skins.fangames.ro Open in urlscan Pro
2606:4700:3037::6815:14d8 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://skins.fangames.ro/
Submission: On March 24 via api (March 24th 2024, 4:12:31 pm UTC) from US — Scanned from US

Summary HTTP 77 Redirects Behaviour Indicators

Summary

This website contacted 14 IPs in 1 countries across 10 domains to perform 77 HTTP transactions. The main IP is 2606:4700:3037::6815:14d8, located in United States and belongs to CLOUDFLARENET, US. The main domain is skins.fangames.ro.
TLS certificate: Issued by E1 on January 29th 2024. Valid for: 3 months.

This is the only time skins.fangames.ro was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	2606:4700:303... 2606:4700:3037::6815:14d8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a04:4e42:200... 2a04:4e42:200::485	54113 (FASTLY) (FASTLY)
1	2a04:4e42:600... 2a04:4e42:600::649	54113 (FASTLY) (FASTLY)
1	23.46.156.47 23.46.156.47	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
16	2607:f8b0:400... 2607:f8b0:4006:80d::2002	15169 (GOOGLE) (GOOGLE)
2 8	2607:f8b0:400... 2607:f8b0:4006:823::2002	15169 (GOOGLE) (GOOGLE)
9	2607:f8b0:400... 2607:f8b0:4006:81d::2003	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:808::200a	15169 (GOOGLE) (GOOGLE)
18	2607:f8b0:400... 2607:f8b0:4006:80f::2001	15169 (GOOGLE) (GOOGLE)
11	2607:f8b0:400... 2607:f8b0:4006:81c::200e	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:80f::2003	15169 (GOOGLE) (GOOGLE)
1 2	2607:f8b0:400... 2607:f8b0:4006:80e::2004	15169 (GOOGLE) (GOOGLE)
4	142.250.80.66 142.250.80.66	15169 (GOOGLE) (GOOGLE)
77	14

2 2606:4700:3037::6815:14d8 (United States)

ASN13335 (CLOUDFLARENET, US)

skins.fangames.ro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a04:4e42:200::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.46.156.47 (Edison, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-46-156-47.deploy.static.akamaitechnologies.com

steamcommunity-a.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2607:f8b0:4006:80d::2002 (United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2607:f8b0:4006:823::2002 (United States) 2 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2607:f8b0:4006:81d::2003 (United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:808::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2607:f8b0:4006:80f::2001 (United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2607:f8b0:4006:81c::200e (United States)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:80f::2003 (United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:80e::2004 (United States) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.80.66 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s35-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
34	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 143 tpc.googlesyndication.com — Cisco Umbrella Rank: 204	616 KB
13	google.com 1 redirects fundingchoicesmessages.google.com — Cisco Umbrella Rank: 724 www.google.com — Cisco Umbrella Rank: 5	71 KB
11	gstatic.com www.gstatic.com fonts.gstatic.com	180 KB
8	doubleclick.net 2 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 66	138 KB
4	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 168
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 110	4 KB
3	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 437	76 KB
2	fangames.ro skins.fangames.ro	2 KB
1	akamaihd.net steamcommunity-a.akamaihd.net — Cisco Umbrella Rank: 8332	7 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 1217	31 KB
77	10

	Domain	Requested by
18	tpc.googlesyndication.com	googleads.g.doubleclick.net skins.fangames.ro pagead2.googlesyndication.com tpc.googlesyndication.com
16	pagead2.googlesyndication.com	skins.fangames.ro pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
11	fundingchoicesmessages.google.com	pagead2.googlesyndication.com
9	www.gstatic.com	googleads.g.doubleclick.net skins.fangames.ro
8	googleads.g.doubleclick.net	2 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net
4	www.googleadservices.com
3	fonts.googleapis.com	googleads.g.doubleclick.net skins.fangames.ro
3	cdn.jsdelivr.net	skins.fangames.ro
2	www.google.com	1 redirects tpc.googlesyndication.com
2	fonts.gstatic.com	fonts.googleapis.com
2	skins.fangames.ro	skins.fangames.ro
1	steamcommunity-a.akamaihd.net	skins.fangames.ro
1	code.jquery.com	skins.fangames.ro
77	13

This site contains no links.

Subject Issuer	Validity	Valid
fangames.ro E1	`2024-01-29` - `2024-04-28`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-09-27` - `2024-10-28`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
a248.e.akamai.net DigiCert TLS RSA SHA256 2020 CA1	`2023-05-16` - `2024-05-15`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
www.google.com GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh

This page contains 12 frames:

Primary Page: https://skins.fangames.ro/
Frame ID: 2FB0EB49BDADF9F1A537D6D4AB73CE69
Requests: 25 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7261427740228233&output=html&h=280&slotname=1356107601&adk=1754089860&adf=3025194257&pi=t.ma~as.1356107601&w=1200&fwrn=4&fwrnh=100&lmt=1711296747&rafmt=1&format=1200x280&url=https%3A%2F%2Fskins.fangames.ro%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1711296747396&bpp=12&bdt=476&idt=291&shv=r20240320&mjsv=m202403190101&ptt=9&saldr=aa&abxe=1&correlator=4660698204769&frm=20&pv=2&ga_vid=2108778487.1711296748&ga_sid=1711296748&ga_hid=658191912&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=159&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31082032%2C31082033%2C44798934%2C95325421%2C95320377%2C21065725&oid=2&pvsid=2084105026267905&tmod=1824935881&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=313
Frame ID: B4360AE4EBCF3974ECB01C650AAC60E1
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7261427740228233&output=html&adk=1812271804&adf=1573534164&lmt=1711296747&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x675_l%7C500x675_r&format=0x0&url=https%3A%2F%2Fskins.fangames.ro%2F&pra=7&wgl=1&easpi=0&asro=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1711296747408&bpp=1&bdt=488&idt=353&shv=r20240320&mjsv=m202403190101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280&nras=1&correlator=4660698204769&frm=20&pv=1&ga_vid=2108778487.1711296748&ga_sid=1711296748&ga_hid=658191912&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31082032%2C31082033%2C44798934%2C95325421%2C95320377%2C21065725&oid=2&pvsid=2084105026267905&tmod=1824935881&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=363
Frame ID: 38B364C498BCE381A75932B8BD25EA8E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: FA86B12AE8279BCCA525ED95E6CAF41F
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240320/r20110914/zrt_lookup_fy2021.html
Frame ID: 462B256F9AA9B21AEA9547A26A10DA06
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240320/r20110914/zrt_lookup_fy2021.html
Frame ID: 9F837921EEFD35C28D2F765F8FA85F13
Requests: 13 HTTP requests in this frame

Frame: https://www.gstatic.com/mysidia/bc98ee26709eab44c313ae134441fc3c.js?tag=client_fast_engine_2019
Frame ID: 8F522F1D1BB2ED671D65173EBCBF06D4
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/ghSbiK71ebhuxEqc_YnF1-p9wbLv1ze7peYEguTjq34.js
Frame ID: DF4E51292B40EF45361731107ADC29C0
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/ghSbiK71ebhuxEqc_YnF1-p9wbLv1ze7peYEguTjq34.js
Frame ID: 4DFF455483BAA13F424ECCCA618039FA
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/ghSbiK71ebhuxEqc_YnF1-p9wbLv1ze7peYEguTjq34.js
Frame ID: 5F4AD4C92969E53B29A1B0E6A89A58AB
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 0BDE4FE3655AC7F9217D752696559F2F
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C1356C4C9E63F5C22E3F9F883FD39CD8
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

CS2 Simple Weapon Paints

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

77
Requests

97 %
HTTPS

85 %
IPv6

10
Domains

13
Subdomains

14
IPs

1
Countries

1124 kB
Transfer

3365 kB
Size

8
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 27

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 50

https://googleads.g.doubleclick.net/pagead/adview?ai=Cpwm961AAZtOMNMmD998Pud-g0AK4k9XIduHN2__gEmQQASCPusluYMnujovApIwQoAHwiufxAsgBAagDAcgDwwSqBP0BT9B5_gUxxHj3R3tAsoriw3pEpt621-DVPoXf4Sp78xiEXEaXZJmJsLtmqDYQMDwUS4-kwBIQUJvsbUtvm6zoqrHAwSf1q5zxp7XcBAkrWhylO_FTzPNZKG38YL8uUr3_8aQqKimYgTavcUQvNh41tzgK5aofb29HpJuk6oR723tZrcUzUfV6B1c0zCQmYI0Vbp2Jd8kI3dN78XsnyqwCYVgF1U3CPoy2okRlszBbRiyQ3cJux1PhmahIWTYXGz-hU5QVp0zXXfvmxdK5X3Bre4NqRbb89EMG-53ESoebi9JHwSMv_Gbfz5iYOmQ7YIBr_14L5giwUYmrJ5Icq8AEzNnnkMYDiAWi37SeMJIFBAgEGAGSBQQIBRgEoAZmgAf49JiOAagH2baxAqgHr76xAqgH1ckbqAemvhuoB47OG6gHk9gbqAfulrECqAf-nrEC2AcB8gcEEI74SNIIJAiAYRABGB8yAooCOgmAQIDAgICAoChIvf3BOlizuYmWpY2FA5oJFGh0dHA6Ly93d3cudGFsdHouY29tgAoByAsB2gwRCgsQ8PiDscTL2sGUARICAQPYEwyIFAHQFQGYFgGAFwGyFxwKGggAEhRwdWItNzI2MTQyNzc0MDIyODIzMxgAshgJEgL9WxhmIgEA&sigh=uKeJH-s2bs8&uach_m=%5BUACH%5D&ase=2&cid=CAQSTwB7FLtqLKFqxxlgawUAGChnhfpDXsqjNJnMr4CT7YFb9uxhXwLE4JETtay8O978B-pHWXF02URgoM1-zq9D4EdaFE069iUNUcUq_9Z0OKUYAQ&cbvp=2&vis=1&nis=5 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x6c8add2d6b125a530000000000000000%22,%222%22:%220x72e2576b0b7efc6f0000000000000000%22,%223%22:%220x7adad65e08f879ef0000000000000000%22,%224%22:%220x2e54ad8d4b9c81740000000000000000%22,%225%22:%220xb2c56288d368be330000000000000000%22},%22debug_key%22:%2210201167314977322053%22,%22debug_reporting%22:true,%22destination%22:%22https://taltz.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22775538032%22],%2222%22:[%22true%22],%224%22:[%2203-24%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2215388856345958368033%22}&andc=true

Request Chain 55

https://googleads.g.doubleclick.net/pagead/adview?ai=C74Pb61AAZqHONMCH998PhfC74A_U1KfGdqjiq5eVEqmy0MuiDhABII-6yW5gye6Oi8CkjBCgAczw0o0qyAEJqQIr0dUL9CGyPqgDAcgDywSqBPwBT9Bvx2fVlhAgSyi-piApgwXKRPT_yzo5TDq9y-fEhStib7eJWpxxeTu8NjjJuwvEenQhIK6XraA7OAh23FszYrfF4dKE-Zc2BsXICMkNHbBH_MtVQymy4i8jgvwjrtZ3LnAS5Eo1zHRrzYRkgOztsikJDl_Yc3kOLUuDlvo8Fwfmsl2Dj0oL-Nri_G0PDhmrjziwn9oTwa7ki12mOrjELe3XjVeEVHIioDB_SR2VbtJBDONwaYaQvxJ0UfYBLaZNDzPp0_d5OnT7VWnAl4NTBiPb_VgTSSoUrQhGYLdwh-eauLE3dPrtK6j60Jc8CG3dmpKFVM2k9EucjZshwASLncOz1ASIBbDKjNBOkgUECAQYAZIFBAgFGASgBi6AB8yoo-0EqAfZtrECqAevvrECqAfVyRuoB6a-G6gHjs4bqAeT2BuoB-6WsQKoB_6esQLYBwDyBwQQ3JwD0ggkCIBhEAEYHzICigI6CYBAgMCAgICgKEi9_cE6WMrZiZaljYUDmgnEAWh0dHBzOi8vdXMuYWxkaXNjb3Zlci5jb20vZHNyP3E9YmVzdCUyMGhlYXRpbmclMjBhbmQlMjBhaXIlMjBjb25kaXRpb25pbmclMjBzZXJ2aWNlJTIwbmVhciUyMG1lJmFzaWQ9YWRfY2gyNzImZGU9YyZyYWM9YmVzdCUyMGhlYXRpbmclMjBhbmQlMjBhaXIlMjBjb25kaXRpb25pbmclMjBzZXJ2aWNlJTIwbmVhciUyMG1lJnNjbGlkPTAtMjQzMzSACgHICwHaDBAKChDA8dHWgJjnxlMSAgED2BMM0BUBgBcBshccChoIABIUcHViLTcyNjE0Mjc3NDAyMjgyMzMYALIYCRICslEYLiIBAA&sigh=KWvohr0dysA&uach_m=%5BUACH%5D&ase=2&cid=CAQSTgB7FLtq4ZpHhms17Rl4WyxXReFZXYRRvGpuRBq7bWDYmngugNxx4y1W_MpktuJekt7i_nXiVcOKtWa7rFkpeedqcngAbr-ZtLKjV26LdhgB&template_id=5000&cbvp=2&vis=1&nis=5 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x7a5bf599987506830000000000000000%22,%222%22:%220xe834f882f01993450000000000000000%22,%223%22:%220x26566fbc54f435c00000000000000000%22,%224%22:%220x24c886e72f09bbd90000000000000000%22,%225%22:%220xdebb647f0cece5d60000000000000000%22},%22debug_key%22:%2214573990857821499080%22,%22debug_reporting%22:true,%22destination%22:%22https://aldiscover.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211302910028%22],%2222%22:[%22true%22],%224%22:[%2203-24%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%224475941519854601569%22}&andc=true

77 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
skins.fangames.ro/ 2 KB
1 KB 752ms
339ms Document
text/html 2606:4700:3037::6815:14d8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://skins.fangames.ro/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:14d8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 500ec597440c23967fdce49a1b1a2273eee768855d2b80ea5f62a483fb682660

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8697f15a280f4bc7-BUF
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 24 Mar 2024 16:12:26 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CQLii5S0tJobrMy3FfTy6uAOPVz%2FvY1hFUTgPRmUNP86vWD%2BpzKQTjCkDPE%2BpSuOtO7FA%2BQ4W0o1uPb1ws%2BzzIRM197h%2FsswVvZXe0SrqOECo3Edq8zJW2t2Vnj9OyYwLi81ojCwcZbaOqs5HT7MBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.3.2/dist/css/ 227 KB
35 KB 89ms
26ms Stylesheet
text/css 2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.3.2/dist/css/bootstrap.min.css

Requested by

Host: skins.fangames.ro
URL: https://skins.fangames.ro/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

3017df4a76db5f01c2b99b603d88b03106df13bcfe18e67b7c13c2341d3a67df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://skins.fangames.ro/
Origin: https://skins.fangames.ro
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 24 Mar 2024 16:12:26 GMT
x-content-type-options: nosniff
content-encoding: br
age: 2417875
x-jsd-version: 5.3.2
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 34902
x-served-by: cache-fra-etou8220083-FRA, cache-nyc-kteb1890095-NYC
x-jsd-version-type: version
etag: W/"38df4-HxOZgbm0enZu+gphu3ito1HxbEs"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 bootstrap.bundle.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@5.3.2/dist/js/ 79 KB
25 KB 86ms
26ms Script
application/javascript 2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.3.2/dist/js/bootstrap.bundle.min.js

Requested by

Host: skins.fangames.ro
URL: https://skins.fangames.ro/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

82f64f62bb03c1bc1824b0f9c9e05f70dba33e146818e63cdf5c306c8cf3dedd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://skins.fangames.ro/
Origin: https://skins.fangames.ro
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 24 Mar 2024 16:12:26 GMT
x-content-type-options: nosniff
content-encoding: br
age: 1506836
x-jsd-version: 5.3.2
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 25109
x-served-by: cache-fra-etou8220085-FRA, cache-nyc-kteb1890095-NYC
x-jsd-version-type: version
etag: W/"13b17-9/0PPchLLPk7+B6DJQWmc/NU4KM"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 jquery-3.6.4.min.js Show response
code.jquery.com/ 88 KB
31 KB 134ms
27ms Script
application/javascript 2a04:4e42:600::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.4.min.js
Requested by: Host: skins.fangames.ro
URL: https://skins.fangames.ro/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: a0fe8723dcf55da64d06b25446d0a8513e52527c45afcb37073465f9c6f352af

Request headers

accept-language: en-US,en;q=0.9
Referer: https://skins.fangames.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 24 Mar 2024 16:12:27 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 16494548
x-cache: HIT, HIT
content-length: 31011
x-served-by: cache-lga21953-LGA, cache-nyc-kteb1890045-NYC
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1711296747.046169,VS0,VE0
etag: W/"28feccc0-15ec3"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 140, 22756

GET
H2 200 bootstrap.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/js/ 62 KB
16 KB 86ms
27ms Script
application/javascript 2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/js/bootstrap.min.js

Requested by

Host: skins.fangames.ro
URL: https://skins.fangames.ro/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

edd03b96ae4ff7886406c59d7dfeeaa1b624a7da297bf2f92d0cb6b7f9633cba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://skins.fangames.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 24 Mar 2024 16:12:26 GMT
x-content-type-options: nosniff
content-encoding: br
age: 28302553
x-jsd-version: 4.6.0
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 16235
x-served-by: cache-fra-eddf8230032-FRA, cache-lga21977-LGA
x-jsd-version-type: version
etag: W/"f7eb-O+7WjtfXU8a/T2HCY4bd15KboDA"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 style.css
skins.fangames.ro/ 219 B
542 B 316ms
315ms Stylesheet
text/css 2606:4700:3037::6815:14d8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://skins.fangames.ro/style.css
Requested by: Host: skins.fangames.ro
URL: https://skins.fangames.ro/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:14d8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e4af6f8b8587bcbcc70cde1cf0d4a56254ccc8e851178ce6e6af55f75fda3054

Request headers

accept-language: en-US,en;q=0.9
Referer: https://skins.fangames.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 24 Mar 2024 16:12:27 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 15 Feb 2024 05:37:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tWcLpo0wLSz4tF%2BQS2hMyVUkSoWkIxydVpV1p4aMQlT99XQ3xkbCKZDq%2Bh1baZYBZKnvnO%2BKg8utKpkv0XsUHYxTEeyk3H6aZ0Xe9DYrgXlMZtlYgGZ15MiaAsFvASmMdnPbhCNOtu9mgaBM2kHy8A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 8697f15c59294bc7-BUF
alt-svc: h3=":443"; ma=86400
expires: Sun, 31 Mar 2024 16:12:24 GMT

GET
H/1.1 200
OK sits_01.png
steamcommunity-a.akamaihd.net/public/images/signinthroughsteam/ 6 KB
7 KB 167ms
36ms Image
image/png 23.46.156.47
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://steamcommunity-a.akamaihd.net/public/images/signinthroughsteam/sits_01.png
Requested by: Host: skins.fangames.ro
URL: https://skins.fangames.ro/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.46.156.47 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-46-156-47.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: bbd5d8ac0c737fccca946009a5eb7cb33605fca2bb5c259807a117f9f2cb193f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://skins.fangames.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Sun, 24 Mar 2024 16:12:27 GMT
Last-Modified: Fri, 05 Jan 2018 01:34:50 GMT
Server: nginx
ETag: "5a4ed63a-19c3"
Content-Type: image/png
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6595

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 144 KB
50 KB 186ms
104ms Script
text/javascript 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: skins.fangames.ro
URL: https://skins.fangames.ro/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

466294addc0daa3ca48ae1100d92dba791d13dc1c03c269ded91ad7a3af5b63a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://skins.fangames.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 24 Mar 2024 16:12:27 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51102
x-xss-protection: 0
server: cafe
etag: 12025397778426525831
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Sun, 24 Mar 2024 16:12:27 GMT

GET
H2 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403190101/ 407 KB
138 KB 122ms
121ms Script
text/javascript 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403190101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

12f97619084f4bcc7397a49ee2ac3db527b5b0cd50a217b38871be0dbcb3b6e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://skins.fangames.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 24 Mar 2024 16:12:27 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 141396
x-xss-protection: 0
server: cafe
etag: 12295422306578701900
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sun, 24 Mar 2024 16:12:27 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B436 136 KB
44 KB 597ms
519ms Document
text/html 2607:f8b0:4006:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7261427740228233&output=html&h=280&slotname=1356107601&adk=1754089860&adf=3025194257&pi=t.ma~as.1356107601&w=1200&fwrn=4&fwrnh=100&lmt=1711296747&rafmt=1&format=1200x280&url=https%3A%2F%2Fskins.fangames.ro%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1711296747396&bpp=12&bdt=476&idt=291&shv=r20240320&mjsv=m202403190101&ptt=9&saldr=aa&abxe=1&correlator=4660698204769&frm=20&pv=2&ga_vid=2108778487.1711296748&ga_sid=1711296748&ga_hid=658191912&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=159&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31082032%2C31082033%2C44798934%2C95325421%2C95320377%2C21065725&oid=2&pvsid=2084105026267905&tmod=1824935881&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=313

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403190101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2a51438101c7356ef03190cf5da3d3e49f17d8336807b834dc3d5f249e273ad5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://skins.fangames.ro/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 44562
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 24 Mar 2024 16:12:28 GMT
expires: Sun, 24 Mar 2024 16:12:28 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 38B3 378 KB
86 KB 784ms
765ms Document
text/html 2607:f8b0:4006:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7261427740228233&output=html&adk=1812271804&adf=1573534164&lmt=1711296747&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x675_l%7C500x675_r&format=0x0&url=https%3A%2F%2Fskins.fangames.ro%2F&pra=7&wgl=1&easpi=0&asro=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1711296747408&bpp=1&bdt=488&idt=353&shv=r20240320&mjsv=m202403190101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280&nras=1&correlator=4660698204769&frm=20&pv=1&ga_vid=2108778487.1711296748&ga_sid=1711296748&ga_hid=658191912&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31082032%2C31082033%2C44798934%2C95325421%2C95320377%2C21065725&oid=2&pvsid=2084105026267905&tmod=1824935881&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=363

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403190101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

31641b8143c10b2aa32ef71e41732e356efc107e8eb32b187503819a0cdcd7c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://skins.fangames.ro/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 87632
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 24 Mar 2024 16:12:28 GMT
expires: Sun, 24 Mar 2024 16:12:28 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 84d2527241fb8c00ce4670060c5f1154.js Show response
www.gstatic.com/mysidia/ Frame B436 9 KB
4 KB 134ms
36ms Script
text/javascript 2607:f8b0:4006:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/84d2527241fb8c00ce4670060c5f1154.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7261427740228233&output=html&h=280&slotname=1356107601&adk=1754089860&adf=3025194257&pi=t.ma~as.1356107601&w=1200&fwrn=4&fwrnh=100&lmt=1711296747&rafmt=1&format=1200x280&url=https%3A%2F%2Fskins.fangames.ro%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1711296747396&bpp=12&bdt=476&idt=291&shv=r20240320&mjsv=m202403190101&ptt=9&saldr=aa&abxe=1&correlator=4660698204769&frm=20&pv=2&ga_vid=2108778487.1711296748&ga_sid=1711296748&ga_hid=658191912&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=159&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31082032%2C31082033%2C44798934%2C95325421%2C95320377%2C21065725&oid=2&pvsid=2084105026267905&tmod=1824935881&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=313

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dda19d2f601c81c0a9188a28302d431e76c49a29f8e0b2d300747b56b5077e71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 08:06:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 374759
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4075
x-xss-protection: 0
last-modified: Thu, 14 Mar 2024 02:02:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 18 Jun 2024 08:06:29 GMT

GET
H2 200 534b6244760e225e5632b0e97be0eee4.js Show response
www.gstatic.com/mysidia/ Frame B436 11 KB
5 KB 134ms
37ms Script
text/javascript 2607:f8b0:4006:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/534b6244760e225e5632b0e97be0eee4.js?tag=text/vanilla_highlight

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

93bad8226232bc778eddb09b8fd7147d6dc6011a8d9d9a399ffb42287fe5671b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 07:55:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 375428
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4570
x-xss-protection: 0
last-modified: Mon, 18 Mar 2024 23:16:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 18 Jun 2024 07:55:20 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame B436 14 KB
2 KB 147ms
50ms Stylesheet
text/css 2607:f8b0:4006:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:808::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a6ee58f60c407b083623fdc4586ae66d10f4586920a825a74e26762bc262eefd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 24 Mar 2024 16:12:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 24 Mar 2024 14:39:43 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 24 Mar 2024 16:12:28 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240320/r20110914/client/ Frame B436 2 KB
875 B 31ms
30ms Script
text/javascript 2607:f8b0:4006:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240320/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 23 Mar 2024 22:21:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64261
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 06 Apr 2024 22:21:27 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240320/r20110914/ Frame B436 23 KB
9 KB 33ms
32ms Script
text/javascript 2607:f8b0:4006:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240320/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5a23d8b3f234337a66c42065409ea946a4700a68fb92775125a176ec9520c82f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 23 Mar 2024 22:21:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64261
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9106
x-xss-protection: 0
server: cafe
etag: 8408112003982630589
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 06 Apr 2024 22:21:27 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240320/r20110914/client/ Frame B436 3 KB
1 KB 31ms
29ms Script
text/javascript 2607:f8b0:4006:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240320/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 23 Mar 2024 22:21:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64261
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 06 Apr 2024 22:21:27 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240320/r20110914/client/ Frame B436 20 KB
9 KB 127ms
30ms Script
text/javascript 2607:f8b0:4006:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240320/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

04fa4fe54665cacb0d30e028747b0a15046d5152d4295250380bcd5569e7c664

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 23 Mar 2024 22:21:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64261
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8355
x-xss-protection: 0
server: cafe
etag: 17564575596476239644
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 06 Apr 2024 22:21:27 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/m202403110101/ Frame B436 207 KB
63 KB 35ms
34ms Script
text/javascript 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/m202403110101/ufs_web_display.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c7eecc42aaae1307d934ee4a0255ba91074704cc6a9af55f2df61d0a29c3f66f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 23 Mar 2024 20:51:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69634
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64189
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 23 Mar 2025 20:51:54 GMT

GET
H2 200 ef5ce9b2b01bfb848267c2a4546556c1.js Show response
www.gstatic.com/mysidia/ Frame B436 36 KB
15 KB 32ms
30ms Script
text/javascript 2607:f8b0:4006:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ef5ce9b2b01bfb848267c2a4546556c1.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6916ab45c343e75147499b9b51efd84eca073fd209f6a520d485e5b2199bf0cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 07:56:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 375337
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15234
x-xss-protection: 0
last-modified: Mon, 18 Mar 2024 23:16:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 18 Jun 2024 07:56:51 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403190101/ 167 KB
56 KB 109ms
109ms Script
text/javascript 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403190101/reactive_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403190101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1afd73c344439fa1bd92896f7a6da5287e8bc436f2e78d0ae18eb27114a1e52c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://skins.fangames.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 24 Mar 2024 16:12:28 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57624
x-xss-protection: 0
server: cafe
etag: 16236201071493766785
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sun, 24 Mar 2024 16:12:28 GMT

GET
H2 200 ca-pub-7261427740228233 Show response
fundingchoicesmessages.google.com/i/ 183 KB
61 KB 156ms
72ms Script
application/javascript 2607:f8b0:4006:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-7261427740228233?ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403190101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9d8efeaf27be598282bf77f449dd8ff146375aed12bd7089b9f074edd1dd4647

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-mzq2e0kQrFi7yHdbzflqPw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://skins.fangames.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 24 Mar 2024 16:12:28 GMT
content-security-policy: script-src 'report-sample' 'nonce-mzq2e0kQrFi7yHdbzflqPw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmJw0pBiOO90h-k6ENcyPGNqBWIDjedMFkD87stLJoGvL5kkgFgLiPnWTWdVAWLD9dNZI4E45vl01hQgdkqfwRoCxD71M1jjgLj15jnW6UB8csF51otALMTD8WZh4wY2gRtbTv9iAgDfGzG1"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame FA86 143 B
228 B 35ms
31ms Document
text/html 2607:f8b0:4006:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7261427740228233&output=html&h=280&slotname=1356107601&adk=1754089860&adf=3025194257&pi=t.ma~as.1356107601&w=1200&fwrn=4&fwrnh=100&lmt=1711296747&rafmt=1&format=1200x280&url=https%3A%2F%2Fskins.fangames.ro%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1711296747396&bpp=12&bdt=476&idt=291&shv=r20240320&mjsv=m202403190101&ptt=9&saldr=aa&abxe=1&correlator=4660698204769&frm=20&pv=2&ga_vid=2108778487.1711296748&ga_sid=1711296748&ga_hid=658191912&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=159&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31082032%2C31082033%2C44798934%2C95325421%2C95320377%2C21065725&oid=2&pvsid=2084105026267905&tmod=1824935881&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=313
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 2728
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 24 Mar 2024 15:27:00 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame B436 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4b42ca4dc1753e9e627a6bb64828bd04f5e6aad6f3f55350245322bb9fac72c7

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame B436 33 KB
34 KB 458ms
34ms Font
font/woff2 2607:f8b0:4006:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 08:51:37 GMT
x-content-type-options: nosniff
age: 372052
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 20 Mar 2025 08:51:37 GMT

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240320/r20110914/ Frame 462B 9 KB
4 KB 42ms
30ms Document
text/html 2607:f8b0:4006:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240320/r20110914/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403190101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df7a397b8ce58f6251a395e02608b4f620e934a958bdfe6702c6f2033593eed0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://skins.fangames.ro/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 76141
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4155
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 23 Mar 2024 19:03:28 GMT
etag: 5035419970550746386
expires: Sat, 06 Apr 2024 19:03:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240320/r20110914/ Frame 9F83 9 KB
4 KB 41ms
31ms Document
text/html 2607:f8b0:4006:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240320/r20110914/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403190101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df7a397b8ce58f6251a395e02608b4f620e934a958bdfe6702c6f2033593eed0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://skins.fangames.ro/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 76141
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4155
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 23 Mar 2024 19:03:28 GMT
etag: 5035419970550746386
expires: Sat, 06 Apr 2024 19:03:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 AGSKWxUJZzf303XvlzMqMSUsRZu46gN1HiTjMpM4ai591sMTmYxavSC5v6xYEY2s8tpIbeoTFBFDn3fRkmVArP49vXLCeD1w3J-K_ZMlm9Txxu3EFtTk6YvcaQF_masn3o9GwhTb2C7WSw== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 85ms
84ms Script
application/javascript 2607:f8b0:4006:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUJZzf303XvlzMqMSUsRZu46gN1HiTjMpM4ai591sMTmYxavSC5v6xYEY2s8tpIbeoTFBFDn3fRkmVArP49vXLCeD1w3J-K_ZMlm9Txxu3EFtTk6YvcaQF_masn3o9GwhTb2C7WSw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzExMjk2NzQ5LDExMDAwMDAwXSxudWxsLG51bGwsbnVsbCxbbnVsbCxbN11dLCJodHRwczovL3NraW5zLmZhbmdhbWVzLnJvLyIsbnVsbCxbWzgsIkJYWHdLTUFDb2ZnIl0sWzksImVuLVVTIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.BXXwKMACofg.es5.O/am=wA/d=1/rs=AJlcJMzP9RpEEDBSQfOOXNx4pQVwBx7XLQ/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f211aba183e5669d958b206f4ac23d40aa539805ae2db13d5a4157783c25e90e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-dTrl6FH8yj3LgcX6_9sYHQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://skins.fangames.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 24 Mar 2024 16:12:29 GMT
content-security-policy: script-src 'report-sample' 'nonce-dTrl6FH8yj3LgcX6_9sYHQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjytDikmJw15BiOO90h-k6ENcyPGNqBWIDjedMFkD87stLJoGvL5kkgFgLiPnWTWdVAWLD9dNZI4E45vl01hQgdkqfwRoCxD71M1jjgLj15jnW6UB8csF51otALMTN8XZh4wY2gRkT5skCAKz2MEo"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame FA86
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

50ms
50ms

Document
text/html

2607:f8b0:4006:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 24 Mar 2024 16:12:29 GMT
expires: Sun, 24 Mar 2024 16:12:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 24 Mar 2024 16:12:29 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 AGSKWxVfewAgYPpyPYbDI6leExUGbsZOxU7We2nqUdqW30EWy-SwGB8ukqsFgqMTNsTLVARrYq7WKpWjopWw2-UHj9ucG8f4xx2sUoTNyOnKeyAK9R1S5OQ6bavgqrDi3yAn9pYOusc_Pg== Show response
fundingchoicesmessages.google.com/f/ 10 KB
5 KB 131ms
130ms Script
application/javascript 2607:f8b0:4006:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVfewAgYPpyPYbDI6leExUGbsZOxU7We2nqUdqW30EWy-SwGB8ukqsFgqMTNsTLVARrYq7WKpWjopWw2-UHj9ucG8f4xx2sUoTNyOnKeyAK9R1S5OQ6bavgqrDi3yAn9pYOusc_Pg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzExMjk2NzQ5LDM0ODAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyLG51bGwsImVuIl0sImh0dHBzOi8vc2tpbnMuZmFuZ2FtZXMucm8vIixudWxsLFtbOCwiQlhYd0tNQUNvZmciXSxbOSwiZW4tVVMiXSxbMTgsIltbWzBdXV0iXSxbMTksIjIiXSxbMTcsIlswXSJdXV0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

94952afadca8a3d87e4018f100c4901e7daedb7e086874b14e5150c81349f946

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-pVOpTYJXBbegOvbLNDeneA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://skins.fangames.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 24 Mar 2024 16:12:29 GMT
content-security-policy: script-src 'report-sample' 'nonce-pVOpTYJXBbegOvbLNDeneA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjytDikmJw0pBiOO90h-k6ENcyPGNqBWIDjedMFkD87stLJoGvL5kkgFgLiPnWTWdVAWLD9dNZI4E45vl01hQgdkqfwRoCxD71M1jjgLj15jnW6UB8csF51otALMTD8XZh4wY2gYaHM28yAgDdSTE3"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 bc98ee26709eab44c313ae134441fc3c.js Show response
www.gstatic.com/mysidia/ Frame 8F52 9 KB
4 KB 32ms
31ms Script
text/javascript 2607:f8b0:4006:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/bc98ee26709eab44c313ae134441fc3c.js?tag=client_fast_engine_2019

Requested by

Host: skins.fangames.ro
URL: https://skins.fangames.ro/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aa20072a85763be20a469b3ff503e9f49a88f58f8c4627af5c3b61ced34f61ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 21:07:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 241508
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4090
x-xss-protection: 0
last-modified: Thu, 21 Mar 2024 20:51:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 19 Jun 2024 21:07:21 GMT

GET
H3 200 f8ec8755006148f1116613f6a31a6022.js Show response
www.gstatic.com/mysidia/ Frame 8F52 146 KB
54 KB 33ms
32ms Script
text/javascript 2607:f8b0:4006:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f8ec8755006148f1116613f6a31a6022.js?tag=video_mra/web_interstitial_raspberry_ms_cta_adjustment

Requested by

Host: skins.fangames.ro
URL: https://skins.fangames.ro/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e6080716a35f54dbecaa3f87a37ae77e4c690f36355c68397ef5936d3c15506b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 22:33:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 236342
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54974
x-xss-protection: 0
last-modified: Thu, 21 Mar 2024 20:51:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 19 Jun 2024 22:33:27 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 8F52 21 KB
1 KB 53ms
50ms Stylesheet
text/css 2607:f8b0:4006:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500%2C600

Requested by

Host: skins.fangames.ro
URL: https://skins.fangames.ro/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:808::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

419c315057ded80663e34d54c0d0d116fa9fedafdd9210176496815e24bb9f74

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 24 Mar 2024 16:12:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 24 Mar 2024 14:41:16 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 24 Mar 2024 16:12:29 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240320/r20110914/client/ Frame 8F52 2 KB
822 B 34ms
32ms Script
text/javascript 2607:f8b0:4006:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240320/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: skins.fangames.ro
URL: https://skins.fangames.ro/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 23 Mar 2024 22:21:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64262
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 06 Apr 2024 22:21:27 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240320/r20110914/ Frame 8F52 23 KB
9 KB 35ms
34ms Script
text/javascript 2607:f8b0:4006:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240320/r20110914/abg_lite_fy2021.js

Requested by

Host: skins.fangames.ro
URL: https://skins.fangames.ro/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5a23d8b3f234337a66c42065409ea946a4700a68fb92775125a176ec9520c82f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 23 Mar 2024 22:21:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64262
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9106
x-xss-protection: 0
server: cafe
etag: 8408112003982630589
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 06 Apr 2024 22:21:27 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240320/r20110914/client/ Frame 8F52 3 KB
1 KB 50ms
49ms Script
text/javascript 2607:f8b0:4006:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240320/r20110914/client/window_focus_fy2021.js

Requested by

Host: skins.fangames.ro
URL: https://skins.fangames.ro/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 23 Mar 2024 22:21:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64262
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 06 Apr 2024 22:21:27 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240320/r20110914/client/ Frame 8F52 20 KB
8 KB 34ms
33ms Script
text/javascript 2607:f8b0:4006:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240320/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: skins.fangames.ro
URL: https://skins.fangames.ro/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

04fa4fe54665cacb0d30e028747b0a15046d5152d4295250380bcd5569e7c664

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 23 Mar 2024 22:21:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64262
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8355
x-xss-protection: 0
server: cafe
etag: 17564575596476239644
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 06 Apr 2024 22:21:27 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 8F52 206 KB
62 KB 35ms
34ms Script
text/javascript 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: skins.fangames.ro
URL: https://skins.fangames.ro/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1a730cb34285c933a5839e656856a4eaac2449e49a997efe53d454b94ace676f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 24 Mar 2024 15:26:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2751
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63909
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 24 Mar 2024 16:26:38 GMT

GET
H3 200 6cb69919cbc522bfc1e6ced177eee5f6.js Show response
www.gstatic.com/mysidia/ Frame 8F52 36 KB
15 KB 65ms
64ms Script
text/javascript 2607:f8b0:4006:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/6cb69919cbc522bfc1e6ced177eee5f6.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: skins.fangames.ro
URL: https://skins.fangames.ro/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5bd3d0de974ed0967bf98e6fa7dad0f2cbdb56e1e9c92678ca26d00f6dcafc93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 21:01:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 241869
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15248
x-xss-protection: 0
last-modified: Thu, 21 Mar 2024 20:51:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 19 Jun 2024 21:01:20 GMT

GET
H3 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240320/r20110914/elements/html/ Frame 462B 15 KB
6 KB 33ms
32ms Script
text/javascript 2607:f8b0:4006:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240320/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240320/r20110914/zrt_lookup_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df68f57ecda7de300bd2613e1619f481bcec4791f91634ceaa5ab9dc12493205

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 23 Mar 2024 22:22:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64204
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6452
x-xss-protection: 0
server: cafe
etag: 12428443125520643955
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 06 Apr 2024 22:22:25 GMT

GET
H3 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 462B 205 B
229 B 71ms
70ms Image
image/png 2607:f8b0:4006:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240320/r20110914/zrt_lookup_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 09:01:03 GMT
x-content-type-options: nosniff
age: 371486
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 20 Mar 2025 09:01:03 GMT

GET
H3 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 462B 604 B
628 B 71ms
70ms Image
image/png 2607:f8b0:4006:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240320/r20110914/zrt_lookup_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 05:13:37 GMT
x-content-type-options: nosniff
age: 385132
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 20 Mar 2025 05:13:37 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240320/r20110914/elements/html/ Frame 462B 22 KB
9 KB 33ms
33ms Script
text/javascript 2607:f8b0:4006:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240320/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240320/r20110914/zrt_lookup_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

14fafb150b976a0b5ac428c91e0825c33ba47b251f2bf349f4e1e5f954d9ad63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 23 Mar 2024 22:22:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64204
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9112
x-xss-protection: 0
server: cafe
etag: 499061885667062015
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 06 Apr 2024 22:22:25 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 9F83 14 KB
1 KB 52ms
52ms Stylesheet
text/css 2607:f8b0:4006:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240320/r20110914/zrt_lookup_fy2021.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:808::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a6ee58f60c407b083623fdc4586ae66d10f4586920a825a74e26762bc262eefd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 24 Mar 2024 16:12:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 24 Mar 2024 14:39:48 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 24 Mar 2024 16:12:29 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240320/r20110914/client/ Frame 9F83 2 KB
822 B 31ms
31ms Script
text/javascript 2607:f8b0:4006:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240320/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240320/r20110914/zrt_lookup_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 23 Mar 2024 22:21:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64262
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 06 Apr 2024 22:21:27 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240320/r20110914/ Frame 9F83 23 KB
9 KB 30ms
30ms Script
text/javascript 2607:f8b0:4006:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240320/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240320/r20110914/zrt_lookup_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5a23d8b3f234337a66c42065409ea946a4700a68fb92775125a176ec9520c82f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 23 Mar 2024 22:21:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64262
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9106
x-xss-protection: 0
server: cafe
etag: 8408112003982630589
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 06 Apr 2024 22:21:27 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240320/r20110914/client/ Frame 9F83 3 KB
1 KB 42ms
41ms Script
text/javascript 2607:f8b0:4006:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240320/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240320/r20110914/zrt_lookup_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 23 Mar 2024 22:21:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64262
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 06 Apr 2024 22:21:27 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240320/r20110914/client/ Frame 9F83 20 KB
8 KB 31ms
31ms Script
text/javascript 2607:f8b0:4006:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240320/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240320/r20110914/zrt_lookup_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

04fa4fe54665cacb0d30e028747b0a15046d5152d4295250380bcd5569e7c664

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 23 Mar 2024 22:21:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64262
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8355
x-xss-protection: 0
server: cafe
etag: 17564575596476239644
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 06 Apr 2024 22:21:27 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 9F83 206 KB
62 KB 31ms
31ms Script
text/javascript 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240320/r20110914/zrt_lookup_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1a730cb34285c933a5839e656856a4eaac2449e49a997efe53d454b94ace676f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 24 Mar 2024 15:26:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2751
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63909
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 24 Mar 2024 16:26:38 GMT

GET
H3 200 6cb69919cbc522bfc1e6ced177eee5f6.js Show response
www.gstatic.com/mysidia/ Frame 9F83 36 KB
15 KB 48ms
47ms Script
text/javascript 2607:f8b0:4006:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/6cb69919cbc522bfc1e6ced177eee5f6.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240320/r20110914/zrt_lookup_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5bd3d0de974ed0967bf98e6fa7dad0f2cbdb56e1e9c92678ca26d00f6dcafc93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 21:01:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 241869
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15248
x-xss-protection: 0
last-modified: Thu, 21 Mar 2024 20:51:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 19 Jun 2024 21:01:20 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/6884394770610421391/ Frame 9F83 12 KB
12 KB 37ms
36ms Image
image/jpeg 2607:f8b0:4006:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6884394770610421391/14763004658117789537?w=400&h=209&tw=1&q=75

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240320/r20110914/zrt_lookup_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bde5efb6e173ab8cf2695ed03576a45eddf1ab95b18f0dd287d0eaa839c3b69f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

expires: Thu, 20 Mar 2025 08:06:31 GMT
date: Wed, 20 Mar 2024 08:06:31 GMT
x-content-type-options: nosniff
age: 374758
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12041
x-xss-protection: 0
last-modified: Fri, 15 Mar 2024 18:51:06 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame B436
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=Cpwm961AAZtOMNMmD998Pud-g0AK4k9XIduHN2__gEmQQASCPusluYMnujovApIwQoAHwiufxAsgBAagDAcgDwwSqBP0BT9B5_gUxxHj3R3tAsoriw3pEpt621-DVPoXf4Sp78xiEXEaXZJm...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x6c8add2d6b125a530000000000000000%22,%222%22:%220x72e2576b0b7efc6f0000000000000000%22,%223%22:%220x7adad6...

0
0

144ms
87ms

Fetch
text/css

142.250.80.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x6c8add2d6b125a530000000000000000%22,%222%22:%220x72e2576b0b7efc6f0000000000000000%22,%223%22:%220x7adad65e08f879ef0000000000000000%22,%224%22:%220x2e54ad8d4b9c81740000000000000000%22,%225%22:%220xb2c56288d368be330000000000000000%22},%22debug_key%22:%2210201167314977322053%22,%22debug_reporting%22:true,%22destination%22:%22https://taltz.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22775538032%22],%2222%22:[%22true%22],%224%22:[%2203-24%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2215388856345958368033%22}&andc=true

Protocol

Server

142.250.80.66 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s35-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 24 Mar 2024 16:12:30 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0x6c8add2d6b125a530000000000000000","2":"0x72e2576b0b7efc6f0000000000000000","3":"0x7adad65e08f879ef0000000000000000","4":"0x2e54ad8d4b9c81740000000000000000","5":"0xb2c56288d368be330000000000000000"},"debug_key":"10201167314977322053","debug_reporting":true,"destination":"https://taltz.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["775538032"],"22":["true"],"4":["03-24"],"6":["true"]},"priority":"500","source_event_id":"15388856345958368033"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 24 Mar 2024 16:12:30 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 24 Mar 2024 16:12:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x6c8add2d6b125a530000000000000000","2":"0x72e2576b0b7efc6f0000000000000000","3":"0x7adad65e08f879ef0000000000000000","4":"0x2e54ad8d4b9c81740000000000000000","5":"0xb2c56288d368be330000000000000000"},"debug_key":"10201167314977322053","debug_reporting":true,"destination":"https://taltz.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["775538032"],"22":["true"],"4":["03-24"],"6":["true"]},"priority":"500","source_event_id":"15388856345958368033"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 9F83 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ba63f9831767b294d1881008cb2071c4c865ba5767c9479f909b63dcb864f2d1

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 ghSbiK71ebhuxEqc_YnF1-p9wbLv1ze7peYEguTjq34.js Show response
pagead2.googlesyndication.com/bg/ Frame DF4E 52 KB
20 KB 33ms
32ms Script
text/javascript 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ghSbiK71ebhuxEqc_YnF1-p9wbLv1ze7peYEguTjq34.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

82149b88aef579b86ec44a9cfd89c5d7ea7dc1b2efd737bba5e60482e4e3ab7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 07:48:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 375849
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20261
x-xss-protection: 0
last-modified: Thu, 14 Mar 2024 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 20 Mar 2025 07:48:20 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 9F83 33 KB
33 KB 35ms
34ms Font
font/woff2 2607:f8b0:4006:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 08:51:37 GMT
x-content-type-options: nosniff
age: 372052
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 20 Mar 2025 08:51:37 GMT

GET
H3 200 ghSbiK71ebhuxEqc_YnF1-p9wbLv1ze7peYEguTjq34.js Show response
pagead2.googlesyndication.com/bg/ Frame 4DFF 52 KB
20 KB 33ms
33ms Script
text/javascript 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ghSbiK71ebhuxEqc_YnF1-p9wbLv1ze7peYEguTjq34.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240320/r20110914/zrt_lookup_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

82149b88aef579b86ec44a9cfd89c5d7ea7dc1b2efd737bba5e60482e4e3ab7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 07:48:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 375849
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20261
x-xss-protection: 0
last-modified: Thu, 14 Mar 2024 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 20 Mar 2025 07:48:20 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 9F83
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=C74Pb61AAZqHONMCH998PhfC74A_U1KfGdqjiq5eVEqmy0MuiDhABII-6yW5gye6Oi8CkjBCgAczw0o0qyAEJqQIr0dUL9CGyPqgDAcgDywSqBPwBT9Bvx2fVlhAgSyi-piApgwXKRPT_yzo...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x7a5bf599987506830000000000000000%22,%222%22:%220xe834f882f01993450000000000000000%22,%223%22:%220x26566f...

0
0

91ms
88ms

Fetch
text/css

142.250.80.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x7a5bf599987506830000000000000000%22,%222%22:%220xe834f882f01993450000000000000000%22,%223%22:%220x26566fbc54f435c00000000000000000%22,%224%22:%220x24c886e72f09bbd90000000000000000%22,%225%22:%220xdebb647f0cece5d60000000000000000%22},%22debug_key%22:%2214573990857821499080%22,%22debug_reporting%22:true,%22destination%22:%22https://aldiscover.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211302910028%22],%2222%22:[%22true%22],%224%22:[%2203-24%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%224475941519854601569%22}&andc=true

Protocol

Server

142.250.80.66 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s35-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 24 Mar 2024 16:12:30 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0x7a5bf599987506830000000000000000","2":"0xe834f882f01993450000000000000000","3":"0x26566fbc54f435c00000000000000000","4":"0x24c886e72f09bbd90000000000000000","5":"0xdebb647f0cece5d60000000000000000"},"debug_key":"14573990857821499080","debug_reporting":true,"destination":"https://aldiscover.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11302910028"],"22":["true"],"4":["03-24"],"6":["true"]},"priority":"500","source_event_id":"4475941519854601569"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 24 Mar 2024 16:12:30 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 24 Mar 2024 16:12:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x7a5bf599987506830000000000000000","2":"0xe834f882f01993450000000000000000","3":"0x26566fbc54f435c00000000000000000","4":"0x24c886e72f09bbd90000000000000000","5":"0xdebb647f0cece5d60000000000000000"},"debug_key":"14573990857821499080","debug_reporting":true,"destination":"https://aldiscover.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11302910028"],"22":["true"],"4":["03-24"],"6":["true"]},"priority":"500","source_event_id":"4475941519854601569"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 178ms
116ms XHR
application/json 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240320&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403190101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b52ef55807e7aea5aedc1a9edde60c2889b88c9e62f515390357444227a1f40e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://skins.fangames.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 24 Mar 2024 16:12:29 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12458
x-xss-protection: 0

GET
H3 200 ghSbiK71ebhuxEqc_YnF1-p9wbLv1ze7peYEguTjq34.js Show response
pagead2.googlesyndication.com/bg/ Frame 5F4A 52 KB
20 KB 33ms
32ms Script
text/javascript 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ghSbiK71ebhuxEqc_YnF1-p9wbLv1ze7peYEguTjq34.js

Requested by

Host: skins.fangames.ro
URL: https://skins.fangames.ro/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

82149b88aef579b86ec44a9cfd89c5d7ea7dc1b2efd737bba5e60482e4e3ab7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 07:48:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 375849
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20261
x-xss-protection: 0
last-modified: Thu, 14 Mar 2024 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 20 Mar 2025 07:48:20 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 154ms
86ms Preflight
text/html 142.250.80.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.66 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s35-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 24 Mar 2024 16:12:29 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 87ms
87ms Preflight
text/html 142.250.80.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.66 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s35-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 24 Mar 2024 16:12:29 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 56ms
53ms Script
text/javascript 2607:f8b0:4006:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403190101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://skins.fangames.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 24 Mar 2024 16:12:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 24 Mar 2024 16:12:30 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 0BDE 13 KB
5 KB 34ms
30ms Document
text/html 2607:f8b0:4006:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://skins.fangames.ro/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 315873
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 21 Mar 2024 00:27:57 GMT
expires: Fri, 21 Mar 2025 00:27:57 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame C135 829 B
998 B 56ms
52ms Document
text/html 2607:f8b0:4006:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3bd77c9f15fd2852804debf01edeaef15f889690f2b05efb6f519761c2557568

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-a2uzvOryGxjv8f4y4PuGIA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://skins.fangames.ro/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-a2uzvOryGxjv8f4y4PuGIA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 24 Mar 2024 16:12:30 GMT
expires: Sun, 24 Mar 2024 16:12:30 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 ClgGLJT-anMFFp_jPcSPgTpNjWBfoBtPLqdYJvwYrrQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 0BDE 40 KB
16 KB 34ms
33ms Script
text/javascript 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ClgGLJT-anMFFp_jPcSPgTpNjWBfoBtPLqdYJvwYrrQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0a58062c94fe6a7305169fe33dc48f813a4d8d605fa01b4f2ea75826fc18aeb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 07:55:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 375392
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15865
x-xss-protection: 0
last-modified: Thu, 14 Mar 2024 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 20 Mar 2025 07:55:58 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame C135 0
0 92ms
91ms Image
text/html 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240320&jk=2084105026267905&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 0BDE 0
10 B 30ms
30ms Image
text/plain 2607:f8b0:4006:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?KLng_g
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80f::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 24 Mar 2024 16:12:30 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 ads_ Show response
fundingchoicesmessages.google.com/f/AGSKWxX-1vaQ_DafypJjV-quzPL7i7tHX4JpO_qZRg2zFMV6sLPzjQMWCtbgjf76yyvY4EIdh1Ui9CqBfTuNaznTEproPF3VKBP0svLSaFnAazr3qGDH0DIVYO35CeSXs5WaTWdSJwgbu0SM90Q3YJKcsvHnsdp6P... 54 B
110 B 58ms
57ms Script
application/javascript 2607:f8b0:4006:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxX-1vaQ_DafypJjV-quzPL7i7tHX4JpO_qZRg2zFMV6sLPzjQMWCtbgjf76yyvY4EIdh1Ui9CqBfTuNaznTEproPF3VKBP0svLSaFnAazr3qGDH0DIVYO35CeSXs5WaTWdSJwgbu0SM90Q3YJKcsvHnsdp6PJiKgapasBqQ6Um5TIlwL7OHS7QuqzlS/_unblocktheship.org/spotxchangevpaid./adv_468_&simple_ad_.net/ads_

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.BXXwKMACofg.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMzZPe1UaDnwu0d_A-UqaRkwkvIh8A/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

133290f43bab594bf69015e435c15c88a78fbc2aab5b3f970e6d06ebbb7f6582

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-c8fB8Bm0vBhn9YRDEhxzPQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://skins.fangames.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 24 Mar 2024 16:12:30 GMT
content-security-policy: script-src 'report-sample' 'nonce-c8fB8Bm0vBhn9YRDEhxzPQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjKtDikmLw0pBiOHnrNtNFID7vdIfpOhDXMjxjagViA43nTBZA_O7LSyaBry-ZJIBYC4j51k1nVQFiw_XTWSOBOOb5dNYUIHZKn8EaAsQ-9TNY44C49eY51ulAfHLBedaLQCzEw_FuYeMGNoELN44tZgQAM1w2jg"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 google_top_exp.js Show response
pagead2.googlesyndication.com/pagead/js/ 47 B
67 B 33ms
33ms Script
text/javascript 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/google_top_exp.js?fcd=true

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://skins.fangames.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 24 Mar 2024 04:44:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41286
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
server: cafe
etag: 13036835877489095579
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 07 Apr 2024 04:44:24 GMT

POST
H3 204 AGSKWxVK2pCB77zUkRd71fGJBGDZ4WInIJOa5fhMiXJS0ppzrukPLZh1LL22rrtRK8hy5pLa2es0t8C-F-6Ux2XiQnVdYaBE4naAhpKbTbSxc2K_BATGxQft7dTjHAI6_dcTIu_U0exloA== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 120ms
57ms XHR
text/html 2607:f8b0:4006:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVK2pCB77zUkRd71fGJBGDZ4WInIJOa5fhMiXJS0ppzrukPLZh1LL22rrtRK8hy5pLa2es0t8C-F-6Ux2XiQnVdYaBE4naAhpKbTbSxc2K_BATGxQft7dTjHAI6_dcTIu_U0exloA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-hgsVg8lHzs_FSEWLIzB0mg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://skins.fangames.ro/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 24 Mar 2024 16:12:30 GMT
content-security-policy: script-src 'report-sample' 'nonce-hgsVg8lHzs_FSEWLIzB0mg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmJw0pBiqGV4xtQKxE7pM1hDgFiIh-PdwsYNbAINf24cZAQAxZgMdw"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://skins.fangames.ro
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxVK2pCB77zUkRd71fGJBGDZ4WInIJOa5fhMiXJS0ppzrukPLZh1LL22rrtRK8hy5pLa2es0t8C-F-6Ux2XiQnVdYaBE4naAhpKbTbSxc2K_BATGxQft7dTjHAI6_dcTIu_U0exloA== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 84ms
55ms XHR
text/html 2607:f8b0:4006:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVK2pCB77zUkRd71fGJBGDZ4WInIJOa5fhMiXJS0ppzrukPLZh1LL22rrtRK8hy5pLa2es0t8C-F-6Ux2XiQnVdYaBE4naAhpKbTbSxc2K_BATGxQft7dTjHAI6_dcTIu_U0exloA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-TI0SFHE9AWQ3JC3Nezv92g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://skins.fangames.ro/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 24 Mar 2024 16:12:30 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-TI0SFHE9AWQ3JC3Nezv92g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmII0pBiqGV4xtQKxE7pM1hDgFiIh-PdwsYNbAIX1v06wAgAyHQMqg"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://skins.fangames.ro
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxVK2pCB77zUkRd71fGJBGDZ4WInIJOa5fhMiXJS0ppzrukPLZh1LL22rrtRK8hy5pLa2es0t8C-F-6Ux2XiQnVdYaBE4naAhpKbTbSxc2K_BATGxQft7dTjHAI6_dcTIu_U0exloA== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 61ms
57ms XHR
text/html 2607:f8b0:4006:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVK2pCB77zUkRd71fGJBGDZ4WInIJOa5fhMiXJS0ppzrukPLZh1LL22rrtRK8hy5pLa2es0t8C-F-6Ux2XiQnVdYaBE4naAhpKbTbSxc2K_BATGxQft7dTjHAI6_dcTIu_U0exloA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-XYiVNeqFYg-10hTc1PCEjQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://skins.fangames.ro/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 24 Mar 2024 16:12:30 GMT
content-security-policy: script-src 'report-sample' 'nonce-XYiVNeqFYg-10hTc1PCEjQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmLw0pBiqGV4xtQKxE7pM1hDgFiIh-PdwsYNbAIzWlYdZAQAxLYL8Q"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://skins.fangames.ro
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxVK2pCB77zUkRd71fGJBGDZ4WInIJOa5fhMiXJS0ppzrukPLZh1LL22rrtRK8hy5pLa2es0t8C-F-6Ux2XiQnVdYaBE4naAhpKbTbSxc2K_BATGxQft7dTjHAI6_dcTIu_U0exloA== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 69ms
65ms XHR
text/html 2607:f8b0:4006:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVK2pCB77zUkRd71fGJBGDZ4WInIJOa5fhMiXJS0ppzrukPLZh1LL22rrtRK8hy5pLa2es0t8C-F-6Ux2XiQnVdYaBE4naAhpKbTbSxc2K_BATGxQft7dTjHAI6_dcTIu_U0exloA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-pxv-wHGVhiOU2lO3gSmeRg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://skins.fangames.ro/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 24 Mar 2024 16:12:30 GMT
content-security-policy: script-src 'report-sample' 'nonce-pxv-wHGVhiOU2lO3gSmeRg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmLw1pBiqGV4xtQKxE7pM1hDgFiIh-PdwsYNbAIPzrQcZgQAxvIMXg"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://skins.fangames.ro
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxXDOUivH6_AN1m-NaSWCiSKdcAckh7aVcwZcmH_ii6rH7bYrp5neoduaiqLM1aGpnWeDkZKQSC8JJsO_HKPao0RfXE5qFbOLg3jZjIrmbzlOtCk0IIg9o8zk0d9vU6Qwq0EKg2AFA== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 66ms
66ms Script
application/javascript 2607:f8b0:4006:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXDOUivH6_AN1m-NaSWCiSKdcAckh7aVcwZcmH_ii6rH7bYrp5neoduaiqLM1aGpnWeDkZKQSC8JJsO_HKPao0RfXE5qFbOLg3jZjIrmbzlOtCk0IIg9o8zk0d9vU6Qwq0EKg2AFA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzExMjk2NzUwLDM3MTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly9za2lucy5mYW5nYW1lcy5yby8iLG51bGwsW1s4LCJCWFh3S01BQ29mZyJdLFs5LCJlbi1VUyJdLFsxOCwiW1tbMF1dXSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

791d3369941da98b38fefb19e1d45f8624aab13067114ac403da4c8a0345bcc7

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-uwX5Jw6jaG1K0naeCaATaw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://skins.fangames.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 24 Mar 2024 16:12:30 GMT
content-security-policy: script-src 'report-sample' 'nonce-uwX5Jw6jaG1K0naeCaATaw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjytDikmII1JBiOO90h-k6ENcyPGNqBWIDjedMFkD87stLJoGvL5kkgFgLiPnWTWdVAWLD9dNZI4E45vl01hQgdkqfwRoCxD71M1jjgLj15jnW6UB8csF51otALMTD8W5h4wY2gRm77x9lBADkjDFr"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxUmaartmd6J36IdEF9qe_jot4twZyI_-grFg5IXXrGnA-PaUph9aU5N4yuTR4y0AnpyZtOBZXOoZ-C-FKmhxVcLm-2UAomONKLAHDafkP26CV6rdbJaaNHuKPTwF9zf2Jh5-JUIsA== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 56ms
56ms XHR
text/html 2607:f8b0:4006:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUmaartmd6J36IdEF9qe_jot4twZyI_-grFg5IXXrGnA-PaUph9aU5N4yuTR4y0AnpyZtOBZXOoZ-C-FKmhxVcLm-2UAomONKLAHDafkP26CV6rdbJaaNHuKPTwF9zf2Jh5-JUIsA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-Rm70Uj5YjHBHd1ZEzKdAmg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://skins.fangames.ro/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 24 Mar 2024 16:12:30 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-Rm70Uj5YjHBHd1ZEzKdAmg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmJw15BiqGV4xtQKxE7pM1hDgFiIh-PdwsYNbAIn-l48ZAQAxmIMhg"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://skins.fangames.ro
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxVK2pCB77zUkRd71fGJBGDZ4WInIJOa5fhMiXJS0ppzrukPLZh1LL22rrtRK8hy5pLa2es0t8C-F-6Ux2XiQnVdYaBE4naAhpKbTbSxc2K_BATGxQft7dTjHAI6_dcTIu_U0exloA== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 54ms
54ms XHR
text/html 2607:f8b0:4006:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVK2pCB77zUkRd71fGJBGDZ4WInIJOa5fhMiXJS0ppzrukPLZh1LL22rrtRK8hy5pLa2es0t8C-F-6Ux2XiQnVdYaBE4naAhpKbTbSxc2K_BATGxQft7dTjHAI6_dcTIu_U0exloA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-83fArTMGFW4rjjnkUJa2hA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://skins.fangames.ro/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 24 Mar 2024 16:12:30 GMT
content-security-policy: script-src 'report-sample' 'nonce-83fArTMGFW4rjjnkUJa2hA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmJw0pBiqGV4xtQKxE7pM1hDgFiIh-PdwsYNbAIn3p14yAgAxtgMwQ"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://skins.fangames.ro
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame B436 42 B
64 B 92ms
92ms Fetch
image/gif 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssAkUkPkybqN6vz0h8aThCxB_Km3qvXCjD36q0aRTO0nDKDzvTElU5ac0YE2EvR70oLb7sxckoAj_6IavFHilsqO_T751ZIm5rdIn6Pmj7x4QUadeV95Z9hu5IfFLrxFkHc7r1e8PHRXH-1dM0Rf2cR3-cAqxG8hbo&sai=AMfl-YT_eD6-pheqiLOETqeS0OoQUlPkbOPEVX4KgXnPdohNE0aNR46gu9ljiAP1vTsP5BexGrLJCPXZnY_-rOg3WnreGRlekDHPvvQmLc0wWbygw2xWa7kJcmBiICNcS0Y_gEZsOfm9RsqA4vgMGvbw1A&sig=Cg0ArKJSzJdBtEeQ5ZPCEAE&cid=CAQSTwB7FLtqLKFqxxlgawUAGChnhfpDXsqjNJnMr4CT7YFb9uxhXwLE4JETtay8O978B-pHWXF02URgoM1-zq9D4EdaFE069iUNUcUq_9Z0OKUYAQ&id=lidar2&mcvt=1000&p=0,0,280,1200&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240311&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1754089860&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=722954800&rst=1711296747713&rpt=1923&met=mue&wmsd=0&pbe=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/m202403110101/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Mar 2024 16:12:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 9F83 42 B
64 B 93ms
93ms Fetch
image/gif 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstHNyyXBZPV93vXuo1OsEPw7R0M91yjUnRGBFaavlLnAVLBHfhfhPyj8faXghvpJI6XtVJizh31c8vbW_PBt-PCnhkG34NSCq1MYAKV3isP6Lt8_tuVLHp2F9HVqDX2xPi3wgernVr1Hn-0NTrwd4fJZ6eeuy4PDDI&sai=AMfl-YRFyWaJUjcydRY3rcfdnmB4UXO1ITfx9Qh-j-wJ2cm3P2hnevzFsvdVcCSmfiW4LWZejc-wz2zfRq6V2GZExJ3TlkjKMqOJ5dj92aJ7Rfaw9ctNBlKVewTH9luLN4APdCg3N3XglxLl_h8BJ5uL&sig=Cg0ArKJSzE1VblH-ZWb5EAE&cid=CAQSTgB7FLtq4ZpHhms17Rl4WyxXReFZXYRRvGpuRBq7bWDYmngugNxx4y1W_MpktuJekt7i_nXiVcOKtWa7rFkpeedqcngAbr-ZtLKjV26LdhgB&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=498,1000,1000,1000,1000&tos=498,502,0,0,0&v=20240320&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=722954900&rst=1711296748996&rpt=756&met=mue&wmsd=0&pbe=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Mar 2024 16:12:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 94ms
94ms Image
text/html 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240320&jk=2084105026267905&bg=!CAulC0TNAAZaswqNerM7ADQBe5WfOEGf_p0y1YQ3P6ZmKtjPhWMvyJ_VshnUC_OUfMeaZ7qLZVt5yENyliAxnyjg85ZQAgAAAGZSAAAAA2gBB34ANUywsGoJFJBjaEVf_P6ZuZvqMA5kGKCit3VaFyU8NPnNKIw4r_HoWUxlQa6vEYdYJ90XSnxTCgArrwzauRsU0Z8meRy75NOnP7_hSjL1vhAzhKdmyWQwqtnEi4eu4xCI4rVZmJkCdYitmMLebFWyE6-HSdXlMv5gtrJJF2tiwovnV0S4hzfyq3zZN7e8mVmTsa6UqF_2DBOvn6BeHrBybMBFS6RGRY-b1iFpQuEFBLGeyYiJJBCIvvBB-Thkfn4yk-jF52DilPiSDWmoX5eHFc7w-jNhtS1bCGq6qFPWPfAH1fmPJyz02cDuLwzp24Xadjb9aBjF2PbDXYsIV-kJrqnZK3ZvBH8XCVvahhUlC3XszMdCd8NCKOEI-ZRiUH4Gaapex0vjoBzrPfvwWH_C7B2AK7nb2vuk4jjthoRBG_A-mMLVG1i37nRcPuRUjLumJyKUkIveXUQGqQWaEYF6of0smIP8tf4hcYqpuX4a-PWTjBueU4pKU-RaybL3fvkozCJZ6ooCOQ9y-69iCThgCP7NLFkCwkcbEp2RbXqZTspiu3043UMg7f9DrJmE5mZI_nDhKpibMt3Lfu0zE4q0WyU2NzQZBZMPdvqGoaIOfB0yTAHxOPfJXzGBIxLl4l_N_OEl1dPbPtyJtz9TSK_Mj6ZrQI942C248a8VPe1GuVHel7legTjF_SFdkz2mR4cJ-Ly7jlM9kNNyHFTShSemalkSw3K5aInwC2UpE63vMpYIhIrbEwizf7RGLTlgCoaFCD8JEKHB79orkQeo7NKSTUNekpIAaKLU6tj88B7xu0-oaxPsnSVES3tjZRsLey-rgt0WctfueQEWciXtt7Qto6RrpbYWUiC7Ud__7BHu55fICGPKL_FfqJAR7lUPkcDhz300ywzeE0I_CS73IymHXWSysMuxXrYFKCft-TA2rtARvG8d3BqAL1qAab41ZrAA5nykS8kFQ8dXNxYY
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://skins.fangames.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

60 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
skins.fangames.ro/	1969-12-31 23:59:59	Name: PHPSESSID Value: aa44da2ef440299702e88d402573b1d8
.fangames.ro/	1970-01-21 04:43:12	Name: __gads Value: ID=d1f517bdb23155f8:T=1711296747:RT=1711296747:S=ALNI_MZotmUv603gximS-C-iNuRLiw5Gmg
.fangames.ro/	1970-01-21 04:43:12	Name: __gpi Value: UID=00000dacaed59c41:T=1711296747:RT=1711296747:S=ALNI_MZ5diL9SkybpA65tVqO7ruTqKLV_g
.fangames.ro/	1970-01-20 23:40:48	Name: __eoi Value: ID=c1b80de241681144:T=1711296747:RT=1711296747:S=AA-AfjYjg3OsF-5gCYG-nAfhWAzV
.doubleclick.net/	1970-01-20 19:21:40	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-21 04:57:36	Name: IDE Value: AHWqTUlcHF-hVLKR-qYyX_giPtXBRcXM--Yp9sEBpMFF9rQMaVD86kqFvBkWqQ21VJg
.googleadservices.com/	1970-01-20 21:31:12	Name: ar_debug Value: 1
.fangames.ro/	1970-01-21 04:07:12	Name: FCNEC Value: %5B%5B%22AKsRol8-AuurvSqWTZcveZfaU3ee_DpnMrTFDrm-qfUGCXvV8lbtfhS5KVsiXtcpjkGu5c-5Sw0g0PASrU5-2HDprYwWkgSBUwSkLK3nGIgz-X4O1eruIm4RAsqcYtVEjynuTCw7ALMabqwlCk3VaVliWj2SKDapIA%3D%3D%22%5D%5D

15 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://skins.fangames.ro/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://skins.fangames.ro/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://skins.fangames.ro/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://skins.fangames.ro/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://skins.fangames.ro/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://skins.fangames.ro/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://skins.fangames.ro/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://skins.fangames.ro/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://skins.fangames.ro/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://skins.fangames.ro/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://skins.fangames.ro/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://skins.fangames.ro/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://skins.fangames.ro/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://skins.fangames.ro/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://skins.fangames.ro/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
code.jquery.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
skins.fangames.ro
steamcommunity-a.akamaihd.net
tpc.googlesyndication.com
www.google.com
www.googleadservices.com
www.gstatic.com
142.250.80.66
23.46.156.47
2606:4700:3037::6815:14d8
2607:f8b0:4006:808::200a
2607:f8b0:4006:80d::2002
2607:f8b0:4006:80e::2004
2607:f8b0:4006:80f::2001
2607:f8b0:4006:80f::2003
2607:f8b0:4006:81c::200e
2607:f8b0:4006:81d::2003
2607:f8b0:4006:823::2002
2a04:4e42:200::485
2a04:4e42:600::649
04fa4fe54665cacb0d30e028747b0a15046d5152d4295250380bcd5569e7c664
0a58062c94fe6a7305169fe33dc48f813a4d8d605fa01b4f2ea75826fc18aeb4
12f97619084f4bcc7397a49ee2ac3db527b5b0cd50a217b38871be0dbcb3b6e5
133290f43bab594bf69015e435c15c88a78fbc2aab5b3f970e6d06ebbb7f6582
14fafb150b976a0b5ac428c91e0825c33ba47b251f2bf349f4e1e5f954d9ad63
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1a730cb34285c933a5839e656856a4eaac2449e49a997efe53d454b94ace676f
1afd73c344439fa1bd92896f7a6da5287e8bc436f2e78d0ae18eb27114a1e52c
2a51438101c7356ef03190cf5da3d3e49f17d8336807b834dc3d5f249e273ad5
3017df4a76db5f01c2b99b603d88b03106df13bcfe18e67b7c13c2341d3a67df
31641b8143c10b2aa32ef71e41732e356efc107e8eb32b187503819a0cdcd7c2
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3bd77c9f15fd2852804debf01edeaef15f889690f2b05efb6f519761c2557568
419c315057ded80663e34d54c0d0d116fa9fedafdd9210176496815e24bb9f74
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
466294addc0daa3ca48ae1100d92dba791d13dc1c03c269ded91ad7a3af5b63a
4b42ca4dc1753e9e627a6bb64828bd04f5e6aad6f3f55350245322bb9fac72c7
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
500ec597440c23967fdce49a1b1a2273eee768855d2b80ea5f62a483fb682660
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5a23d8b3f234337a66c42065409ea946a4700a68fb92775125a176ec9520c82f
5bd3d0de974ed0967bf98e6fa7dad0f2cbdb56e1e9c92678ca26d00f6dcafc93
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
6916ab45c343e75147499b9b51efd84eca073fd209f6a520d485e5b2199bf0cb
791d3369941da98b38fefb19e1d45f8624aab13067114ac403da4c8a0345bcc7
82149b88aef579b86ec44a9cfd89c5d7ea7dc1b2efd737bba5e60482e4e3ab7e
82f64f62bb03c1bc1824b0f9c9e05f70dba33e146818e63cdf5c306c8cf3dedd
93bad8226232bc778eddb09b8fd7147d6dc6011a8d9d9a399ffb42287fe5671b
94952afadca8a3d87e4018f100c4901e7daedb7e086874b14e5150c81349f946
9d8efeaf27be598282bf77f449dd8ff146375aed12bd7089b9f074edd1dd4647
a0fe8723dcf55da64d06b25446d0a8513e52527c45afcb37073465f9c6f352af
a6ee58f60c407b083623fdc4586ae66d10f4586920a825a74e26762bc262eefd
aa20072a85763be20a469b3ff503e9f49a88f58f8c4627af5c3b61ced34f61ba
b52ef55807e7aea5aedc1a9edde60c2889b88c9e62f515390357444227a1f40e
ba63f9831767b294d1881008cb2071c4c865ba5767c9479f909b63dcb864f2d1
bbd5d8ac0c737fccca946009a5eb7cb33605fca2bb5c259807a117f9f2cb193f
bde5efb6e173ab8cf2695ed03576a45eddf1ab95b18f0dd287d0eaa839c3b69f
c7eecc42aaae1307d934ee4a0255ba91074704cc6a9af55f2df61d0a29c3f66f
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
dda19d2f601c81c0a9188a28302d431e76c49a29f8e0b2d300747b56b5077e71
df68f57ecda7de300bd2613e1619f481bcec4791f91634ceaa5ab9dc12493205
df7a397b8ce58f6251a395e02608b4f620e934a958bdfe6702c6f2033593eed0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4af6f8b8587bcbcc70cde1cf0d4a56254ccc8e851178ce6e6af55f75fda3054
e6080716a35f54dbecaa3f87a37ae77e4c690f36355c68397ef5936d3c15506b
edd03b96ae4ff7886406c59d7dfeeaa1b624a7da297bf2f92d0cb6b7f9633cba
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f211aba183e5669d958b206f4ac23d40aa539805ae2db13d5a4157783c25e90e

skins.fangames.ro Open in urlscan Pro 2606:4700:3037::6815:14d8 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

77 Requests

97 %HTTPS

85 %IPv6

10 Domains

13 Subdomains

14 IPs

1 Countries

1124 kBTransfer

3365 kBSize

8 Cookies

0 Outgoing links

Redirected requests

77 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

skins.fangames.ro Open in urlscan Pro
2606:4700:3037::6815:14d8 Public Scan

Screenshot
Live screenshot

Full Image

77
Requests

97 %
HTTPS

85 %
IPv6

10
Domains

13
Subdomains

14
IPs

1
Countries

1124 kB
Transfer

3365 kB
Size

8
Cookies

77 HTTP transactions
2 data transactions