urlscan.io logo urlscan.io
SecurityTrails logo

www.itinforok.com Open in urlscan Pro
2606:4700::6812:1964  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://itinforok.com/
Effective URL: https://www.itinforok.com/
Submission: On April 03 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 1 countries across 6 domains to perform 39 HTTP transactions. The main IP is 2606:4700::6812:1964, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.itinforok.com.
TLS certificate: Issued by GTS CA 1P5 on March 21st 2023. Valid for: 3 months.
This is the only time www.itinforok.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    2606:4700::6812:1864 (United States)

ASN13335 (CLOUDFLARENET, US)
itinforok.com
15    2606:4700::6812:1964 (United States)

ASN13335 (CLOUDFLARENET, US)
itinforok.com
www.itinforok.com
2    2a04:4e42:600::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
4    2607:f8b0:4006:820::2002 (Nutley, United States)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
9    2606:4700:3034::ac43:8623 (United States)

ASN13335 (CLOUDFLARENET, US)
play.get9game.com
1    2607:f8b0:4006:816::2002 (Nutley, United States)

ASN15169 (GOOGLE, US)
adservice.google.com
4    2607:f8b0:4006:824::2002 (Nutley, United States)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
4    2607:f8b0:4006:81f::2001 (Nutley, United States)

ASN15169 (GOOGLE, US)
bda2ccd648030db89ddaa681c6a58fbc.safeframe.googlesyndication.com
tpc.googlesyndication.com
1    2607:f8b0:4006:80f::2004 (Nutley, United States)

ASN15169 (GOOGLE, US)
www.google.com
Apex Domain
Subdomains		 Transfer
16 itinforok.com
itinforok.com
www.itinforok.com
116 KB
9 get9game.com
play.get9game.com
277 KB
8 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 111
bda2ccd648030db89ddaa681c6a58fbc.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 145
40 KB
4 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 201
149 KB
2 google.com
adservice.google.com — Cisco Umbrella Rank: 90
www.google.com — Cisco Umbrella Rank: 2
2 KB
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 374
9 KB
39 6
Domain Requested by
14 www.itinforok.com www.itinforok.com
9 play.get9game.com
4 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
4 securepubads.g.doubleclick.net www.itinforok.com
securepubads.g.doubleclick.net
3 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
2 cdn.jsdelivr.net www.itinforok.com
2 itinforok.com 2 redirects
1 www.google.com tpc.googlesyndication.com
1 bda2ccd648030db89ddaa681c6a58fbc.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 adservice.google.com securepubads.g.doubleclick.net
39 10

This site contains no links.

Subject Issuer Validity Valid
*.itinforok.com
GTS CA 1P5		 2023-03-21 -
2023-06-19		 3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-12-23 -
2024-01-24		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-03-13 -
2023-06-05		 3 months crt.sh
*.get9game.com
GTS CA 1P5		 2023-03-26 -
2023-06-24		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-03-13 -
2023-06-05		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-03-13 -
2023-06-05		 3 months crt.sh

This page contains 4 frames:

Primary Page: https://www.itinforok.com/
Frame ID: 44C34C187384F84921AC32DDB620597A
Requests: 33 HTTP requests in this frame

Frame: https://bda2ccd648030db89ddaa681c6a58fbc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: A7435BD11C3F1F123629B53595824CE6
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 93B5DAD7C32BA9F6DBB9BD36F4D23A84
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 5784BBF3BCD580AAF69A4F31A8457A91
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Html5 Games - Free to play!

Page URL History Show full URLs

  1. http://itinforok.com/ HTTP 301
    https://itinforok.com/ HTTP 302
    https://www.itinforok.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • clipboard(?:-([\d.]+))?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • cookieconsent\.min\.js
Overall confidence: 100%
Detected patterns
  • swiper(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Page Statistics

39
Requests

100 %
HTTPS

100 %
IPv6

6
Domains

10
Subdomains

8
IPs

1
Countries

592 kB
Transfer

1227 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://itinforok.com/ HTTP 301
    https://itinforok.com/ HTTP 302
    https://www.itinforok.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

39 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.itinforok.com/
Redirect Chain
  • http://itinforok.com/
  • https://itinforok.com/
  • https://www.itinforok.com/
38 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.itinforok.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1964 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7838107404e6e362efd250e825e793740dde4285a174b0376cc9074fe4394863

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=86400
cf-cache-status
HIT
cf-ray
7b22503ebbe621e7-MIA
content-encoding
br
content-type
text/html; charset=utf-8
date
Mon, 03 Apr 2023 15:23:33 GMT
expires
Tue, 04 Apr 2023 15:23:33 GMT
last-modified
Mon, 03 Apr 2023 10:45:18 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=86400
cf-cache-status
EXPIRED
cf-ray
7b22503dfa4d21e7-MIA
content-type
text/html; charset=UTF-8
date
Mon, 03 Apr 2023 15:23:33 GMT
expires
Tue, 04 Apr 2023 15:23:33 GMT
location
https://www.itinforok.com
server
cloudflare
vary
Accept-Encoding
public.css
www.itinforok.com/static/themes/gametemp-q7/assets/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.itinforok.com/static/themes/gametemp-q7/assets/css/public.css
Requested by
Host: www.itinforok.com
URL: https://www.itinforok.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1964 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dbafe77fe4ba49d10b50e2d35e37673260f6ef054512edf9ea9013532afa289a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.itinforok.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 15:23:33 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Wed, 01 Jun 2022 10:30:44 GMT
server
cloudflare
cf-polished
origSize=4154
etag
W/"62973fd4-103a"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=86400
cf-ray
7b22503f4cc121e7-MIA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 04 Apr 2023 15:23:33 GMT
swiper.min.css
www.itinforok.com/static/themes/gametemp-q7/assets/css/ 		19 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.itinforok.com/static/themes/gametemp-q7/assets/css/swiper.min.css
Requested by
Host: www.itinforok.com
URL: https://www.itinforok.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1964 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c207e653a1b44030d371cae76dbc884cfa7d6936525798d06be58b4cf45a9a5a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.itinforok.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 15:23:33 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 03 Aug 2020 06:20:52 GMT
server
cloudflare
etag
W/"5f27acc4-4d4d"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=86400
cf-ray
7b22503f4cc421e7-MIA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 04 Apr 2023 15:23:33 GMT
cookieconsent.min.css
cdn.jsdelivr.net/npm/cookieconsent@3/build/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/cookieconsent@3/build/cookieconsent.min.css
Requested by
Host: www.itinforok.com
URL: https://www.itinforok.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cd0d0b6e50ff01ff2f3a9a70d7cfb66a7c6cb9acf7a566325568be6d3bd31fc4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.itinforok.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 03 Apr 2023 15:23:33 GMT
x-content-type-options
nosniff
content-encoding
br
age
8621
x-jsd-version
3.1.1
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
1363
x-served-by
cache-fra-eddf8230078-FRA, cache-pdk17865-PDK
x-jsd-version-type
version
etag
W/"135e-3nthfC1sCV/yhiNebPZMMo2hpL8"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
index.css
www.itinforok.com/static/themes/gametemp-q7/assets/css/ 		3 KB
967 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.itinforok.com/static/themes/gametemp-q7/assets/css/index.css
Requested by
Host: www.itinforok.com
URL: https://www.itinforok.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1964 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b45289fafe755039a91702e5b778a01706b26fc86e76f67c27104ad7fa1a725

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.itinforok.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 15:23:33 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Fri, 12 Nov 2021 08:43:44 GMT
server
cloudflare
cf-polished
origSize=3857
etag
W/"618e2940-f11"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=86400
cf-ray
7b22503f4cc721e7-MIA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 04 Apr 2023 15:23:33 GMT
loading.png
www.itinforok.com/static/themes/gametemp-q7/assets/img/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.itinforok.com/static/themes/gametemp-q7/assets/img/loading.png
Requested by
Host: www.itinforok.com
URL: https://www.itinforok.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1964 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
35c5b437bbb77b2079765d66890409ae170a4c817c65f7434835e07836bac217

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.itinforok.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 15:23:33 GMT
cf-cache-status
HIT
cf-polished
origFmt=png, origSize=4568
content-disposition
inline; filename="loading.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1090
cf-bgj
imgq:100,h2pri
last-modified
Fri, 08 Nov 2019 02:31:08 GMT
server
cloudflare
etag
"5dc4d36c-11d8"
vary
Accept
content-type
image/webp
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
7b22503f6d0f21e7-MIA
expires
Wed, 03 May 2023 15:23:33 GMT
logo-mini.png
www.itinforok.com/static/themes/gametemp-q7/assets/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.itinforok.com/static/themes/gametemp-q7/assets/img/logo-mini.png
Requested by
Host: www.itinforok.com
URL: https://www.itinforok.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1964 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed32928001b662f8b75a5bd243d7d47f302cc1aebad177e4f8864b200e552e2c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.itinforok.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 15:23:33 GMT
cf-cache-status
HIT
cf-polished
origFmt=png, origSize=5653
content-disposition
inline; filename="logo-mini.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2260
cf-bgj
imgq:100,h2pri
last-modified
Sat, 10 Aug 2019 13:25:36 GMT
server
cloudflare
etag
"5d4ec5d0-1615"
vary
Accept
content-type
image/webp
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
7b22503f7d1321e7-MIA
expires
Wed, 03 May 2023 15:23:33 GMT
cookieconsent.min.js
cdn.jsdelivr.net/npm/cookieconsent@3/build/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/cookieconsent@3/build/cookieconsent.min.js
Requested by
Host: www.itinforok.com
URL: https://www.itinforok.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e55842a856a6d829feca3c3ad736c136b6c7549e9247274f78aa296259e06e24
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.itinforok.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 03 Apr 2023 15:23:33 GMT
x-content-type-options
nosniff
content-encoding
br
age
8619
x-jsd-version
3.1.1
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
7125
x-served-by
cache-fra-eddf8230120-FRA, cache-pdk17865-PDK
x-jsd-version-type
version
etag
W/"50d5-nLraS9YXyGxjjPLr3exyStWWkHs"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
rocket-loader.min.js
www.itinforok.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.itinforok.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: www.itinforok.com
URL: https://www.itinforok.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1964 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.itinforok.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 15:23:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 21 Mar 2023 12:31:17 GMT
server
cloudflare
etag
W/"6419a395-302c"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=172800, public
cf-ray
7b22503f7d1521e7-MIA
expires
Wed, 05 Apr 2023 15:23:33 GMT
iconfont.woff2
www.itinforok.com/static/themes/gametemp-q7/assets/font/ 		6 KB
6 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.itinforok.com/static/themes/gametemp-q7/assets/font/iconfont.woff2
Requested by
Host: www.itinforok.com
URL: https://www.itinforok.com/static/themes/gametemp-q7/assets/css/public.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1964 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
78200390d6155fc70fa4469c1d49ed2a56375d426471f78c4ce6e1c629e7e84a

Request headers

Referer
https://www.itinforok.com/static/themes/gametemp-q7/assets/css/public.css
Origin
https://www.itinforok.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 15:23:33 GMT
cf-cache-status
HIT
last-modified
Thu, 14 Nov 2019 09:41:52 GMT
server
cloudflare
etag
"5dcd2160-17a8"
vary
Accept-Encoding
content-type
font/woff2
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7b2250404bd53370-MIA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6056
expires
Tue, 04 Apr 2023 15:23:33 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		77 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.itinforok.com
URL: https://www.itinforok.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
31dee4d3f5bfba7cf2c5eb7b41f8324a10c507af46f20b023a531f3fc5915480
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.itinforok.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 15:23:34 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25702
x-xss-protection
0
server
cafe
etag
316 / 19450 / 31073504 / config-hash: 8099576212240570919
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 03 Apr 2023 15:23:34 GMT
jquery.min.js
www.itinforok.com/static/themes/gametemp-q7/assets/js/ 		82 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.itinforok.com/static/themes/gametemp-q7/assets/js/jquery.min.js
Requested by
Host: www.itinforok.com
URL: https://www.itinforok.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1964 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
333c29e8bc3e1ab7b66e03bec3f64469da990700b9ace77b36c0f37f2f3b30b5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.itinforok.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 15:23:33 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 12 Mar 2021 02:48:12 GMT
server
cloudflare
etag
W/"604ad66c-14988"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=86400
cf-ray
7b2250407c423370-MIA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 04 Apr 2023 15:23:33 GMT
fastclick.js
www.itinforok.com/static/themes/gametemp-q7/assets/js/ 		11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.itinforok.com/static/themes/gametemp-q7/assets/js/fastclick.js
Requested by
Host: www.itinforok.com
URL: https://www.itinforok.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1964 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3fe6546296a0a64c38f102a952b0e3d2cef6f8b99dc4f162dbb2b8baad21b190

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.itinforok.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 15:23:33 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Mon, 26 Jan 2015 21:18:30 GMT
server
cloudflare
cf-polished
origSize=25965
etag
W/"54c6af26-656d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=86400
cf-ray
7b2250407c473370-MIA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 04 Apr 2023 15:23:33 GMT
clipboard.js
www.itinforok.com/static/themes/gametemp-q7/assets/js/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.itinforok.com/static/themes/gametemp-q7/assets/js/clipboard.js
Requested by
Host: www.itinforok.com
URL: https://www.itinforok.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1964 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c7a10a5cf1574ff5efbe38630ff3bd4fbf6fbc4a587393ff7cf3f7bbb985dc03

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.itinforok.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 15:23:33 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Thu, 26 Sep 2019 07:58:28 GMT
server
cloudflare
cf-polished
origSize=10759
etag
W/"5d8c6fa4-2a07"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=86400
cf-ray
7b2250407c4d3370-MIA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 04 Apr 2023 15:23:33 GMT
lazyload.min.js
www.itinforok.com/static/themes/gametemp-q7/assets/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.itinforok.com/static/themes/gametemp-q7/assets/js/lazyload.min.js
Requested by
Host: www.itinforok.com
URL: https://www.itinforok.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1964 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b3baa10ac55f4eece0c7e666eaddd51872b8ce9273671626bcccec8f86ead78

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.itinforok.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 15:23:33 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
server
cloudflare
etag
W/"1dc09d84-8a2"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=86400
cf-ray
7b2250407c4f3370-MIA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 04 Apr 2023 15:23:33 GMT
swiper.min.js
www.itinforok.com/static/themes/gametemp-q7/assets/js/ 		125 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.itinforok.com/static/themes/gametemp-q7/assets/js/swiper.min.js
Requested by
Host: www.itinforok.com
URL: https://www.itinforok.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1964 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ebd5d7878133be396f3f8338dafd4dd18e9147c49281573d431bda4a41600e5e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.itinforok.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 15:23:33 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 03 Aug 2020 06:20:52 GMT
server
cloudflare
etag
W/"5f27acc4-1f3cb"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=86400
cf-ray
7b2250407c503370-MIA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 04 Apr 2023 15:23:33 GMT
iconfont.js
www.itinforok.com/static/themes/gametemp-q7/assets/font/ 		52 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.itinforok.com/static/themes/gametemp-q7/assets/font/iconfont.js
Requested by
Host: www.itinforok.com
URL: https://www.itinforok.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1964 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
10bb72b14e202fffb0eb6dfb7fae8a91fc9c9c4f52429f2a3a281503454ad566

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.itinforok.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 15:23:33 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Thu, 14 Nov 2019 09:41:52 GMT
server
cloudflare
etag
W/"5dcd2160-ce10"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=86400
cf-ray
7b2250407c523370-MIA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 04 Apr 2023 15:23:33 GMT
Doomsday_Town.png
play.get9game.com/uploads/gamepic/20220701/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://play.get9game.com/uploads/gamepic/20220701/Doomsday_Town.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:8623 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
809622787c5702cd1b0cb242523d4c93ea0e6cde80dea791bde9f5b8d7bb8c74

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.itinforok.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 15:23:34 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
50205
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
11664
last-modified
Fri, 01 Jul 2022 03:28:00 GMT
server
cloudflare
etag
"62be69c0-2d90"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pKagFiMhcVQ9cIEHNiAMv4db9E5nNGeJccNxxGz%2FcOsJSNMsHayslY9pcv2OeEG7N7Zfkq7uqPhkXlvIKnW33nISMNAduNL1h3Is5rWATBqurUcWgq6UfIvSro7fbh0dU4c73vYbcHhOZEb9AEp%2Fgg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
7b225042aa6f0314-MIA
expires
Mon, 03 Apr 2023 13:26:48 GMT
Army_Commander.png
play.get9game.com/uploads/gamepic/20220701/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://play.get9game.com/uploads/gamepic/20220701/Army_Commander.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:8623 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
61e6cef964dc29f1367b67ed56f3dc9d6e9d8deb80416721d4885fabb249d8ec

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.itinforok.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 15:23:34 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
16185
last-modified
Fri, 01 Jul 2022 03:28:02 GMT
server
cloudflare
etag
"62be69c2-3f39"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LvK1HRLfNZtkSNj56y6RXw3ORi%2Fg%2BYUJN9bDm9ajxy0GLaZxI%2F42dtAyTsjEs3%2FSoeDC%2FGLQKO%2BXMtrSm7UmtesNujdgLRt7yast3byTHYsNaGLm6MKActTwZ74uglHw1QFGiOsJa3KnNRHoy%2BYwZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
7b225042aa710314-MIA
expires
Tue, 04 Apr 2023 03:23:34 GMT
BattleRoYale.png
play.get9game.com/uploads/gamepic/20221011/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://play.get9game.com/uploads/gamepic/20221011/BattleRoYale.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:8623 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c08552c240a69d707f0783c82997a92b8f9f30e859c24c58ce7d1a08e260150

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.itinforok.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 15:23:34 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
28267
last-modified
Tue, 11 Oct 2022 02:23:12 GMT
server
cloudflare
etag
"6344d390-6e6b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0KYp5eveabfl8oYXvRAkcH3wbhYQRwESEkZFjBl81s7ysZJocpKLfhFL%2Ff8qzBgu5gbOUIptRXzTTwo9t0xP35gINpynEKxg%2Ferf4epHStbETk7IJLJA4shUi7QC7jFgOpPH3ie58gefxwZSAN5rfw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
7b225042aa730314-MIA
expires
Tue, 04 Apr 2023 03:23:34 GMT
946ef35a21801ba576e4c4368acca213.png
play.get9game.com/uploads/gamepic/20220413/ 		133 KB
134 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://play.get9game.com/uploads/gamepic/20220413/946ef35a21801ba576e4c4368acca213.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:8623 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff1db826e80d2c4735359e32b664465256e7fe6c529f6502a5edeac2ceb3fad8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.itinforok.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 15:23:35 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
136343
last-modified
Wed, 13 Apr 2022 03:36:11 GMT
server
cloudflare
etag
"6256452b-21497"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BCDldaPTqpeLQMDTd4oEhtmr63hUDqiW1XMHhwdhNe0L8t1DPRZ%2F8IHwvIcDw7IaxLHfC3HMX%2F%2BmDJX6BAceCbOLI4Pj%2FOprWcG0ZMn4W8IIbOX9d%2BDDgLb1xLE9hEUTPfUjXEtsVSTsbGKQkEFTXg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
7b225042aa740314-MIA
expires
Tue, 04 Apr 2023 03:23:34 GMT
Airport_Security.png
play.get9game.com/uploads/gamepic/20220701/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://play.get9game.com/uploads/gamepic/20220701/Airport_Security.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:8623 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d4a9a3fe372f7b51f1fdb6e416664bf79467b94fb4f837f6dfe72a4f6e06c01c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.itinforok.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 15:23:34 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
67971
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
20770
last-modified
Fri, 01 Jul 2022 03:28:00 GMT
server
cloudflare
etag
"62be69c0-5122"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hk3LwKBlQtgXN2A%2FnGLMv5e68QsWefJ%2BIXLCUPKF%2FbFFjZ4LGcimyqhe8OcPq2U09mQp36y8VtD2h8dZ%2BKCA7bSNiOZ8evwhJu5oS4Xf7kufyT29fZeiWmsQrTgn%2BzYEYWvcQ3FD2AhfeFOSo22r8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
7b225042aa750314-MIA
expires
Mon, 03 Apr 2023 08:30:43 GMT
Weightlifting_beauty.png
play.get9game.com/uploads/gamepic/20220701/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://play.get9game.com/uploads/gamepic/20220701/Weightlifting_beauty.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:8623 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0471df4c93e7d9dde7b13e94995e4f2dda0fb0c8007634966295f4b48d86ab39

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.itinforok.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 15:23:34 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
71595
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
19258
last-modified
Fri, 01 Jul 2022 03:27:59 GMT
server
cloudflare
etag
"62be69bf-4b3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yl0gn3hWFtEiBq0w0fMyRKMAQ2KOaoD3srzfvRB7tiWaHZePpuRO0XY%2Briyeh5Ezt%2FIQmAw%2FsOETVV10unTIH8wmzpCB2NUeV%2FNNfiGGbHf%2FrJvVb4Mw0kaC0n5I8rX0s%2Fg3hYQzWuZsuRNrVTSaog%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
7b225042aa760314-MIA
expires
Mon, 03 Apr 2023 07:30:18 GMT
Crazy_Road.png
play.get9game.com/uploads/gamepic/20220701/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://play.get9game.com/uploads/gamepic/20220701/Crazy_Road.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:8623 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
257d0571ca5bd04050c462807c32225950929fa95c6900e6ef27ca419020150d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.itinforok.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 15:23:34 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
50149
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
17754
last-modified
Fri, 01 Jul 2022 03:28:03 GMT
server
cloudflare
etag
"62be69c3-455a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uFOpVwwEKG2bhgzkPVOgOivGU5pHd9EgKdqnF5tKn1KToVirsOSeoZaDwFuVBMS91n0MKriPxLn%2FR5tvPUfCpi%2FYnKpgYo5v0eo2UYNGpyYf5dJIc%2B%2BYw0mli7JZGq7uYTXMS1DpMNg3TWH0ChEbJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
7b225042faeb0314-MIA
expires
Mon, 03 Apr 2023 13:27:45 GMT
Tug_of_War.png
play.get9game.com/uploads/gamepic/20220701/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://play.get9game.com/uploads/gamepic/20220701/Tug_of_War.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:8623 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b6ff8bbf8fbfb3e8c847c0e8e4ea4571d100cf64bcabb833f6ebe2c815022277

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.itinforok.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 15:23:34 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
18385
last-modified
Fri, 01 Jul 2022 03:28:03 GMT
server
cloudflare
etag
"62be69c3-47d1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xIriPFZNkoh54K0NADA0vjslYbPn4xM4gUZohzob6SMjiFekuJao7GI%2BV31dy5YZ%2Bfobl5V54qrPEJwtA%2BEBt6b6TU3mHMnRQiGQkJacFIEI9bVXiKb2Y5ggiXEKelBXsUCAFMhd0TrcYP%2F9iP302g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
7b225042faec0314-MIA
expires
Tue, 04 Apr 2023 03:23:34 GMT
97b536a937b219ca89927e61060831f5.jpg
play.get9game.com/uploads/gamepic/20220926/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://play.get9game.com/uploads/gamepic/20220926/97b536a937b219ca89927e61060831f5.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:8623 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eaed37cf4252c99844571f6fafe5ff259d4f65f9bae36267681fa81979af577a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.itinforok.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 15:23:34 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
67970
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
11670
last-modified
Mon, 26 Sep 2022 03:04:55 GMT
server
cloudflare
etag
"633116d7-2d96"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lc9d906Zzn9RW6BXtpIkoZYGoX1H%2FxH6IBADUJvGOaWwz1npkElJTLZ%2Bci0bWBO8FVySr%2BzQniMeKaqP9rF4k1XAEpv%2BYSTGpa%2B3OZ3Qhm9UySFGs8GI3qxdgsAhznQMTehItUPWGlz6QhOdX0zG8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
7b225042faed0314-MIA
expires
Mon, 03 Apr 2023 08:30:44 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303280101/ 		397 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303280101/pubads_impl.js?cb=31073504
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a2f95610260cf64dd25b8eae0f74d5794e3609a8854cc78532dc3e796ce3d83d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.itinforok.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 23:11:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
58300
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
126061
x-xss-protection
0
server
cafe
etag
16234491604082075955
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Mon, 01 Apr 2024 23:11:54 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		39 B
67 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.itinforok.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1a4fcb057add99c55afd9ab98ee23ef28e878d323f3e10645e4cb6bed54e2a1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.itinforok.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 15:23:34 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-xss-protection
0
expires
Mon, 03 Apr 2023 15:23:34 GMT
integrator.js
adservice.google.com/adsid/ 		107 B
456 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.itinforok.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303280101/pubads_impl.js?cb=31073504
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.itinforok.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 15:23:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		717 B
393 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=381665097121780&correlator=1149908203124132&eid=31072019%2C31073320%2C31073504%2C31073539%2C31072997&output=ldjh&gdfp_req=1&vrg=202303280101&ptt=17&impl=fifs&iu_parts=22847393195%2Citinforok101-gx-gsf%2Citinforok101-300x250-sy01-gsf-gx&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&ifi=1&adks=3621076879&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1680535414834&lmt=1680518718&dlt=1680535413620&idt=1162&adxs=650&adys=1305&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.itinforok.com%2F&frm=20&vis=1&psz=1200x266&msz=300x250&fws=4&ohw=1200&ga_vid=641210577.1680535415&ga_sid=1680535415&ga_hid=47932989&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303280101/pubads_impl.js?cb=31073504
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
276dc70ca7833773ae47455b3b104a7ff73122211cccd546d7bd7bea9cf930aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.itinforok.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 15:23:34 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
363
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.itinforok.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202303280101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303280101/pubads_impl.js?cb=31073504
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
83033a8ed79d7dd5ecba6a698f7779581113087e5448e50408d565195a9ab584
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.itinforok.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 15:23:35 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11058
x-xss-protection
0
container.html
bda2ccd648030db89ddaa681c6a58fbc.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A743 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bda2ccd648030db89ddaa681c6a58fbc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303280101/pubads_impl.js?cb=31073504
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.itinforok.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 03 Apr 2023 15:23:35 GMT
expires
Tue, 02 Apr 2024 15:23:35 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303280101/pubads_impl.js?cb=31073504
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.itinforok.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 15:23:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 03 Apr 2023 15:23:35 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 93B5 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.itinforok.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
19405
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 03 Apr 2023 10:00:10 GMT
expires
Tue, 02 Apr 2024 10:00:10 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 5784 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2004 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
0ef5dc2bc1c678be44958b418798d3e828a181023c8eb82c05ce23fd17ae268e
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Z3yHgvSIDphj9SCqfeL7jQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.itinforok.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-Z3yHgvSIDphj9SCqfeL7jQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 03 Apr 2023 15:23:35 GMT
expires
Mon, 03 Apr 2023 15:23:35 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
hMk8RYfShm1WO-i6nufLdZfHD_Dal5FkV6wggQWjY74.js
pagead2.googlesyndication.com/bg/ Frame 93B5 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/hMk8RYfShm1WO-i6nufLdZfHD_Dal5FkV6wggQWjY74.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
84c93c4587d2866d563be8ba9ee7cb7597c70ff0da97916457ac208105a363be
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 06:26:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
291404
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14139
x-xss-protection
0
last-modified
Mon, 27 Mar 2023 13:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 30 Mar 2024 06:26:51 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 5784 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202303280101&jk=381665097121780&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 93B5 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?pS7eTQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2001 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 15:23:35 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202303280101&jk=381665097121780&bg=!2tml2Y3NAAbEgrg45II7ADkAdvg8WgvUep-rogXjMZKqkVmGRqPRPYUmjIR-WCzjv1rGy2u0v59ydXQEhO6Ncc186j8FG47N_oACAAAAZVIAAAACaAEHCgDWQfiujclpAMLtNb_gIcD4k7-mbLr4MnE1SRTtFYSf9tSFvPJy8EfAdvLVQCAqwqRyS0nmgWHVYJABbYgrxmcgk8XE6P0dQ8Zi8oDaqD5RTEfoZ-ubj6mgqHl-aqY18yCPHXA5qWGXJjTPsMhsTT4MzuvyiXB71My8JxQFjw7ieLSa4FXjz0oXjcJYgQ-T9N578ySKpjJckhwVRHBCRWWV8vO5vZmI607UsKi4O4heFnaehJVN7hL9VV_58BIbwS-Yf12UnWW3jjdrWOg-_pL0ESe3xLA1XZkCrQlOBPG7YZItqogaMyH3tZPE-M6qcEiOybBC7bKeaKX-8bbRKLerk1wlSbEXXS918pvsCZWw9x3geKyDh2utLl0r1_M4r28KJ36sIg45v_xpW-JV9CJEocT-vLgInWZKO6wKwiAYNVG-nHWrRxtq4UzgW2idkj6VhS_lHYg4N7nDewrfdzKyUiTl3t6N_n5bnMvVFpssulyooVBjp6DXJ2GW2ZCILWH4B0YspcQLpFDPfwQW2zJsd-FPdJF6ygAIgDxFZWgZqNpv4cjHSZe5SFuGaLZVPvY24NllBk1ZFBFXS18xzwHH5xvEPiC47V1rg6G4BONPRtl-kiTKyfUJPVmuvi_pMWroL_23qbvSgH8yGoHfJ7Ew9T_hCi2yzGvmGfNCsA7511EezhY-D9Ker_oCbnq39G09RS_edbEvQ-lDYpavm0No2KDS-CCphNQdJkypqe8i6kZ5emDCVqbKf6DKBazx4KtLaQsSCYAq4mi2jg9dhSpn9yCctyLrNa9E1aiEayN29Vp30ttqH9wIH0OV0-uGza7TS3k-01HlCdrHui8ZVlY9W0KFH5NjKulns-mQY4qbQcPaE1eeE3RlZd6z0kNPC6Pd5NjfrkL7_fyKCCf1AZGg-4fC52o9vPaQmIRUuOyYu2H-JsYLLHwpChC_OtW-duGqDVkE_X5tpuJjHJCWsegUMD4vvslGS_RV4A0PXGUYtm5Yg0ucanR0gsb5gIFBXQn0KJAVhczKg5GLNv_B_A9Z20-alPqMb-A7-hg2n1wrjzDxhI56_wnbEZyxNTjZNh0j-jAq2fJUfHov56vhxhzKZO58Ag2uXF0Z0gBgXOdU1jxGgDtnBH2SSxVunmj9IvFhjROMgpLLTDOfKwHd3vsCLRyIWTSqiRq-_m7Rf-JB4Jq3ONrMcs4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.itinforok.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

43 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 boolean| credentialless object| cookieconsent object| __cfQR function| Swiper function| lazyload function| LazyLoad function| ClipboardJS function| FastClick function| $ function| jQuery object| googletag object| copyTip boolean| isClick string| copyText object| clipboard object| lazyLoadImg number| box number| detailImgHeight object| detailImg object| games object| faceBook object| twitter object| menuBtn object| menuMask object| menuClose object| shareBtn object| shareMask object| shareClose function| hide boolean| __cfRLUnblockHandlers object| ggeac object| google_tag_data object| google_js_reporting_queue undefined| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| gaGlobal object| GoogleGcLKhOms object| google_image_requests

3 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.itinforok.com/ Name: __gads
Value: ID=1fd2c55b02dc86e8:T=1680535414:S=ALNI_MZ21Nl5UjoHcOFBQUP9h5kRztcFlQ
.itinforok.com/ Name: __gpi
Value: UID=00000a3e0d6a83b5:T=1680535414:RT=1680535414:S=ALNI_MZuKjUrMCdpEYtojZYsmPekAXaUpA

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
bda2ccd648030db89ddaa681c6a58fbc.safeframe.googlesyndication.com
cdn.jsdelivr.net
itinforok.com
pagead2.googlesyndication.com
play.get9game.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.google.com
www.itinforok.com
2606:4700:3034::ac43:8623
2606:4700::6812:1864
2606:4700::6812:1964
2607:f8b0:4006:80f::2004
2607:f8b0:4006:816::2002
2607:f8b0:4006:81f::2001
2607:f8b0:4006:820::2002
2607:f8b0:4006:824::2002
2a04:4e42:600::485
0471df4c93e7d9dde7b13e94995e4f2dda0fb0c8007634966295f4b48d86ab39
0b45289fafe755039a91702e5b778a01706b26fc86e76f67c27104ad7fa1a725
0ef5dc2bc1c678be44958b418798d3e828a181023c8eb82c05ce23fd17ae268e
10bb72b14e202fffb0eb6dfb7fae8a91fc9c9c4f52429f2a3a281503454ad566
1a4fcb057add99c55afd9ab98ee23ef28e878d323f3e10645e4cb6bed54e2a1e
257d0571ca5bd04050c462807c32225950929fa95c6900e6ef27ca419020150d
276dc70ca7833773ae47455b3b104a7ff73122211cccd546d7bd7bea9cf930aa
31dee4d3f5bfba7cf2c5eb7b41f8324a10c507af46f20b023a531f3fc5915480
333c29e8bc3e1ab7b66e03bec3f64469da990700b9ace77b36c0f37f2f3b30b5
35c5b437bbb77b2079765d66890409ae170a4c817c65f7434835e07836bac217
3fe6546296a0a64c38f102a952b0e3d2cef6f8b99dc4f162dbb2b8baad21b190
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5b3baa10ac55f4eece0c7e666eaddd51872b8ce9273671626bcccec8f86ead78
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61e6cef964dc29f1367b67ed56f3dc9d6e9d8deb80416721d4885fabb249d8ec
78200390d6155fc70fa4469c1d49ed2a56375d426471f78c4ce6e1c629e7e84a
7838107404e6e362efd250e825e793740dde4285a174b0376cc9074fe4394863
809622787c5702cd1b0cb242523d4c93ea0e6cde80dea791bde9f5b8d7bb8c74
83033a8ed79d7dd5ecba6a698f7779581113087e5448e50408d565195a9ab584
84c93c4587d2866d563be8ba9ee7cb7597c70ff0da97916457ac208105a363be
8c08552c240a69d707f0783c82997a92b8f9f30e859c24c58ce7d1a08e260150
a2f95610260cf64dd25b8eae0f74d5794e3609a8854cc78532dc3e796ce3d83d
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
b6ff8bbf8fbfb3e8c847c0e8e4ea4571d100cf64bcabb833f6ebe2c815022277
c207e653a1b44030d371cae76dbc884cfa7d6936525798d06be58b4cf45a9a5a
c7a10a5cf1574ff5efbe38630ff3bd4fbf6fbc4a587393ff7cf3f7bbb985dc03
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cd0d0b6e50ff01ff2f3a9a70d7cfb66a7c6cb9acf7a566325568be6d3bd31fc4
d4a9a3fe372f7b51f1fdb6e416664bf79467b94fb4f837f6dfe72a4f6e06c01c
dbafe77fe4ba49d10b50e2d35e37673260f6ef054512edf9ea9013532afa289a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e55842a856a6d829feca3c3ad736c136b6c7549e9247274f78aa296259e06e24
eaed37cf4252c99844571f6fafe5ff259d4f65f9bae36267681fa81979af577a
ebd5d7878133be396f3f8338dafd4dd18e9147c49281573d431bda4a41600e5e
ed32928001b662f8b75a5bd243d7d47f302cc1aebad177e4f8864b200e552e2c
ff1db826e80d2c4735359e32b664465256e7fe6c529f6502a5edeac2ceb3fad8