjdwKy7qTc5tbZ6KZZwdewp/_/apopwin..com/ad2//adboxtable-/floaty_rotator_homadconfig.

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.0gNNmdO3vgQ.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMxn2lZ1P4aLLqQehvEmoMdKCwnc9A/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.14 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f14.1e100.net

Software

ESF /

Resource Hash

46f8093923f3e2d14e3da1b31f0b9fad6ff9c5343ea874431fc8ecaf13805a4c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-8Gwl_b7iW0Y92_7qdlTxmw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://wtycoon.minigame.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 19:00:45 GMT
content-security-policy: script-src 'report-sample' 'nonce-8Gwl_b7iW0Y92_7qdlTxmw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 rum.js Show response
pagead2.googlesyndication.com/pagead/js/ 65 KB
24 KB 15ms
14ms Script
text/javascript 142.251.40.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/rum.js?fcd=true

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f2.1e100.net

Software

cafe /

Resource Hash

2f6bea46c546f8965429c8793da815b8aa488ea358656607513811e6220f4583

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://wtycoon.minigame.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 18:06:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3233
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24615
x-xss-protection: 0
server: cafe
etag: 10902498161188913397
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Thu, 11 Jan 2024 19:06:52 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXaS6tT6rpylP5GACKxOg0BzdPhB1TWiZty6CQXfdNDi_HSfDxWfpp1tU5HeNBP1pVFHTVvYnn44wVlYmOcAqibMXMJlrrRibbFsLK1OGtDP9RpHLyYE5CkzpzxPyp_FqVG-RQAOw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.14 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-5svLkfVa_HEYTyhhI-egKA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://wtycoon.minigame.vip/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 11 Jan 2024 19:00:45 GMT
content-security-policy: script-src 'report-sample' 'nonce-5svLkfVa_HEYTyhhI-egKA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://wtycoon.minigame.vip
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXaS6tT6rpylP5GACKxOg0BzdPhB1TWiZty6CQXfdNDi_HSfDxWfpp1tU5HeNBP1pVFHTVvYnn44wVlYmOcAqibMXMJlrrRibbFsLK1OGtDP9RpHLyYE5CkzpzxPyp_FqVG-RQAOw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.14 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-hmYGa_T9I5FjHuO5yQfIcw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://wtycoon.minigame.vip/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 11 Jan 2024 19:00:45 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-hmYGa_T9I5FjHuO5yQfIcw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://wtycoon.minigame.vip
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 6B4A
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CYS1-2zqgZZ2-AsSdxtYPvMOYmA2PsLWIdZrGyYfVD5qUm6roDhABIPSV-ooBYMmumY3spIAQoAHQ4rO8AcgBCagDAcgDywSqBNIBT9CHGrGdHcskajAZgxp2htOZtFHqwCp7ODdEpV6VvPN...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xc17336bf860103930000000000000000%22,%222%22:%220xa7589279ba193630000000000000000%22,%223%22:%220x654aa44...

0
0

80ms
44ms

Fetch
text/css

142.250.80.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xc17336bf860103930000000000000000%22,%222%22:%220xa7589279ba193630000000000000000%22,%223%22:%220x654aa44e0f3a06830000000000000000%22,%224%22:%220xed63273f6a113cab0000000000000000%22,%225%22:%220xaeca84165e2de77b0000000000000000%22},%22debug_key%22:%221168038512619104598%22,%22debug_reporting%22:true,%22destination%22:%22https://yahoo.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22395112784%22],%2222%22:[%22true%22],%224%22:[%2201-11%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2215797477912597816769%22}&andc=true

Requested by

Host: wtycoon.minigame.vip
URL: https://wtycoon.minigame.vip/

Protocol

Server

142.250.80.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s34-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 19:00:46 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0xc17336bf860103930000000000000000","2":"0xa7589279ba193630000000000000000","3":"0x654aa44e0f3a06830000000000000000","4":"0xed63273f6a113cab0000000000000000","5":"0xaeca84165e2de77b0000000000000000"},"debug_key":"1168038512619104598","debug_reporting":true,"destination":"https://yahoo.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["395112784"],"22":["true"],"4":["01-11"],"6":["true"]},"priority":"500","source_event_id":"15797477912597816769"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 11 Jan 2024 19:00:46 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 11 Jan 2024 19:00:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0xc17336bf860103930000000000000000","2":"0xa7589279ba193630000000000000000","3":"0x654aa44e0f3a06830000000000000000","4":"0xed63273f6a113cab0000000000000000","5":"0xaeca84165e2de77b0000000000000000"},"debug_key":"1168038512619104598","debug_reporting":true,"destination":"https://yahoo.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["395112784"],"22":["true"],"4":["01-11"],"6":["true"]},"priority":"500","source_event_id":"15797477912597816769"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 CsDssBYGUYU3wQ4v_Nbag4c_M5htIHGtZ2tYNmCPRTQ.js Show response
pagead2.googlesyndication.com/bg/ Frame C66D 50 KB
19 KB 15ms
14ms Script
text/javascript 142.251.40.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/CsDssBYGUYU3wQ4v_Nbag4c_M5htIHGtZ2tYNmCPRTQ.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f2.1e100.net

Software

sffe /

Resource Hash

0ac0ecb01606518537c10e2ffcd6da83873f33986d2071ad676b5836608f4534

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 08:52:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 122910
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19695
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 09 Jan 2025 08:52:15 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXaS6tT6rpylP5GACKxOg0BzdPhB1TWiZty6CQXfdNDi_HSfDxWfpp1tU5HeNBP1pVFHTVvYnn44wVlYmOcAqibMXMJlrrRibbFsLK1OGtDP9RpHLyYE5CkzpzxPyp_FqVG-RQAOw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.14 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-lchjfG299AsOMrH32uvRMQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://wtycoon.minigame.vip/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 11 Jan 2024 19:00:45 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-lchjfG299AsOMrH32uvRMQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://wtycoon.minigame.vip
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXaS6tT6rpylP5GACKxOg0BzdPhB1TWiZty6CQXfdNDi_HSfDxWfpp1tU5HeNBP1pVFHTVvYnn44wVlYmOcAqibMXMJlrrRibbFsLK1OGtDP9RpHLyYE5CkzpzxPyp_FqVG-RQAOw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.14 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-lfb4Ghstm5qGyQObg5-38g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://wtycoon.minigame.vip/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 11 Jan 2024 19:00:45 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-lfb4Ghstm5qGyQObg5-38g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://wtycoon.minigame.vip
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxUbe7oyBmHZkKvodWl1HIUh_hMDt_NgMsby9Yh085hA8XnmCAhlvdoMXrY3Ws67QAYZ1__-N017VUF2vz8ahCI9isVIrs40daXLqTAXQ9c_mGDLz_66gOb9D40xBB3-RPcROXg6Jw== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 55ms
52ms Script
application/javascript 142.251.41.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUbe7oyBmHZkKvodWl1HIUh_hMDt_NgMsby9Yh085hA8XnmCAhlvdoMXrY3Ws67QAYZ1__-N017VUF2vz8ahCI9isVIrs40daXLqTAXQ9c_mGDLz_66gOb9D40xBB3-RPcROXg6Jw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA0OTk5NjQ1LDc2NDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly93dHljb29uLm1pbmlnYW1lLnZpcC8iLG51bGwsW1s4LCIwZ05ObWRPM3ZnUSJdLFs5LCJlbi1VUyJdLFsxOCwiW1tbMF1dXSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.14 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f14.1e100.net

Software

ESF /

Resource Hash

e78e9221a7d1236e167c5a6a4b43a1e88892aa9a6c35e868cc8e7a7a29bbf675

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-w3J_uEJRf1SUdoSmd5rMVw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://wtycoon.minigame.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 19:00:45 GMT
content-security-policy: script-src 'report-sample' 'nonce-w3J_uEJRf1SUdoSmd5rMVw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 472ms
45ms Preflight
text/html 142.250.80.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s34-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 11 Jan 2024 19:00:46 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 AGSKWxWWna-ZsbaMF-7oY56psJ77iSlkGBgiPCeJqBR2segRQpSttY9IwvrhyoJbLG5zGJZZ2Yf5WRB8KzCy8smRA_Qbv-j0jDaLOarW7h2nFaGoP_JedkmTIUCor4nx2d-MSUCEbsVX4Q== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 37ms
37ms XHR
text/html 142.251.41.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWWna-ZsbaMF-7oY56psJ77iSlkGBgiPCeJqBR2segRQpSttY9IwvrhyoJbLG5zGJZZ2Yf5WRB8KzCy8smRA_Qbv-j0jDaLOarW7h2nFaGoP_JedkmTIUCor4nx2d-MSUCEbsVX4Q==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.14 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-XhGW8-SlKKcdBbZxX3yUkw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://wtycoon.minigame.vip/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 11 Jan 2024 19:00:45 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-XhGW8-SlKKcdBbZxX3yUkw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://wtycoon.minigame.vip
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXaS6tT6rpylP5GACKxOg0BzdPhB1TWiZty6CQXfdNDi_HSfDxWfpp1tU5HeNBP1pVFHTVvYnn44wVlYmOcAqibMXMJlrrRibbFsLK1OGtDP9RpHLyYE5CkzpzxPyp_FqVG-RQAOw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.41.14 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ctg2_Rzv0rpJBws_5zn3hQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://wtycoon.minigame.vip/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 11 Jan 2024 19:00:45 GMT
content-security-policy: script-src 'report-sample' 'nonce-ctg2_Rzv0rpJBws_5zn3hQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://wtycoon.minigame.vip
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 49ms
48ms XHR
application/json 142.251.40.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240109&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401020101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f2.1e100.net

Software

cafe /

Resource Hash

f78c93577549e75b2a9335eb8f48e961ef739864c9bfcab1a347e8fb1e38f40b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://wtycoon.minigame.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 19:00:45 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12245
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 39ms
39ms Script
text/javascript 142.250.81.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401020101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.81.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s74-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://wtycoon.minigame.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 19:00:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 11 Jan 2024 19:00:45 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B6A4 13 KB
5 KB 21ms
19ms Document
text/html 142.250.81.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.81.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s74-in-f1.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wtycoon.minigame.vip/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 10537
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 11 Jan 2024 16:05:09 GMT
expires: Fri, 10 Jan 2025 16:05:09 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame B8C0 829 B
1 KB 78ms
34ms Document
text/html 142.251.35.164
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.35.164 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s78-in-f4.1e100.net

Software

GSE /

Resource Hash

e37477dc03856a91cb2e4c460d2a3d9b8d8f435fa91220ed84ea280a6034c635

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-P1ulyqbwlRRdNeWCRY_GwQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://wtycoon.minigame.vip/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-P1ulyqbwlRRdNeWCRY_GwQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 11 Jan 2024 19:00:46 GMT
expires: Thu, 11 Jan 2024 19:00:46 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js Show response
pagead2.googlesyndication.com/bg/ Frame B6A4 39 KB
15 KB 15ms
14ms Script
text/javascript 142.251.40.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f2.1e100.net

Software

sffe /

Resource Hash

30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 16:05:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10537
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15229
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 10 Jan 2025 16:05:09 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame B8C0 0
0 43ms
43ms Image
text/html 142.251.40.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240109&jk=3995175955020067&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.251.40.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: lga34s39-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame B6A4 0
10 B 15ms
15ms Image
text/plain 142.250.81.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?UL4lnA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.81.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: lga25s74-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 19:00:46 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 6B4A 42 B
64 B 45ms
45ms Fetch
image/gif 142.251.40.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstnNgJ-CJxVupXZwW-b8rO9829vMZ27ls04Kox0VSNgv7W1O4RuCeBdfQQxcbg5eSGYlLdTLVXte0HFEdqq3FdgmNrESo5RZ80DvLcx_26sNkgDXp-aF-mkTQM4mu088pf8GjGSYI1QQ-Ry9unVeHI5EyVx&sai=AMfl-YR2L2k5od5rdkFr1vbz0T4Hn0g_KQ7jiyxAWzCugDm98VDeJnWNFXkr5Guo0x0XdbZ_GsCRSuJvduyGxFMqP7UkR8Pp6jBdHQvUR-PjzjBHlPTJguVLgVXr_M8FQwcXeocmJJ7m7vMZ4W1aSlCW&sig=Cg0ArKJSzCRg4WM2WeDqEAE&cid=CAQSTgAvHhf_cJdEEn3ojDI3a_5srgPvcMxd2Up6oMfeRrtRFHqjzdcTCK12wfxy7bKm1NL-GJe7be99liyQ3zdpJw_eyTGLBTtL8Y5yKG1BbBgB&id=lidar2&mcvt=1000&p=0,0,280,1200&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240110&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1290130597&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1704999643010&rpt=2734&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 19:00:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 44ms
43ms Image
text/html 142.251.40.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240109&jk=3995175955020067&bg=!v7ylvPPNAAaumcC-jpk7ADQBe5WfOMSAdBJ52QqhkkJ1PUBdUP_x7SxHA7LgJkZycmu0v1Y0zVQvdMx7XPI2wCzRh_0XAgAAAHFSAAAABGgBBwoApl0qTkg6knvP2TxjMeP4gWedm53qUhEcyGAIfdn3lf43WtO2BVrrYPlhbah6CPcV0mr7IWck7AmGhAqHP10qSaUsoTWUGMFTIWMc3bfKv_UD_opTkjO8rJh3NDhmNXi3SS6L5YzaIGK9GVA1AN7sSfV-I-OmnB--xN_3zFBM-1pL9i82l6-iri5xFTguFYEH8nZHcnkIpd2hbjpjEMzBs0J9jr8ghKWZAsFMQB_9BLGJERDXN3IINMNXnJfNJU3YlJ6oXX0HRzKNCR-Bow1-uAtWa7tF_yxm7U7lA24cFyz_D1_1GwIuc4rT1zIm-NbbEBWlSbZNhajmcZuFLvV0dVpNAMvfeTNUYFodASEHfA_ookKcMEjwuonWu5nbjq5I5KAVzLKvH0ciEIXEuLEHJzlkbHLjeEibByJtRBk2eGZdSoIPwdRZ8ZzLXvhL2m2Ck9vadturpYwYAhJWyeb9T7KM6ULEvZ30sKHDIfvc04KF8wnLvYeEQEwv2_kG6x-ryloCgjeLFH7YxGEW39KBSCkIWbkfwlQRDrWj5VnzkKAaJYndcq5_15YLOO1Qs2vEfCLFPEFfUg9-NBHk_dryPv1Jx9tT9X3xNZnyqn3V84YUXEsBK3Kj1Be74ewVqazyBAOa6px7H_ySQFDvzioSfzZjTg0vSkWw5vkUoYqMmFAXBYZFH7YX75wO0JLBzA7F1BPtyxLhg9cWQJxSQB4_ybUVvVxYPtVWl95X1y0T92lhDuLQctVPtU2bQJx3MLoC-T4zOtOW1V6m-tydQNauYEVDiD42Jw3Ha8bUt2n6AUP3auYM2fxdQb_yEOimyrrw-uOUX4eVRmIZ7hBTQpo5jBHYjZKhI_OGCVRPlxaAmvKPJ9hRGOkStgbmLl7LJi--qnMgzYGtWZOTe1WuxnckgetV2ciY0kZWyJVKxrKtj7fR3TlPFx_avKP-awyfk6EX9TAAI9YUHD1QdCRi-zOGwS290w8iATOU5GEv8cybo2XaYMH0-ebMmCkV5d9Y2MuWc0qSgrq-toe3eQbg0fXbTK5AGmkLYN2Ai24JA4NesGaUF9MKc3OawjA1NT4YCI92dG_NFYDqg95-oJfj_577HiDnorADCh0saUfgKs4H4E9yTlHbPX0jGdBhJLpE181NxFYIRQbq6nUJpPw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.251.40.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: lga34s39-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://wtycoon.minigame.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

70 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.minigame.vip/	1970-01-21 02:58:15	Name: __gads Value: ID=32ecffd4a3371bec:T=1704999643:RT=1704999643:S=ALNI_MbaO1QZRb4LdAY5KtQEhxUPwhHwow
.minigame.vip/	1970-01-21 02:58:15	Name: __gpi Value: UID=00000db661be8b7f:T=1704999643:RT=1704999643:S=ALNI_MYpSc1P5wc8NCK5lZifvtRi9QknKA
.doubleclick.net/	1970-01-21 03:12:39	Name: IDE Value: AHWqTUlZVFQnWjG1QeuBU5sn_n8KnrxZa_MzdieEDnCB_YGFAZogYhNWu8LY35Z296M
.minigame.vip/	1970-01-21 02:22:15	Name: FCNEC Value: %5B%5B%22AKsRol-Q2tQ1u7w6j_ym5s_SbIHTQL5liGpeHHDV4NgeDWxh2BLZVK4050GCXY_NIdKDbfEuhqU3q1q8ZV9xepThP8oZ7KGjpf0jFbMmU4s1DrsAxGURnF3HEd9SpfcKorWfDizCT0h6Qku1ih9Pt7YFnyeiHgRt3g%3D%3D%22%5D%5D
.googleadservices.com/	1970-01-20 19:46:15	Name: ar_debug Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

csi.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
i1.ytimg.com
pagead2.googlesyndication.com
res.minigame.vip
rr2---sn-p5qlsny6.googlevideo.com
tpc.googlesyndication.com
wtycoon.minigame.vip
www.google.com
www.googleadservices.com
www.googletagservices.com
www.gstatic.com
104.18.3.128
142.250.176.202
142.250.80.34
142.250.80.35
142.250.80.98
142.250.80.99
142.250.81.225
142.251.35.164
142.251.40.206
142.251.40.226
142.251.41.14
142.251.42.35
172.217.135.71
08ac4ca46e0d261241581b391d9844b381ddca8185ab62f99eb4402ce269433a
0ac0ecb01606518537c10e2ffcd6da83873f33986d2071ad676b5836608f4534
1a56ac4a646735bb6c4f3c9bdb9fffd3cd442371ffd7d3aea737e94c20eb6e5a
1ebe1e07567a248cfb945cc990255922da6b568073a5de4724a448caf2160362
224581d4b4756eae254d42cc58abdea0bc79c90bc67649afcd0f56884732d2d1
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2ad848a561981ce51ffd7714faccd3c3f6c68c2020aea8664ace385b47c0a909
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f6bea46c546f8965429c8793da815b8aa488ea358656607513811e6220f4583
30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
35079361d6c10065e29e5249e4263807091188fb35d41e25b68df9ca82a09009
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
46f8093923f3e2d14e3da1b31f0b9fad6ff9c5343ea874431fc8ecaf13805a4c
48b8b7a25149872872d7b72c5993c511ba6cd252bbddb26e399701e493764c26
4bc803e447f49e61597a4c90d248dcb7098817333def46729b401a1d5df4e741
4d30d9a500c3b6166184038d730883c4f8111383bdc3e03a24e7100d3d98dc0c
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
52a0dcd4144af6b27373a4f6362d4678656b6e161655f3f7d22113cfb40a8898
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57b08f14d72bb1f3f67321e043dcfc3a245d31e72f5cc68b0b831c91f9532afa
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5f474329659302bd1c84413b3df3c1116c0543de959f2bdd0df76d9c3afdc10a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6db7e9e2c4c2b76c1c5533506e834b3caca3db8443eb62e0c852af35dd66f929
729b0a5590c68a75b733455a25e8697e254e0b7abba576b666d8ff2e07c55ad3
7862a51993fefe72670f5113b66415c89dba5b0d3cf73aa476ca8dae177c49a3
7a519c62e734157227e61ce5209158e1b7b484b5f2b68e3ccaed1ffe444de36d
7f71cebc981ec97d2bc89d4d725296789babdf7ca04799ce05f969ffbbb231c0
972f7a26f860f2f122dcf2a4c5cae616df3a4a83e0c8318a1afb824c766fb651
97c530c44249746307c2b01b37eed0f53757d139bc4243798f468c71da9844da
99970406c12b6fa22843306b60cda77a0fbcd82d9e8cd98dc616e49d5ac51cff
ae04b9d9ad8bb448c594ff84844d47f5ae4370ffa8b11e966ce2e4d8ada1a2ab
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
bead379f69d00767e601c46e96f45ec7b97ca4fd79a5d6c3cf21945616cc28e9
d2e9593ad6ed10049138456cbcbe54c5613363894093206e443a9b0083b5b96b
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
db9b917448bfae9e078df0d0e5ecdbd9fa9b436d1ad920ab30426e192ab8b790
df7a397b8ce58f6251a395e02608b4f620e934a958bdfe6702c6f2033593eed0
e1312cb887be0ca55c2c1b2c10c99b520ab188d2622ec59bb27400bd2ce63b98
e37477dc03856a91cb2e4c460d2a3d9b8d8f435fa91220ed84ea280a6034c635
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5688319ea093a91c367a5f64f22b2012affd2a2bf80a8e31a6f4e02c67fb1ce
e6b20a1535a6d3ca3d7a611ae199a6f4b464e0b67b450379ed43a7ef3e66957c
e78e9221a7d1236e167c5a6a4b43a1e88892aa9a6c35e868cc8e7a7a29bbf675
e7d4f2087bafa41335f248a267683d382489057856bb3c66465be2220964d749
ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2290d67ad6c11a5805d9e07b1bb7acfd033e5634bbb8f2c908465a9ca1f329c
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f78c93577549e75b2a9335eb8f48e961ef739864c9bfcab1a347e8fb1e38f40b
f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390

wtycoon.minigame.vip Open in urlscan Pro 104.18.3.128 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

76 Requests

99 %HTTPS

0 %IPv6

10 Domains

15 Subdomains

14 IPs

2 Countries

2079 kBTransfer

3834 kBSize

5 Cookies

4 Outgoing links

Redirected requests

76 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

wtycoon.minigame.vip Open in urlscan Pro
104.18.3.128 Public Scan

Screenshot
Live screenshot

Full Image

76
Requests

99 %
HTTPS

0 %
IPv6

10
Domains

15
Subdomains

14
IPs

2
Countries

2079 kB
Transfer

3834 kB
Size

5
Cookies

76 HTTP transactions
1 data transactions