play.googleplaystories.com Open in urlscan Pro
172.67.174.38  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://bet7ks.com/19f06mel?label=1755248_1731445754688_95_0 Page URL
2. https://play.googleplaystories.com/fi/fbkpl200-index-7211?&apkch=H5BRAPK2GG&gt=halloween&ip=31.204.152.205 Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H3	200	19f06mel bet7ks.com/	11 KB 4 KB	643ms 468ms	Document text/html	188.114.97.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bet7ks.com/19f06mel?label=1755248_1731445754688_95_0 Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 8e2734e59e116565-AMS content-encoding zstd content-type text/html; charset=UTF-8 date Thu, 14 Nov 2024 13:04:19 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EV7pZ%2FSDRjD8C7FJ2P9GiUgHApMlZCnaPM7J%2Fth40YAph7FH%2BMhm7SCfAJW3cbfOsiv3bbA%2FckPnDMbRuBnLNoTCjgo4h1BfEY3DMWZZGAGV2OVRc3ztgkb3XyaX"}],"group":"cf-nel","max_age":604800} server cloudflare server-timing cfL4;desc="?proto=QUIC&rtt=37090&sent=14&recv=11&lost=0&retrans=0&sent_bytes=4234&recv_bytes=4562&delivery_rate=358&cwnd=12000&unsent_bytes=0&cid=04cf31accc9d8118&ts=627&x=1" cfHdrFlush;dur=0 vary Accept-Encoding
GET H2	200	other_ad_post_track_click tfoa.cztf.link/open_api/facebook/post/	52 B 291 B	1408ms 388ms	XHR application/json	3.22.231.231
General Check archive.org Show headers Download Go to Full URL https://tfoa.cztf.link/open_api/facebook/post/other_ad_post_track_click?label=1755248_1731445754688_95_0&ip_address=31.204.152.205&user_agent=Mozilla/5.0%20(X11;%20Linux%20x86_64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/130.0.0.0%20Safari/537.36&source=H5BRAPK2GG&click_time=1731589459820 Requested by Host: bet7ks.com URL: https://bet7ks.com/19f06mel?label=1755248_1731445754688_95_0 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 3.22.231.231 Columbus, United States, ASN (), Reverse DNS ec2-3-22-231-231.us-east-2.compute.amazonaws.com Software nginx / Resource Hash Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://bet7ks.com/ Response headers access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization access-control-allow-origin * content-length 52 date Thu, 14 Nov 2024 13:04:20 GMT content-type application/json server nginx access-control-allow-methods GET, POST, OPTIONS
GET H3	200	favicon.ico bet7ks.com/	11 KB 4 KB	704ms 703ms	Other text/html	188.114.97.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bet7ks.com/favicon.ico Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://bet7ks.com/19f06mel?label=1755248_1731445754688_95_0 Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding zstd cf-cache-status EXPIRED report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BVQpBK7NsVtv9LZFDyDSLMF2PZab0R120J%2B1Yw8y7MvWf0RaoaX47GRn4%2BBrL6qNDuzd%2BWflLb%2F7nDj5jhcJt6QmS8VJ8watn1C6TIHonhWWTkSpNPdrFqUS44bp"}],"group":"cf-nel","max_age":604800} cf-ray 8e2734ec3e8e6565-AMS alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=31801&sent=20&recv=15&lost=0&retrans=0&sent_bytes=8935&recv_bytes=5059&delivery_rate=258729&cwnd=12000&unsent_bytes=0&cid=04cf31accc9d8118&ts=1694&x=1", cfHdrFlush;dur=0 date Thu, 14 Nov 2024 13:04:20 GMT content-type text/html; charset=UTF-8 vary Accept-Encoding server cloudflare last-modified Thu, 14 Nov 2024 13:04:20 GMT
GET H3	200	Primary Request fbkpl200-index-7211 Show response play.googleplaystories.com/fi/	17 KB 6 KB	1153ms 766ms	Document text/html	172.67.174.38 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://play.googleplaystories.com/fi/fbkpl200-index-7211?&apkch=H5BRAPK2GG&gt=halloween&ip=31.204.152.205 Requested by Host: bet7ks.com URL: https://bet7ks.com/19f06mel?label=1755248_1731445754688_95_0 Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.174.38 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 96629d485ccf674943068eebd6569fc182c84d934ae06828f9f1f3a5d2bc3660 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://bet7ks.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers access-control-allow-origin * alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 8e2734f228530132-AMS content-encoding zstd content-type text/html; charset=UTF-8 date Thu, 14 Nov 2024 13:04:21 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} priority u=0,i report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7Drx9LEhCVRLSKNw5dNGZk79Xb4YbenGWAoP8%2B8DYYWnAmmQa39szKKyPHkqZEjT2pbja1RCPTJ6qpIjq1ACZ2Wdatnt62%2BPjhvdpVRjD4CxqFmj9YTo4QjXKp8wqBrG11R%2BIv0vDSe2hYBXtA%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare server-timing cfL4;desc="?proto=QUIC&rtt=54526&sent=13&recv=11&lost=0&retrans=0&sent_bytes=4207&recv_bytes=4602&delivery_rate=333&cwnd=12000&unsent_bytes=0&cid=86125df50709c47a&ts=799&x=1" cfExtPri cfHdrFlush;dur=0 strict-transport-security max-age=31536000 vary Accept-Encoding
GET H3	200	fbpixels_pl.js Show response play.googleplaystories.com/fb/	14 KB 6 KB	155ms 130ms	Script application/javascript	172.67.174.38 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://play.googleplaystories.com/fb/fbpixels_pl.js Requested by Host: play.googleplaystories.com URL: https://play.googleplaystories.com/fi/fbkpl200-index-7211?&apkch=H5BRAPK2GG&gt=halloween&ip=31.204.152.205 Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.174.38 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2caa59aad2fae2bc4b4d1510b6478b955cbed9156a96faeb17e2dfa5071e4ae0 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://play.googleplaystories.com/fi/fbkpl200-index-7211?&apkch=H5BRAPK2GG&gt=halloween&ip=31.204.152.205 Response headers content-encoding gzip cf-cache-status HIT etag W/"65b74cc5-391b" age 18514 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8kavUzmUoHfUPagWggJRSnXGd6R2YbBQEvNTiWm8m0vXVfg%2B04nW3MFI8Zxyp%2ByblSc3iDr0mMPNVsdgi0ya3bkBOvnjxGjiBlr8usEegxEkUDzcuEgatBPLYzG839dwp%2FFFmVV%2FRpaPTpxfww%3D%3D"}],"group":"cf-nel","max_age":604800} expires Thu, 14 Nov 2024 19:55:47 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=86231&sent=32&recv=17&lost=0&retrans=1&sent_bytes=24237&recv_bytes=5570&delivery_rate=14089&cwnd=12000&unsent_bytes=0&cid=86125df50709c47a&ts=1316&x=1", cfExtPri, cfHdrFlush;dur=18 date Thu, 14 Nov 2024 13:04:21 GMT content-type application/javascript last-modified Mon, 29 Jan 2024 06:59:17 GMT vary Accept-Encoding priority u=1,i=?0 strict-transport-security max-age=31536000 cache-control max-age=43200 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8e2734f81e810132-AMS server cloudflare
GET H3	200	img_guide_30.jpg play.googleplaystories.com/fi/VerticalGame/images/	14 KB 15 KB	143ms 131ms	Image image/jpeg	172.67.174.38 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://play.googleplaystories.com/fi/VerticalGame/images/img_guide_30.jpg Requested by Host: play.googleplaystories.com URL: https://play.googleplaystories.com/fi/fbkpl200-index-7211?&apkch=H5BRAPK2GG&gt=halloween&ip=31.204.152.205 Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.174.38 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dce2be644928985389d27a81d1de7e3aba6f566e844882507f8aa19d3f967ad7 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://play.googleplaystories.com/fi/fbkpl200-index-7211?&apkch=H5BRAPK2GG&gt=halloween&ip=31.204.152.205 Response headers cf-cache-status HIT etag "6564563e-37b8" age 2115295 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eCmhIB4Q1t0hF86R%2B8Aou35Lz5U1Av2ikHBfn0DP2cN5OZzsuFWGevJLCo0TYB4dgW2snt6QRTDwhz7NrfCt595QrK59VLmWpWZaoMaPpycF%2FvkX6dus1hQpbmJi9cByEtsBKW3Y8PGBJt9TmA%3D%3D"}],"group":"cf-nel","max_age":604800} expires Wed, 20 Nov 2024 01:29:26 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=86231&sent=22&recv=17&lost=0&retrans=1&sent_bytes=12237&recv_bytes=5570&delivery_rate=14089&cwnd=12000&unsent_bytes=0&cid=86125df50709c47a&ts=1308&x=1", cfExtPri, cfHdrFlush;dur=0 date Thu, 14 Nov 2024 13:04:21 GMT content-type image/jpeg last-modified Mon, 27 Nov 2023 08:41:34 GMT vary Accept-Encoding priority u=2,i strict-transport-security max-age=31536000 cache-control max-age=2592000 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8e2734f81e820132-AMS accept-ranges bytes content-length 14264 server cloudflare
GET H2	200	js Show response www.googletagmanager.com/gtag/	322 KB 108 KB	597ms 117ms	Script application/javascript	2a00:1450:4001:827::2008
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-9F1D5EEMX8 Requested by Host: play.googleplaystories.com URL: https://play.googleplaystories.com/fi/fbkpl200-index-7211?&apkch=H5BRAPK2GG&gt=halloween&ip=31.204.152.205 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2008 -, , ASN (), Reverse DNS Software Google Tag Manager / Resource Hash 00b2156305ff886340f9996b4989073cf45bf5526b53cce0ebe81ad576f4bf0b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://play.googleplaystories.com/ Response headers content-encoding br report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],} expires Thu, 14 Nov 2024 13:04:23 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Thu, 14 Nov 2024 13:04:23 GMT content-type application/javascript; charset=UTF-8 vary Accept-Encoding access-control-allow-headers Cache-Control strict-transport-security max-age=31536000; includeSubDomains cache-control private, max-age=900 cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0 access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 109530 x-xss-protection 0 server Google Tag Manager
GET		index.html play.googleplaystories.com/fi/VerticalGame/game_tiger_vertical_v5_fixwhile/ Frame C2CB	0 0
GET H3	200	index.html Show response play.googleplaystories.com/fi/VerticalGame/game_halloween_vertical_v3_style_upgrade/ Frame C2CB	4 KB 2 KB	544ms 521ms	Document text/html	172.67.174.38 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://play.googleplaystories.com/fi/VerticalGame/game_halloween_vertical_v3_style_upgrade/index.html Requested by Host: play.googleplaystories.com URL: https://play.googleplaystories.com/fi/fbkpl200-index-7211?&apkch=H5BRAPK2GG&gt=halloween&ip=31.204.152.205 Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.174.38 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b49a199372418b74d69e9c8ebe6717eb6464e5bb7b9872937149b2c9a17a09ce Request headers Referer https://play.googleplaystories.com/fi/fbkpl200-index-7211?&apkch=H5BRAPK2GG&gt=halloween&ip=31.204.152.205 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers access-control-allow-origin * alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 8e273502193e0132-AMS content-encoding zstd content-type text/html date Thu, 14 Nov 2024 13:04:23 GMT last-modified Sat, 20 Apr 2024 02:03:57 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} priority u=0,i report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I9EprdjPCfc0jyAnkco6d2lsWtgWIVWgqah4OdJ07H%2FNwIsicBYKuJ3SBwZLzuFTCb4N1YHQaGtrkIQeT8M48Q9i2uldcJ0RigikWEynf5UVu3XOkxV3hhwZAfSZ3wKZF9I3l94LzzsK7UxteA%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare server-timing cfL4;desc="?proto=QUIC&rtt=35083&sent=71&recv=43&lost=14&retrans=15&sent_bytes=66275&recv_bytes=8402&delivery_rate=560907&cwnd=16800&unsent_bytes=0&cid=86125df50709c47a&ts=3311&x=1" cfExtPri cfHdrFlush;dur=0 vary Accept-Encoding
POST H3	200	pageevent Show response play.googleplaystories.com/log/	0 647 B	585ms 529ms	XHR text/plain	172.67.174.38 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://play.googleplaystories.com/log/pageevent Requested by Host: play.googleplaystories.com URL: https://play.googleplaystories.com/fb/fbpixels_pl.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.174.38 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Referer https://play.googleplaystories.com/fi/fbkpl200-index-7211?&apkch=H5BRAPK2GG&gt=halloween&ip=31.204.152.205 Response headers nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding gzip cf-cache-status DYNAMIC report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wYTjhI4iKprCb3cZ93veRCpj1mAtBsjAuuAtdldd6pByfC0wVYdb5qHIdwo2cgcd82Xeenr%2BrydTNFhLzxRtpQegMmcv%2Fl6Omf5yv3eDmHD96VdTVffOs5KEQpJOfgdvAffS0OuGqttNQZYmRg%3D%3D"}],"group":"cf-nel","max_age":604800} access-control-allow-methods GET,POST,OPTIONS cf-ray 8e27350219340132-AMS access-control-allow-origin * alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=35083&sent=73&recv=43&lost=14&retrans=15&sent_bytes=68581&recv_bytes=8402&delivery_rate=560907&cwnd=16800&unsent_bytes=0&cid=86125df50709c47a&ts=3378&x=1", cfExtPri, cfHdrFlush;dur=0 date Thu, 14 Nov 2024 13:04:23 GMT content-type text/plain;charset=utf-8 vary Accept-Encoding server cloudflare priority u=1,i
GET H3	200	fbevents.js Show response connect.facebook.net/en_US/	239 KB 61 KB	362ms 75ms	Script application/x-javascript	157.240.253.1
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: play.googleplaystories.com URL: https://play.googleplaystories.com/fb/fbpixels_pl.js Protocol H3 Security QUIC, , AES_128_GCM Server 157.240.253.1 -, , ASN (), Reverse DNS Software / Resource Hash 527bf3dacc5eb62211130fe4bf315c682861320ab25b4aa2efe6ea87a760db8c Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: *;script-src 'nonce-sriAdBNS' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://play.googleplaystories.com/ Response headers content-encoding gzip report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} x-content-type-options nosniff expires Sat, 01 Jan 2000 00:00:00 GMT alt-svc h3=":443"; ma=86400 date Thu, 14 Nov 2024 13:04:23 GMT content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" priority u=3,i x-frame-options DENY strict-transport-security max-age=31536000; preload; includeSubDomains reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" content-security-policy default-src 'self' data: blob: *;script-src 'nonce-sriAdBNS' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; cache-control public, max-age=1200 timing-allow-origin * cross-origin-opener-policy same-origin-allow-popups x-fb-connection-quality EXCELLENT; q=0.9, rtt=45, rtx=4, c=4, mss=1232, tbw=9653, tp=15, tpl=4, uplat=0, ullat=-1 pragma public x-fb-debug yF9cmM3a+qbUHJDiop99thmjYCWKXdPxrV3mN1ESheM94crq57foUVlHgg6OR76sBedlZFSVQUbOvb4eArpV6A== cross-origin-resource-policy cross-origin permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" x-fb-optimizer 1 document-policy force-load-at-top content-length 62107 x-xss-protection 0 origin-agent-cluster ?1
GET H3	200	fp.min.js Show response play.googleplaystories.com/fb/js/	33 KB 16 KB	199ms 174ms	Script application/javascript	172.67.174.38 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://play.googleplaystories.com/fb/js/fp.min.js Requested by Host: play.googleplaystories.com URL: https://play.googleplaystories.com/fb/fbpixels_pl.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.174.38 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 99dc3803d1f19c8103f79f834044b2afd4c8af5b7927efbd36b1052d528b40ae Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://play.googleplaystories.com/fi/fbkpl200-index-7211?&apkch=H5BRAPK2GG&gt=halloween&ip=31.204.152.205 Response headers content-encoding gzip cf-cache-status HIT etag W/"658ad355-83f4" age 10273 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oVC%2FpACPa88urbAtSMP15z1LteMEPWDpviMUSClmjPEiYhwfFCFpRLzu69IuMzIGQtp%2Br6CYI%2FuyhMc2ydS4i9H1HMQxBMW3cUjFzBqKA%2FjCx1RwUpgJIKH32DK8jx5AHNenjXv%2B0bWqrGZreg%3D%3D"}],"group":"cf-nel","max_age":604800} expires Thu, 14 Nov 2024 22:13:10 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=47416&sent=42&recv=32&lost=0&retrans=1&sent_bytes=33678&recv_bytes=7818&delivery_rate=435320&cwnd=24000&unsent_bytes=0&cid=86125df50709c47a&ts=2903&x=1", cfExtPri, cfHdrFlush;dur=0 date Thu, 14 Nov 2024 13:04:23 GMT content-type application/javascript last-modified Tue, 26 Dec 2023 13:21:25 GMT vary Accept-Encoding priority u=3,i=?0 strict-transport-security max-age=31536000 cache-control max-age=43200 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8e27350219390132-AMS server cloudflare
GET H3	200	style-mobile.8e878.css play.googleplaystories.com/fi/VerticalGame/game_halloween_vertical_v3_style_upgrade/ Frame C2CB	3 KB 2 KB	63ms 60ms	Stylesheet text/css	172.67.174.38 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://play.googleplaystories.com/fi/VerticalGame/game_halloween_vertical_v3_style_upgrade/style-mobile.8e878.css Requested by Host: play.googleplaystories.com URL: https://play.googleplaystories.com/fi/VerticalGame/game_halloween_vertical_v3_style_upgrade/index.html Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.174.38 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 514f4510b5cafe303cfd5f2c33471d5c0c33893a6a18d51f4e5f0c24035d0480 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://play.googleplaystories.com/fi/VerticalGame/game_halloween_vertical_v3_style_upgrade/index.html Response headers content-encoding gzip cf-cache-status HIT etag W/"662235cf-a05" age 18514 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0731b6g7Ca%2Bexvtgi%2FG2ggYY%2FmnmJJ7L7s%2FHbFsl7MJf7eRGqT4adE8Zlzrlzd803dMB1XKomUzt1utcH6A8Av%2Bqmxr5f8LHnvXKtXDtE1%2BggqOxPnVztTKlI%2Fr7YGgxFkLFhWtA9S0CbEQjjg%3D%3D"}],"group":"cf-nel","max_age":604800} expires Thu, 14 Nov 2024 19:55:49 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=41838&sent=75&recv=48&lost=14&retrans=15&sent_bytes=69275&recv_bytes=9707&delivery_rate=32821&cwnd=16800&unsent_bytes=0&cid=86125df50709c47a&ts=3555&x=1", cfExtPri, cfHdrFlush;dur=0 date Thu, 14 Nov 2024 13:04:24 GMT content-type text/css last-modified Fri, 19 Apr 2024 09:13:51 GMT vary Accept-Encoding priority u=0,i=?0 strict-transport-security max-age=31536000 cache-control max-age=43200 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8e2735061d8b0132-AMS server cloudflare
GET		settings.20222.js play.googleplaystories.com/fi/VerticalGame/game_halloween_vertical_v3_style_upgrade/src/ Frame C2CB	0 0
GET		main.b4956.js play.googleplaystories.com/fi/VerticalGame/game_halloween_vertical_v3_style_upgrade/ Frame C2CB	0 0
GET		657270766514744 connect.facebook.net/signals/config/	0 0
GET		splash.efb3a.png play.googleplaystories.com/fi/VerticalGame/game_halloween_vertical_v3_style_upgrade/ Frame C2CB	0 0
POST H2	204	collect region1.google-analytics.com/g/	0 0	2202ms 80ms	Fetch text/plain	2001:4860:4802:34::36
General Check archive.org Show headers Download Go to Full URL https://region1.google-analytics.com/g/collect?v=2&tid=G-9F1D5EEMX8&gtm=45je4bc0v9176027292za200&_p=1731589463226&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102077855&cid=377743385.1731589464&ul=nl-nl&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1731589464&sct=1&seg=0&dl=https%3A%2F%2Fplay.googleplaystories.com%2Ffi%2Ffbkpl200-index-7211%3F%26apkch%3DH5BRAPK2GG%26gt%3Dhalloween%26ip%3D31.204.152.205&dr=https%3A%2F%2Fbet7ks.com%2F&dt=Fortune%20Tigers%202024&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=4237 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-9F1D5EEMX8 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:34::36 -, , ASN (), Reverse DNS Software Golfe2 / Resource Hash Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://play.googleplaystories.com/ Response headers cache-control no-cache, no-store, must-revalidate pragma no-cache cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0 report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],} expires Fri, 01 Jan 1990 00:00:00 GMT access-control-allow-origin https://play.googleplaystories.com cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Thu, 14 Nov 2024 13:04:26 GMT content-type text/plain server Golfe2
POST H2	204	collect region1.google-analytics.com/g/	0 0	92ms 52ms	Fetch text/plain	2001:4860:4802:34::36
General Check archive.org Show headers Download Go to Full URL https://region1.google-analytics.com/g/collect?v=2&tid=G-9F1D5EEMX8&gtm=45je4bc0v9176027292za200&_p=1731589463226&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102077855&cid=377743385.1731589464&ul=nl-nl&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1731589464&sct=1&seg=0&dl=https%3A%2F%2Fplay.googleplaystories.com%2Ffi%2Ffbkpl200-index-7211%3F%26apkch%3DH5BRAPK2GG%26gt%3Dhalloween%26ip%3D31.204.152.205&dr=https%3A%2F%2Fbet7ks.com%2F&dt=Fortune%20Tigers%202024&en=scroll&epn.percent_scrolled=90&_et=5&tfd=9308 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-9F1D5EEMX8 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:34::36 -, , ASN (), Reverse DNS Software Golfe2 / Resource Hash Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://play.googleplaystories.com/ Response headers cache-control no-cache, no-store, must-revalidate pragma no-cache cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0 report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],} expires Fri, 01 Jan 1990 00:00:00 GMT access-control-allow-origin https://play.googleplaystories.com cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Thu, 14 Nov 2024 13:04:29 GMT content-type text/plain server Golfe2

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

play.googleplaystories.com

URL

https://play.googleplaystories.com/fi/VerticalGame/game_tiger_vertical_v5_fixwhile/index.html

Domain

play.googleplaystories.com

URL

https://play.googleplaystories.com/fi/VerticalGame/game_halloween_vertical_v3_style_upgrade/src/settings.20222.js

Domain

play.googleplaystories.com

URL

https://play.googleplaystories.com/fi/VerticalGame/game_halloween_vertical_v3_style_upgrade/main.b4956.js

Domain

connect.facebook.net

URL

https://connect.facebook.net/signals/config/657270766514744?v=2.9.176&r=stable&domain=play.googleplaystories.com&hme=872f04a0547459b3285cb03b0d7a47bfde40628f4b386809918a621e2688602f&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113

Domain

play.googleplaystories.com

URL

https://play.googleplaystories.com/fi/VerticalGame/game_halloween_vertical_v3_style_upgrade/splash.efb3a.png

49 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 number| initTime object| pixels string| paste function| load_pixel function| getCookie string| fbevapi string| evapi boolean| hasGetFingerprint string| fingerprintValue function| checkFbcAndFbp function| initPixels function| init_facebook_pixels function| copyQilinid function| copyText function| requestEvApi function| submitFBEvent function| pageEventSubmit function| pageDownload function| todoownload function| loadFingerPrintJs function| gtag object| dataLayer function| hide function| show function| closeGoogleMask function| clickDownload function| showDrawer function| hideDrawer object| gameframe function| getQueryStr object| GaemType string| pgame object| downloadimg object| query string| pixel string| apkch function| download function| isOKJson function| btnclick function| todoPostPageEvent function| fbq function| _fbq string| download_url object| FingerprintJS object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.googleplaystories.com/	1970-01-21 10:35:49	Name: _ga Value: GA1.1.377743385.1731589464
			.googleplaystories.com/	1970-01-21 10:35:49	Name: _ga_9F1D5EEMX8 Value: GS1.1.1731589464.1.0.1731589464.0.0.0

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: https://play.googleplaystories.com/fi/fbkpl200-index-7211?&apkch=H5BRAPK2GG&gt=halloween&ip=31.204.152.205 Message: [GroupMarkerNotSet(crbug.com/242999)!:A070720114360000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bet7ks.com
connect.facebook.net
play.googleplaystories.com
region1.google-analytics.com
tfoa.cztf.link
www.googletagmanager.com
connect.facebook.net
play.googleplaystories.com
157.240.253.1
172.67.174.38
188.114.97.3
2001:4860:4802:34::36
2a00:1450:4001:827::2008
3.22.231.231
00b2156305ff886340f9996b4989073cf45bf5526b53cce0ebe81ad576f4bf0b
2caa59aad2fae2bc4b4d1510b6478b955cbed9156a96faeb17e2dfa5071e4ae0
514f4510b5cafe303cfd5f2c33471d5c0c33893a6a18d51f4e5f0c24035d0480
527bf3dacc5eb62211130fe4bf315c682861320ab25b4aa2efe6ea87a760db8c
96629d485ccf674943068eebd6569fc182c84d934ae06828f9f1f3a5d2bc3660
99dc3803d1f19c8103f79f834044b2afd4c8af5b7927efbd36b1052d528b40ae
b49a199372418b74d69e9c8ebe6717eb6464e5bb7b9872937149b2c9a17a09ce
dce2be644928985389d27a81d1de7e3aba6f566e844882507f8aa19d3f967ad7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855