www.play4.getcryptotravels.com Open in urlscan Pro
52.5.109.247  Public Scan

7 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 79

• https://securepubads.g.doubleclick.net/pagead/adview?ai=C741DAVJTZ9CnL5etqMwPorL-yAuy9Yz9e8SDkOH6Es79h5-tCRABIMfY1qUBYMme9oaAgKAZoAHGyuCOPsgBAeACAKgDAcgDCqoEvQJP0MEHTCttM7t0oJFrqkFRbCzXOuwkRCIASmvEbG91JRksHE6bfH1NpaZyeNYwwd1AUmB8MtKhfmhAb4dH_klIaSAUx2H1lv577bg48T2ELUu47BK1JKFty-P0GaqN4cjXQk6DcJEdZH4MtBAM0jfxcvjgzDyOyMqYWP_h5TU6C2yIDi6iGTlS9FB-Mh_WGRZywW6J_Xqy6T0Xlid8fD8-i6VyWfwNtJkeqQt5k9AHwb8nVWfUp9FLHgsX5UAsWBSVg8i7m6fvOTSArfCC_OyrYXlta8xL-klBQktxPdz28Dbsn37HjozYjDUsH-7gulxwONX_kl_5hNIIJAIvo6sCw91Xw2ICN0p8J1Iz1qxJuMDmqcMVIRoY0D0CT_c_hNkngriegcWFVNP5igXNhcF8QCmlIqBuixezH9RIn8AEjNCP6oUF4AQBiAWbjuf5UZIFBAgEGAGSBQQIBRgEoAYugAfGgrHuGKgH1ckbqAfZtrECqAemvhuoB47OG6gHk9gbqAfw4BuoB-6WsQKoB_6esQKoB6--sQKoB_fCsQLYBwHyBwQQpesw0ggmCIBhEAEYHTICigI6C4BAgMCAgICgqIACSL39wTpYmfLL8PGTigOaCSRodHRwczovL2JsaW5nZW52eS5zaXRlLz9nYWRfc291cmNlPTWACgPICwHaDBEKCxDQw8v00a2ylcgBEgIBA-INEwicx8zw8ZOKAxWXFooDHSKZH7nqDRMIl7vN8PGTigMVlxaKAx0imR-52BMC0BUBgBcBshchCh0IABIUcHViLTU3MzA4NjU0MDEzNDA5NDAYz_iqARgBuhcCOAGyGAkSAsBPGC4iAQDQGAE&sigh=7TQHIUnvBnM&uach_m=%5BUACH%5D&ase=2&nis=ATTRIBUTION_REPORTING_STATUS&cid=CAQSTwCa7L7dRLWaRcgXIRkC78vbkBciybg05yEcsYlPD7t8c4iy0kSirPlptM4FbxMsB9pGV3ljahhbqlb7f6UP17h_Uz8pUBrJUwKJhYKAShEYAQ&template_id=5021&ebtr=1 HTTP 302
• https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x3cadcc6aac79e980000000000000000%22,%222%22:%220xc230da553896a1c70000000000000000%22,%223%22:%220xac64f5f8c85d0a470000000000000000%22,%224%22:%220x74ad1c9426e69b6e0000000000000000%22,%225%22:%220xaa0d091497695d410000000000000000%22},%22debug_key%22:%2216682452188460453781%22,%22debug_reporting%22:true,%22destination%22:%22https://blingenvy.site%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2216673940806%22],%2222%22:[%22true%22],%224%22:[%2212-06%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2211098033023764329889%22}&andc=true

Request Chain 82

• https://securepubads.g.doubleclick.net/pagead/adview?ai=CfBm_AVJTZ9KnL5etqMwPorL-yAuy9Yz9e8SDkOH6Es79h5-tCRABIMfY1qUBYMme9oaAgKAZoAHGyuCOPsgBCeACAKgDAcgDCqoEwwJP0LEvNw1FnwIFntfTL_OaO_EznkJtRi2HFn3Zamvff3E2GjFm6qj8vZqXJz9RZ70oOk9p2ok6wVlm6fLjC1JQ0yTfkuqaFbqiPpYQI0_xQSxWfcB9Yw7RiVmfCPMOsI66IVJ-Z_1AD-3wEzAkeSQoUrI5N9KkYxhEEE7C8w7HX6H6GB6bjU19KdKhD1zalg2UQezGFhQY4mPtRMnaiY9Z4N7GvW6Q3bsHsvXnXsa8a-U9JlyiWKcoSreUk2CsdexFjITkwl0NPIW0xuMIoqQj-R5OIoAY-YZOIy3cnj1s2-QEPHVjgnCgLY3lmU4GjvT9wGAQwUSUws6UV48rGdNqXb99wve-iUKtHo3I2tBlyb0x-QrPKu8RnuVEJfcBX87qBdlc1UHWwM6vTS4JLovwZ3OwK2bg2k7CnjcRTM4v6xasPMAEjNCP6oUF4AQBiAWbjuf5UZIFBAgEGAGSBQQIBRgEoAYugAfGgrHuGKgH1ckbqAfZtrECqAemvhuoB47OG6gHk9gbqAfw4BuoB-6WsQKoB_6esQKoB6--sQKoB_fCsQLYBwDyBwQQ97xm0ggmCIBhEAEYHTICigI6C4BAgMCAgICgqIACSL39wTpYmfLL8PGTigOaCSRodHRwczovL2JsaW5nZW52eS5zaXRlLz9nYWRfc291cmNlPTWACgPICwHaDBEKCxCgpIvo14yr2sUBEgIBA-INEwiex8zw8ZOKAxWXFooDHSKZH7nqDRMImbvN8PGTigMVlxaKAx0imR-5uBPkA9gTAtAVAYAXAbIXIQodCAASFHB1Yi01NzMwODY1NDAxMzQwOTQwGM_4qgEYAboXAjgBshgJEgLATxguIgEA0BgB&sigh=ecOQlnF2xhM&uach_m=%5BUACH%5D&ase=2&nis=ATTRIBUTION_REPORTING_STATUS&cid=CAQSTwCa7L7dRLWaRcgXIRkC78vbkBciybg05yEcsYlPD7t8c4iy0kSirPlptM4FbxMsB9pGV3ljahhbqlb7f6UP17h_Uz8pUBrJUwKJhYKAShEYAQ&template_id=484&ebtr=1 HTTP 302
• https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x3cadcc6aac79e980000000000000000%22,%222%22:%220xc230da553896a1c70000000000000000%22,%223%22:%220xac64f5f8c85d0a470000000000000000%22,%224%22:%220x74ad1c9426e69b6e0000000000000000%22,%225%22:%220xaa0d091497695d410000000000000000%22},%22debug_key%22:%222023256011396606055%22,%22debug_reporting%22:true,%22destination%22:%22https://blingenvy.site%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2216673940806%22],%2222%22:[%22true%22],%224%22:[%2212-06%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2215807129487402072385%22}&andc=true

99 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
2 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response www.play4.getcryptotravels.com/	41 KB 5 KB	659ms 230ms	Document text/html	52.5.109.247 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://www.play4.getcryptotravels.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.5.109.247 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-5-109-247.compute-1.amazonaws.com Software LiteSpeed / Resource Hash df2244c9fad5ab573b686c2879f99f5b93efa08a389a9fc715e5c1bdfb706bb4 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" content-encoding gzip content-type text/html; charset=UTF-8 date Fri, 06 Dec 2024 19:35:24 GMT server LiteSpeed vary Accept-Encoding
GET H3	200	OneSignalSDK.js Show response cdn.onesignal.com/sdks/	9 KB 3 KB	387ms 106ms	Script application/javascript	104.16.160.145 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.onesignal.com/sdks/OneSignalSDK.js Requested by Host: www.play4.getcryptotravels.com URL: https://www.play4.getcryptotravels.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.16.160.145 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ec8b1b07980996f574075e1b7e895d5d47794b9dcf345a68d60fbb17034f7bef Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.play4.getcryptotravels.com/ Response headers content-encoding br cf-cache-status HIT etag W/"09282956186c8515ef0d208902803581" age 1514 expires Mon, 09 Dec 2024 19:35:24 GMT alt-svc h3=":443"; ma=86400 server-timing cfExtPri date Fri, 06 Dec 2024 19:35:24 GMT content-type application/javascript vary Accept-Encoding priority u=3,i=?0 access-control-allow-headers OneSignal-Subscription-Id strict-transport-security max-age=15552000; includeSubDomains cache-control public, max-age=259200 via 1.1 google cf-ray 8edeb80cba51fac2-SJC server cloudflare
GET H2	200	one-signal-sdk.js Show response www.atmhtml5games.com/	445 KB 75 KB	1748ms 284ms	Script application/x-javascript	2a02:4780:11:1748:0:20ad:843d:9 AS-HOSTINGER Host...
General Check archive.org Show headers Download Go to Full URL https://www.atmhtml5games.com/one-signal-sdk.js Requested by Host: www.play4.getcryptotravels.com URL: https://www.play4.getcryptotravels.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:4780:11:1748:0:20ad:843d:9 Mumbai, India, ASN47583 (AS-HOSTINGER Hostinger International Limited, CY), Reverse DNS Software LiteSpeed / Resource Hash e5f79d38819c9e88959c018c51df06e73f0d414e8e274464d45248f4954e134d Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.play4.getcryptotravels.com/ Response headers panel hpanel content-security-policy upgrade-insecure-requests cache-control public, max-age=604800 content-encoding br etag "6f526-66ed20b4-43c731edf227dd24;br" expires Fri, 13 Dec 2024 19:35:26 GMT accept-ranges bytes alt-svc h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" content-length 76792 date Fri, 06 Dec 2024 19:35:26 GMT content-type application/x-javascript last-modified Fri, 20 Sep 2024 07:13:56 GMT vary Accept-Encoding server LiteSpeed platform hostinger
GET H2	200	bootstrap.min.css getcryptotravels.com/content/themes/arcade-two/css/	190 KB 24 KB	600ms 105ms	Stylesheet text/css	52.5.109.247 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://getcryptotravels.com/content/themes/arcade-two/css/bootstrap.min.css Requested by Host: www.play4.getcryptotravels.com URL: https://www.play4.getcryptotravels.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.5.109.247 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-5-109-247.compute-1.amazonaws.com Software LiteSpeed / Resource Hash 2143941c03dacda8b4f1016ced6e0c6f34e5c04585a3bcffe33c3c626c448a4a Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.play4.getcryptotravels.com/ Response headers cache-control public, max-age=604800 content-encoding br etag "2f955-634333ba-10436e;br" expires Fri, 13 Dec 2024 19:35:25 GMT accept-ranges bytes alt-svc h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" content-length 23974 date Fri, 06 Dec 2024 19:35:25 GMT last-modified Sun, 09 Oct 2022 20:48:58 GMT content-type text/css vary Accept-Encoding server LiteSpeed
GET H2	200	user.css getcryptotravels.com/content/themes/arcade-two/css/	3 KB 984 B	715ms 221ms	Stylesheet text/css	52.5.109.247 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://getcryptotravels.com/content/themes/arcade-two/css/user.css Requested by Host: www.play4.getcryptotravels.com URL: https://www.play4.getcryptotravels.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.5.109.247 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-5-109-247.compute-1.amazonaws.com Software LiteSpeed / Resource Hash 9773a654edd298605dd4d76f52d54d002faf7cb75fea8751995f4bc72be80ab7 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.play4.getcryptotravels.com/ Response headers cache-control public, max-age=604800 content-encoding br etag "c32-65a696d4-10436d;br" expires Fri, 13 Dec 2024 19:35:25 GMT accept-ranges bytes alt-svc h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" content-length 897 date Fri, 06 Dec 2024 19:35:25 GMT last-modified Tue, 16 Jan 2024 14:46:44 GMT content-type text/css vary Accept-Encoding server LiteSpeed
GET H2	200	style.css getcryptotravels.com/content/themes/arcade-two/css/	22 KB 5 KB	599ms 106ms	Stylesheet text/css	52.5.109.247 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://getcryptotravels.com/content/themes/arcade-two/css/style.css Requested by Host: www.play4.getcryptotravels.com URL: https://www.play4.getcryptotravels.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.5.109.247 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-5-109-247.compute-1.amazonaws.com Software LiteSpeed / Resource Hash a5e857dc5f5efa1ca90e2a2a7bdbaa266c9dcb20c7c059b4e0a726f239a1bec9 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.play4.getcryptotravels.com/ Response headers cache-control public, max-age=604800 content-encoding br etag "5866-67501f1d-10436c;br" expires Fri, 13 Dec 2024 19:35:25 GMT accept-ranges bytes alt-svc h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" content-length 4448 date Fri, 06 Dec 2024 19:35:25 GMT last-modified Wed, 04 Dec 2024 09:21:33 GMT content-type text/css vary Accept-Encoding server LiteSpeed
GET H2	200	custom.css getcryptotravels.com/content/themes/arcade-two/css/	128 B 212 B	711ms 219ms	Stylesheet text/css	52.5.109.247 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://getcryptotravels.com/content/themes/arcade-two/css/custom.css Requested by Host: www.play4.getcryptotravels.com URL: https://www.play4.getcryptotravels.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.5.109.247 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-5-109-247.compute-1.amazonaws.com Software LiteSpeed / Resource Hash 80aa1939fa8cbb3dd8f0880ebe4f07039923e7355890fca13f2e362fa42e5ee4 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.play4.getcryptotravels.com/ Response headers cache-control public, max-age=604800 etag "80-616ccff4-10436a;;;" expires Fri, 13 Dec 2024 19:35:25 GMT accept-ranges bytes alt-svc h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" content-length 128 date Fri, 06 Dec 2024 19:35:25 GMT last-modified Mon, 18 Oct 2021 01:37:56 GMT content-type text/css server LiteSpeed
GET H2	200	bootstrap-icons.css cdn.jsdelivr.net/npm/bootstrap-icons@1.10.3/font/	93 KB 13 KB	491ms 94ms	Stylesheet text/css	2606:4700::6812:bb1f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/bootstrap-icons@1.10.3/font/bootstrap-icons.css Requested by Host: www.play4.getcryptotravels.com URL: https://www.play4.getcryptotravels.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:bb1f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e1172d3a0a208cf01dc066f0abeaf17f00264a966159a69f71947d6edcd4935f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.play4.getcryptotravels.com/ Response headers access-control-expose-headers * content-encoding br cf-cache-status HIT etag W/"17579-AwBvMnkuAzSX6cpoNztsM4YwWTM" age 467733 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rOh5cpTHP48xqET9X8BH9CyJRl4a7C%2B6Ap36DdGIU4jjIMHaLNK46Z6Z16Dz50M86w%2BC2b0ImFK2Msyl%2BaxZv%2BjeD9iUlvR2nS08WX5Vkewt0bklyYAudIzSMPldl7qfYj7MeYcmWWUrE%2BwvgPM%3D"}],"group":"cf-nel","max_age":604800} x-content-type-options nosniff x-jsd-version-type version alt-svc h3=":443"; ma=86400 x-cache HIT, HIT date Fri, 06 Dec 2024 19:35:25 GMT content-type text/css; charset=utf-8 x-served-by cache-fra-etou8220052-FRA, cache-lga21931-LGA vary Accept-Encoding strict-transport-security max-age=31536000; includeSubDomains; preload cache-control public, max-age=31536000, s-maxage=31536000, immutable timing-allow-origin * nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} cross-origin-resource-policy cross-origin cf-ray 8edeb80d594d7d0d-LAX accept-ranges bytes access-control-allow-origin * content-length 12937 server cloudflare x-jsd-version 1.10.3
GET H3	200	font-awesome.min.css cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/	30 KB 6 KB	390ms 90ms	Stylesheet text/css	104.17.24.14 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css Requested by Host: www.play4.getcryptotravels.com URL: https://www.play4.getcryptotravels.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.play4.getcryptotravels.com/ Response headers cf-cdnjs-via cfworker/kv content-encoding br cf-cache-status HIT etag "5eb03e5f-7918" age 662354 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6vZSWxMOfawVo%2FdGD%2B9DkCL13cVhhatOV7ssWl4Z3MzuH%2BBywj01iaa72HhVhH6htgOpnuZJN9Fa8%2FuwlG1LKl5hEYmU3afmfS7V%2F3%2BwJqHh%2FD7yOyextbQ0L8WYjam%2F2wgcQScA"}],"group":"cf-nel","max_age":604800} x-content-type-options nosniff expires Wed, 26 Nov 2025 19:35:24 GMT alt-svc h3=":443"; ma=86400 server-timing cfExtPri date Fri, 06 Dec 2024 19:35:24 GMT content-type text/css; charset=utf-8 last-modified Mon, 04 May 2020 16:10:07 GMT vary Accept-Encoding priority u=0,i=?0 strict-transport-security max-age=15780000 cache-control public, max-age=30672000 timing-allow-origin * nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} cross-origin-resource-policy cross-origin cf-ray 8edeb80cdb5996c0-SJC accept-ranges bytes access-control-allow-origin * content-length 5631 server cloudflare
GET H2	200	custom_style.css www.play4.getcryptotravels.com/css/	3 KB 1 KB	134ms 114ms	Stylesheet text/css	52.5.109.247 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://www.play4.getcryptotravels.com/css/custom_style.css Requested by Host: www.play4.getcryptotravels.com URL: https://www.play4.getcryptotravels.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.5.109.247 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-5-109-247.compute-1.amazonaws.com Software LiteSpeed / Resource Hash 6bb975671426f197e7b092c2bbeb5ca148d4a3a5a8c8e131c742d9a35c09e908 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.play4.getcryptotravels.com/ Response headers cache-control public, max-age=604800 content-encoding br etag "d0e-675290c7-1f8120;br" expires Fri, 13 Dec 2024 19:35:24 GMT accept-ranges bytes alt-svc h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" content-length 903 date Fri, 06 Dec 2024 19:35:24 GMT last-modified Fri, 06 Dec 2024 05:51:03 GMT content-type text/css vary Accept-Encoding server LiteSpeed
GET H2	200	css2 fonts.googleapis.com/	2 KB 907 B	587ms 139ms	Stylesheet text/css	2607:f8b0:4004:c09::5f GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;600&display=swap Requested by Host: www.play4.getcryptotravels.com URL: https://www.play4.getcryptotravels.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c09::5f Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash b750990c79ec4dd21bf9ad8e8db216580460e00fda22a193de7a1ab8f4b98b81 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.play4.getcryptotravels.com/ Response headers content-encoding gzip x-content-type-options nosniff expires Fri, 06 Dec 2024 19:35:25 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Fri, 06 Dec 2024 19:35:25 GMT content-type text/css; charset=utf-8 vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site last-modified Fri, 06 Dec 2024 19:14:19 GMT x-frame-options SAMEORIGIN strict-transport-security max-age=31536000 link <https://fonts.gstatic.com>; rel=preconnect; crossorigin cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * cross-origin-opener-policy same-origin-allow-popups cross-origin-resource-policy cross-origin access-control-allow-origin * x-xss-protection 0 server ESF
GET H3	200	gpt.js Show response securepubads.g.doubleclick.net/tag/js/	104 KB 33 KB	403ms 145ms	Script text/javascript	142.251.16.157 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/tag/js/gpt.js Requested by Host: www.play4.getcryptotravels.com URL: https://www.play4.getcryptotravels.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.16.157 Farmingdale, United States, ASN15169 (GOOGLE, US), Reverse DNS bl-in-f157.1e100.net Software cafe / Resource Hash 79a6027f6370cc98a440912a8777d4d333017e24a3f042015f15dc0eafd49298 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.play4.getcryptotravels.com/ Response headers content-encoding br etag 5 / 20063 / m202412030101 / config-hash: 7504530807083649717 x-content-type-options nosniff expires Fri, 06 Dec 2024 19:35:27 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" date Fri, 06 Dec 2024 19:35:27 GMT content-type text/javascript; charset=UTF-8 vary Accept-Encoding content-disposition attachment; filename="f.txt" cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * cross-origin-resource-policy cross-origin access-control-allow-origin * content-length 33426 x-xss-protection 0 server cafe
GET H2	200	jquery-3.6.0.min.js Show response code.jquery.com/	87 KB 31 KB	454ms 58ms	Script application/javascript	2a04:4e42::649 FASTLY
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/jquery-3.6.0.min.js Requested by Host: www.play4.getcryptotravels.com URL: https://www.play4.getcryptotravels.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42::649 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.play4.getcryptotravels.com/ Response headers content-encoding gzip etag W/"28feccc0-15d9d" age 3496052 x-cache HIT, HIT date Fri, 06 Dec 2024 19:35:25 GMT content-type application/javascript; charset=utf-8 last-modified Fri, 18 Oct 1991 12:00:00 GMT x-cache-hits 227368, 75778 x-served-by cache-lga21931-LGA, cache-lax-kwhp1940105-LAX vary Accept-Encoding cache-control public, max-age=31536000, stale-while-revalidate=604800 x-timer S1733513725.021420,VS0,VE0 cross-origin-resource-policy cross-origin via 1.1 varnish, 1.1 varnish accept-ranges bytes access-control-allow-origin * content-length 30875 server nginx
GET H2	200	site-logo.png getcryptotravels.com/images/	61 KB 62 KB	707ms 220ms	Image image/png	52.5.109.247 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://getcryptotravels.com/images/site-logo.png Requested by Host: www.play4.getcryptotravels.com URL: https://www.play4.getcryptotravels.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.5.109.247 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-5-109-247.compute-1.amazonaws.com Software LiteSpeed / Resource Hash c74ed4b4e09010599bdf90bf945f2b17cccb8001b5a989a719fd6716a50eaf63 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.play4.getcryptotravels.com/ Response headers cache-control public, max-age=604800 etag "f5bf-67518e9b-11b5f;;;" expires Fri, 13 Dec 2024 19:35:25 GMT accept-ranges bytes alt-svc h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" content-length 62911 date Fri, 06 Dec 2024 19:35:25 GMT last-modified Thu, 05 Dec 2024 11:29:31 GMT content-type image/png server LiteSpeed
GET H2	200	category_icon_2.svg www.play4.getcryptotravels.com/images/	14 KB 4 KB	175ms 112ms	Image image/svg+xml	52.5.109.247 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://www.play4.getcryptotravels.com/images/category_icon_2.svg Requested by Host: www.play4.getcryptotravels.com URL: https://www.play4.getcryptotravels.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.5.109.247 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-5-109-247.compute-1.amazonaws.com Software LiteSpeed / Resource Hash a2d7c39312ee92f81173e6dfb69141f9ed85912d3fa69267147275dbe4693649 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.play4.getcryptotravels.com/ Response headers cache-control public, max-age=604800 content-encoding br etag "39ff-675290c7-1f8129;br" expires Fri, 13 Dec 2024 19:35:27 GMT accept-ranges bytes alt-svc h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" content-length 3905 date Fri, 06 Dec 2024 19:35:27 GMT last-modified Fri, 06 Dec 2024 05:51:03 GMT content-type image/svg+xml vary Accept-Encoding server LiteSpeed
GET H2	404	baby-cathy-ep22-hair-problem_2.webp www.play4.getcryptotravels.com/thumbs/	1 KB 1 KB	147ms 124ms	Image text/html	52.5.109.247 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://www.play4.getcryptotravels.com/thumbs/baby-cathy-ep22-hair-problem_2.webp Requested by Host: www.play4.getcryptotravels.com URL: https://www.play4.getcryptotravels.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.5.109.247 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-5-109-247.compute-1.amazonaws.com Software LiteSpeed / Resource Hash 679e7e62b81267c93d0778083ae0fd0efe24172ff0ac581835b54165b3d9ed43 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.play4.getcryptotravels.com/ Response headers cache-control private, no-cache, max-age=0 content-encoding gzip pragma no-cache alt-svc h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" date Fri, 06 Dec 2024 19:35:25 GMT content-type text/html vary Accept-Encoding server LiteSpeed
GET H2	200	9acd98d8d4df4b73bc28f8a9205a3419-512x512.jpeg img.gamedistribution.com/	175 KB 176 KB	1163ms 149ms	Image image/jpeg	3.162.125.14 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://img.gamedistribution.com/9acd98d8d4df4b73bc28f8a9205a3419-512x512.jpeg Requested by Host: www.play4.getcryptotravels.com URL: https://www.play4.getcryptotravels.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.162.125.14 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-3-162-125-14.iad61.r.cloudfront.net Software AmazonS3 / Resource Hash 634766dff3486fb8e8fb9185ab4279bfde92415f1f1fea10c455cf9d71a3e735 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.play4.getcryptotravels.com/ Response headers x-amz-version-id null etag "19667dbe7841bbf1a192c04f28c73258" age 41324 via 1.1 ff2d6deff1b50282a21f4b199088c76e.cloudfront.net (CloudFront) accept-ranges bytes x-amz-meta-last-modified 1626446508000 x-cache Hit from cloudfront content-length 179622 x-amz-cf-id OAS45FbU1MxJpUoIVtPt8RGK_y0Kc4js2SYvtHWLQnfEeQ_j99LJGA== date Fri, 06 Dec 2024 19:35:26 GMT content-type image/jpeg last-modified Tue, 23 Aug 2022 09:18:06 GMT server AmazonS3 x-amz-cf-pop IAD61-P3 vary Origin
GET H2	200	484e0d8cf9aa45e6889f4a40c0d11132-512x512.jpeg img.gamedistribution.com/	244 KB 245 KB	1055ms 465ms	Image image/jpeg	3.162.125.14 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://img.gamedistribution.com/484e0d8cf9aa45e6889f4a40c0d11132-512x512.jpeg Requested by Host: www.play4.getcryptotravels.com URL: https://www.play4.getcryptotravels.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.162.125.14 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-3-162-125-14.iad61.r.cloudfront.net Software AmazonS3 / Resource Hash ab3629f44489275bca41b249126295aa37fc35e10956394fecaf02322970cb63 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.play4.getcryptotravels.com/ Response headers etag "f15366ba315eb7e60cd121711a014dda" x-amz-version-id null via 1.1 ff2d6deff1b50282a21f4b199088c76e.cloudfront.net (CloudFront) accept-ranges bytes x-amz-meta-last-modified 1607453189000 x-cache Miss from cloudfront content-length 249662 x-amz-cf-id VdID77aQpBomSI6BodSoE8dZKZLyfy-1E_Vy3k0x7VKOMOLTdkn5wA== date Fri, 06 Dec 2024 19:35:27 GMT content-type image/jpeg last-modified Tue, 23 Aug 2022 09:19:22 GMT server AmazonS3 x-amz-cf-pop IAD61-P3 vary Origin
GET H2	200	46100801c12649e3a312edc7ce1a02b8-512x512.jpeg img.gamedistribution.com/	215 KB 216 KB	174ms 172ms	Image image/jpeg	3.162.125.14 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://img.gamedistribution.com/46100801c12649e3a312edc7ce1a02b8-512x512.jpeg Requested by Host: www.play4.getcryptotravels.com URL: https://www.play4.getcryptotravels.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.162.125.14 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-3-162-125-14.iad61.r.cloudfront.net Software AmazonS3 / Resource Hash 9e5fbb45747b2ede0aa02d757c29335658cb7b1801f5086fb0472240b634fb97 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.play4.getcryptotravels.com/ Response headers vary accept-encoding, Origin x-amz-version-id Tpkp.aptX0jr53ggrm2gNtheMG.11MmY etag "9357d7a34b1de219d6022d03c9b00966" age 24631 via 1.1 ff2d6deff1b50282a21f4b199088c76e.cloudfront.net (CloudFront) accept-ranges bytes x-cache Hit from cloudfront content-length 220541 x-amz-cf-id Ef-26pEWlzntRbnL7ZyB2qYkXcmjWdBkFFDbJ9y-xIN0H9iutaTHpg== date Fri, 06 Dec 2024 12:44:56 GMT content-type image/jpeg last-modified Sat, 25 Mar 2023 08:45:04 GMT server AmazonS3 x-amz-cf-pop IAD61-P3 x-amz-server-side-encryption AES256
GET H2	200	6aa63f9e65b74e4f8937f3630bc5eed9-512x512.jpeg img.gamedistribution.com/	79 KB 80 KB	710ms 649ms	Image image/jpeg	3.162.125.14 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://img.gamedistribution.com/6aa63f9e65b74e4f8937f3630bc5eed9-512x512.jpeg Requested by Host: www.play4.getcryptotravels.com URL: https://www.play4.getcryptotravels.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.162.125.14 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-3-162-125-14.iad61.r.cloudfront.net Software AmazonS3 / Resource Hash 39a0196c09a208c2650578b29f44d1f351208f91f9582ec45a59a8dcf7b9dc95 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.play4.getcryptotravels.com/ Response headers x-amz-version-id null etag "80f8f66451964aef933d857c9a8ab3e9" via 1.1 ff2d6deff1b50282a21f4b199088c76e.cloudfront.net (CloudFront) accept-ranges bytes x-amz-meta-last-modified 1637935769000 x-cache RefreshHit from cloudfront content-length 81079 x-amz-cf-id 8ATgTwYVY26DnZW6jmpL3G5OZ5_steu2D2ZNEL6O_9uxZwtY9wye2Q== date Fri, 06 Dec 2024 19:35:28 GMT content-type image/jpeg last-modified Tue, 23 Aug 2022 09:21:19 GMT server AmazonS3 x-amz-cf-pop IAD61-P3 vary accept-encoding, Origin
GET H2	200	37e78c94829742d4bd46bebe6f1c5718-512x512.jpeg img.gamedistribution.com/	42 KB 42 KB	183ms 121ms	Image image/jpeg	3.162.125.14 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://img.gamedistribution.com/37e78c94829742d4bd46bebe6f1c5718-512x512.jpeg Requested by Host: www.play4.getcryptotravels.com URL: https://www.play4.getcryptotravels.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.162.125.14 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-3-162-125-14.iad61.r.cloudfront.net Software AmazonS3 / Resource Hash c56eee45545873e2f79812483273bb9b7fdce5483af24d967d3fd39d9055d790 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.play4.getcryptotravels.com/ Response headers x-amz-version-id null etag "727000ffc0c81cfcccf3e6dfe549316f" age 35865 via 1.1 ff2d6deff1b50282a21f4b199088c76e.cloudfront.net (CloudFront) accept-ranges bytes x-amz-meta-last-modified 1611429127000 x-cache Hit from cloudfront content-length 43041 x-amz-cf-id FHan2ekHzotNuZTjsVCRM3e1icPZ4veUmEqokRZ9Ihc1MxCJj8qgFQ== date Fri, 06 Dec 2024 09:37:43 GMT content-type image/jpeg last-modified Tue, 23 Aug 2022 09:19:29 GMT server AmazonS3 x-amz-cf-pop IAD61-P3 vary accept-encoding, Origin
GET H2	200	59717890b0a64e1d9b435d94a07b9f30-512x512.jpeg img.gamedistribution.com/	321 KB 322 KB	360ms 299ms	Image image/jpeg	3.162.125.14 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://img.gamedistribution.com/59717890b0a64e1d9b435d94a07b9f30-512x512.jpeg Requested by Host: www.play4.getcryptotravels.com URL: https://www.play4.getcryptotravels.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.162.125.14 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-3-162-125-14.iad61.r.cloudfront.net Software AmazonS3 / Resource Hash c666650abaaac587295b6aae14f9e529f0957bc98be15e0ea6ad967ab0533da1 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.play4.getcryptotravels.com/ Response headers vary accept-encoding, Origin x-amz-version-id mEPfgez42j1YpIRLJr6DsPSUTxkr0Hus etag "543fb4ece095cc14686de51fa726997b" age 25883 via 1.1 ff2d6deff1b50282a21f4b199088c76e.cloudfront.net (CloudFront) accept-ranges bytes x-cache Hit from cloudfront content-length 329170 x-amz-cf-id eB1yO8SfKuW62Jj7dnYxN8lWzcJcphtLJmpdW_9Z2Qix4dJIDlhThA== date Fri, 06 Dec 2024 12:24:05 GMT content-type image/jpeg last-modified Fri, 24 Mar 2023 14:42:57 GMT server AmazonS3 x-amz-cf-pop IAD61-P3 x-amz-server-side-encryption AES256
GET H2	200	4ab90de0434941e296bf52e9e7a78ca4-512x512.jpeg img.gamedistribution.com/	219 KB 219 KB	209ms 148ms	Image image/jpeg	3.162.125.14 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://img.gamedistribution.com/4ab90de0434941e296bf52e9e7a78ca4-512x512.jpeg Requested by Host: www.play4.getcryptotravels.com URL: https://www.play4.getcryptotravels.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.162.125.14 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-3-162-125-14.iad61.r.cloudfront.net Software AmazonS3 / Resource Hash 0190a5353cef70bf619315b09ff7faef47d2c443220d5a6d30f905edca79abdf Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.play4.getcryptotravels.com/ Response headers etag "0e65fd5dae9aebc58f64a0b8b7f0ebf3" x-amz-version-id null age 50533 via 1.1 ff2d6deff1b50282a21f4b199088c76e.cloudfront.net (CloudFront) accept-ranges bytes x-amz-meta-last-modified 1651232160000 x-cache Hit from cloudfront content-length 223893 x-amz-cf-id Dj_3g_mwdKIl8xfokcrVUlm0BQikyVIi-N8vSDxE41br9kpgfK-K6A== date Fri, 06 Dec 2024 05:33:15 GMT content-type image/jpeg last-modified Tue, 23 Aug 2022 09:17:50 GMT server AmazonS3 x-amz-cf-pop IAD61-P3 vary Origin
GET H2	404	girly-office-style_2.webp www.play4.getcryptotravels.com/thumbs/	1 KB 1 KB	162ms 112ms	Image text/html	52.5.109.247 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://www.play4.getcryptotravels.com/thumbs/girly-office-style_2.webp Requested by Host: www.play4.getcryptotravels.com URL: https://www.play4.getcryptotravels.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.5.109.247 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-5-109-247.compute-1.amazonaws.com Software LiteSpeed / Resource Hash 679e7e62b81267c93d0778083ae0fd0efe24172ff0ac581835b54165b3d9ed43 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.play4.getcryptotravels.com/ Response headers cache-control private, no-cache, max-age=0 content-encoding gzip pragma no-cache alt-svc h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" date Fri, 06 Dec 2024 19:35:27 GMT content-type text/html vary Accept-Encoding server LiteSpeed
GET H2	404	nope-to-hotty_2.webp www.play4.getcryptotravels.com/thumbs/	1 KB 1 KB	160ms 113ms	Image text/html	52.5.109.247 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://www.play4.getcryptotravels.com/thumbs/nope-to-hotty_2.webp Requested by Host: www.play4.getcryptotravels.com URL: https://www.play4.getcryptotravels.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.5.109.247 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-5-109-247.compute-1.amazonaws.com Software LiteSpeed / Resource Hash 679e7e62b81267c93d0778083ae0fd0efe24172ff0ac581835b54165b3d9ed43 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.play4.getcryptotravels.com/ Response headers cache-control private, no-cache, max-age=0 content-encoding gzip pragma no-cache alt-svc h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" date Fri, 06 Dec 2024 19:35:27 GMT content-type text/html vary Accept-Encoding server LiteSpeed
GET H2	200	473fc49ea6234a8d9b33b11e4aca829c-512x512.jpeg img.gamedistribution.com/	118 KB 118 KB	169ms 129ms	Image image/jpeg	3.162.125.14 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://img.gamedistribution.com/473fc49ea6234a8d9b33b11e4aca829c-512x512.jpeg Requested by Host: www.play4.getcryptotravels.com URL: https://www.play4.getcryptotravels.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.162.125.14 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-3-162-125-14.iad61.r.cloudfront.net Software AmazonS3 / Resource Hash ab95822e4ddc0d0d7c182d94708fbd1eab04632dbd6501718b2aa0966c01a52d Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.play4.getcryptotravels.com/ Response headers etag "4c55f92a0bfd926c12eaea8eab99aa66" x-amz-version-id null age 10908 via 1.1 ff2d6deff1b50282a21f4b199088c76e.cloudfront.net (CloudFront) accept-ranges bytes x-amz-meta-last-modified 1601564354000 x-cache Hit from cloudfront content-length 120704 x-amz-cf-id _rKxfsLbjp1lssLGn1dOj_qF4bcK5ERTTaRggi7QRnl2--LbtMR--A== date Fri, 06 Dec 2024 16:33:40 GMT content-type image/jpeg last-modified Tue, 23 Aug 2022 09:18:09 GMT server AmazonS3 x-amz-cf-pop IAD61-P3 vary Origin
GET H2	200	3a40d2f6c74b41d9bafdc355551cbecc-512x512.jpeg img.gamedistribution.com/	44 KB 44 KB	712ms 673ms	Image image/jpeg	3.162.125.14 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://img.gamedistribution.com/3a40d2f6c74b41d9bafdc355551cbecc-512x512.jpeg Requested by Host: www.play4.getcryptotravels.com URL: https://www.play4.getcryptotravels.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.162.125.14 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-3-162-125-14.iad61.r.cloudfront.net Software AmazonS3 / Resource Hash 491754712c46583badab47f136efa0c6585478478bebef11a76c3c0d44735920 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.play4.getcryptotravels.com/ Response headers etag "5be8e0f06480f4ce65d6048eece095b4" x-amz-version-id null via 1.1 ff2d6deff1b50282a21f4b199088c76e.cloudfront.net (CloudFront) accept-ranges bytes x-amz-meta-last-modified 1638360253000 x-cache Miss from cloudfront content-length 44889 x-amz-cf-id spydiwoJ5xF1ZRUQjl1K4DqHDIIxS3krGK-dMWGY91rl5F71dbAH9g== date Fri, 06 Dec 2024 19:35:28 GMT content-type image/jpeg last-modified Tue, 23 Aug 2022 09:17:35 GMT server AmazonS3 x-amz-cf-pop IAD61-P3 vary Origin
GET H2	200	bb03332f2eaa4a96bbb3a0263d9c9662-512x512.jpg img.gamedistribution.com/	393 KB 394 KB	717ms 684ms	Image image/jpeg	3.162.125.14 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://img.gamedistribution.com/bb03332f2eaa4a96bbb3a0263d9c9662-512x512.jpg Requested by Host: www.play4.getcryptotravels.com URL: https://www.play4.getcryptotravels.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.162.125.14 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-3-162-125-14.iad61.r.cloudfront.net Software AmazonS3 / Resource Hash 361e18922efef83e72b66926c94fb2bcee7a75423f4ffca42a6101b63795e4d7 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.play4.getcryptotravels.com/ Response headers vary accept-encoding, Origin x-amz-version-id ERIjfnaGiQxZQ76XNuQHFso0r6VlxwdD etag "b83930547314ee47b1b4bd8ea05db258" via 1.1 ff2d6deff1b50282a21f4b199088c76e.cloudfront.net (CloudFront) accept-ranges bytes x-cache RefreshHit from cloudfront content-length 402191 x-amz-cf-id Gvv8ISWJg81ecTbQESskStIqN91ljD4EjRXn4zwza5DKKUS-TErITQ== date Fri, 06 Dec 2024 19:35:28 GMT content-type image/jpeg last-modified Mon, 25 Sep 2023 22:48:45 GMT server AmazonS3 x-amz-cf-pop IAD61-P3 x-amz-server-side-encryption AES256
GET H2	200	45e3fa0cd7d74375b5f610f88c57e4fd-512x512.jpeg img.gamedistribution.com/	168 KB 168 KB	417ms 384ms	Image image/jpeg	3.162.125.14 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://img.gamedistribution.com/45e3fa0cd7d74375b5f610f88c57e4fd-512x512.jpeg Requested by Host: www.play4.getcryptotravels.com URL: https://www.play4.getcryptotravels.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.162.125.14 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-3-162-125-14.iad61.r.cloudfront.net Software AmazonS3 / Resource Hash ef11cca36b340f7eca23d8fa3eb1b7f1a10c5065c09a53d0d82279521b6d2a09 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.play4.getcryptotravels.com/ Response headers x-amz-version-id null etag "20bcc750fec1ecd756c89c9b2aa89ec7" age 44460 via 1.1 ff2d6deff1b50282a21f4b199088c76e.cloudfront.net (CloudFront) accept-ranges bytes x-amz-meta-last-modified 1608307520000 x-cache Hit from cloudfront content-length 171610 x-amz-cf-id ysXNSYOiGGyGuVGllzVeI5XWhYBPSwz54Lldt5OXWuwQJH3Q1urtQQ== date Fri, 06 Dec 2024 07:14:28 GMT content-type image/jpeg last-modified Tue, 23 Aug 2022 09:20:54 GMT server AmazonS3 x-amz-cf-pop IAD61-P3 vary accept-encoding, Origin
GET H2	200	df618d04aa2646a4b67d98b4b565cf32-512x512.jpg img.gamedistribution.com/	251 KB 251 KB	378ms 346ms	Image image/jpeg	3.162.125.14 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://img.gamedistribution.com/df618d04aa2646a4b67d98b4b565cf32-512x512.jpg Requested by Host: www.play4.getcryptotravels.com URL: https://www.play4.getcryptotravels.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.162.125.14 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-3-162-125-14.iad61.r.cloudfront.net Software AmazonS3 / Resource Hash eb626aad6302288c13fa00fcb2969a3541aba36c62d76b7f81fc188025c42921 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.play4.getcryptotravels.com/ Response headers vary accept-encoding, Origin x-amz-version-id Z7uh1MowBi_7LPRR23u.J7Y5mAXAzMfl etag "532697b22f83ece5ba496171b6eee88a" age 37413 via 1.1 ff2d6deff1b50282a21f4b199088c76e.cloudfront.net (CloudFront) accept-ranges bytes x-cache Hit from cloudfront content-length 256624 x-amz-cf-id pJ28Nam1Asol5Z7I2WXNP_vSf8opgmjH0y006q8GFvwKxn8AWtcTsw== date Fri, 06 Dec 2024 09:11:55 GMT content-type image/jpeg last-modified Thu, 21 Dec 2023 08:04:41 GMT server AmazonS3 x-amz-cf-pop IAD61-P3 x-amz-server-side-encryption AES256
GET H2	200	2c51600ea86747549cf175ed3e75594a-512x512.jpeg img.gamedistribution.com/	169 KB 169 KB	457ms 430ms	Image image/jpeg	3.162.125.14 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://img.gamedistribution.com/2c51600ea86747549cf175ed3e75594a-512x512.jpeg Requested by Host: www.play4.getcryptotravels.com URL: https://www.play4.getcryptotravels.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.162.125.14 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-3-162-125-14.iad61.r.cloudfront.net Software AmazonS3 / Resource Hash b7e195542864b06043ca4628840f936ee268035f45878b728268f3c4977ccd9d Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.play4.getcryptotravels.com/ Response headers x-amz-version-id null etag "23237ffc19ef3a4f38f2ea253317f8c3" age 3372 via 1.1 ff2d6deff1b50282a21f4b199088c76e.cloudfront.net (CloudFront) accept-ranges bytes x-amz-meta-last-modified 1640717504000 x-cache Hit from cloudfront content-length 172795 x-amz-cf-id EWMdFgrkY3LRBbBxtApouab2I658TytRG5ZCIZkfEK9P8DiXMGLcvw== date Fri, 06 Dec 2024 19:35:27 GMT content-type image/jpeg last-modified Tue, 23 Aug 2022 09:19:54 GMT server AmazonS3 x-amz-cf-pop IAD61-P3 vary accept-encoding, Origin
GET H2	404	roxie-s-kitchen-kawaii-bento_2.webp www.play4.getcryptotravels.com/thumbs/	1 KB 1 KB	137ms 111ms	Image text/html	52.5.109.247 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://www.play4.getcryptotravels.com/thumbs/roxie-s-kitchen-kawaii-bento_2.webp Requested by Host: www.play4.getcryptotravels.com URL: https://www.play4.getcryptotravels.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.5.109.247 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-5-109-247.compute-1.amazonaws.com Software LiteSpeed / Resource Hash 679e7e62b81267c93d0778083ae0fd0efe24172ff0ac581835b54165b3d9ed43 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.play4.getcryptotravels.com/ Response headers cache-control private, no-cache, max-age=0 content-encoding gzip pragma no-cache alt-svc h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" date Fri, 06 Dec 2024 19:35:27 GMT content-type text/html vary Accept-Encoding server LiteSpeed
GET H2	200	773bbda2927e4a0d8c303c98132bd3e9-512x512.jpeg img.gamedistribution.com/	101 KB 101 KB	566ms 541ms	Image image/jpeg	3.162.125.14 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://img.gamedistribution.com/773bbda2927e4a0d8c303c98132bd3e9-512x512.jpeg Requested by Host: www.play4.getcryptotravels.com URL: https://www.play4.getcryptotravels.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.162.125.14 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-3-162-125-14.iad61.r.cloudfront.net Software AmazonS3 / Resource Hash 1560504c8fd2e9a064c8520c250c746bb8779450ecda798618cc26521b25b0f7 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.play4.getcryptotravels.com/ Response headers x-amz-version-id null etag "cd8fcbaaf32020eb1d8c042d8f308afe" age 3414 via 1.1 ff2d6deff1b50282a21f4b199088c76e.cloudfront.net (CloudFront) accept-ranges bytes x-amz-meta-last-modified 1635724482000 x-cache Hit from cloudfront content-length 103082 x-amz-cf-id aQjoPj7eWrOtzl90_W5G7x1IFOqJj9p1ws3fdUKk_oxFpnnQKbrkCQ== date Fri, 06 Dec 2024 19:35:27 GMT content-type image/jpeg last-modified Tue, 23 Aug 2022 09:17:44 GMT server AmazonS3 x-amz-cf-pop IAD61-P3 vary accept-encoding, Origin
GET H2	200	79fd665a376e4a9196c9e209f9642432-512x512.jpeg img.gamedistribution.com/	170 KB 171 KB	790ms 765ms	Image image/jpeg	3.162.125.14 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://img.gamedistribution.com/79fd665a376e4a9196c9e209f9642432-512x512.jpeg Requested by Host: www.play4.getcryptotravels.com URL: https://www.play4.getcryptotravels.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.162.125.14 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-3-162-125-14.iad61.r.cloudfront.net Software AmazonS3 / Resource Hash f9719cce2240efaa41a280b29a06bfe5c1135d08a84960d0e1346547821afbc9 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.play4.getcryptotravels.com/ Response headers x-amz-version-id null etag "910876f0674251e72f4ec703b34d5171" via 1.1 ff2d6deff1b50282a21f4b199088c76e.cloudfront.net (CloudFront) accept-ranges bytes x-amz-meta-last-modified 1646769024000 x-cache RefreshHit from cloudfront content-length 174286 x-amz-cf-id 9uhD5i3qzOcuEKmvuoKYr7v-NApK8cAdZ9AGFuNKfRDTk5y7x7mtqg== date Fri, 06 Dec 2024 19:35:28 GMT content-type image/jpeg last-modified Tue, 23 Aug 2022 09:20:17 GMT server AmazonS3 x-amz-cf-pop IAD61-P3 vary accept-encoding, Origin
GET H2	200	fce89e7289a1487baef064d4d7709bb5-512x512.jpeg img.gamedistribution.com/	280 KB 281 KB	519ms 495ms	Image image/jpeg	3.162.125.14 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://img.gamedistribution.com/fce89e7289a1487baef064d4d7709bb5-512x512.jpeg Requested by Host: www.play4.getcryptotravels.com URL: https://www.play4.getcryptotravels.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.162.125.14 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-3-162-125-14.iad61.r.cloudfront.net Software AmazonS3 / Resource Hash e8104e166de6a7ebe94099bfdf220ca1001a975283756f8023487683846624bd Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.play4.getcryptotravels.com/ Response headers vary Origin x-amz-version-id uInjCRGEpDw1bf5wT.dd0YOC35uQgUxX etag "508f6dc6bebe6c5b261eda04ac2fabd2" age 4101 via 1.1 ff2d6deff1b50282a21f4b199088c76e.cloudfront.net (CloudFront) accept-ranges bytes x-cache Hit from cloudfront content-length 286573 x-amz-cf-id EpLsP4ZohUHu-RHejxWGouSPTz-UziSzFov5GAyxjH_F2xlnsfExQQ== date Fri, 06 Dec 2024 18:27:07 GMT content-type image/jpeg last-modified Thu, 09 Feb 2023 05:50:28 GMT server AmazonS3 x-amz-cf-pop IAD61-P3 x-amz-server-side-encryption AES256
GET H2	200	0de19049f7384b21beb369da6c6cb9e3-512x512.jpeg img.gamedistribution.com/	114 KB 114 KB	899ms 875ms	Image image/jpeg	3.162.125.14 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://img.gamedistribution.com/0de19049f7384b21beb369da6c6cb9e3-512x512.jpeg Requested by Host: www.play4.getcryptotravels.com URL: https://www.play4.getcryptotravels.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.162.125.14 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-3-162-125-14.iad61.r.cloudfront.net Software AmazonS3 / Resource Hash a632c24f3111f9a0be7f65eec7898f68ce004ed1dcc2efcc8d7d1dbfdc5e2ed9 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.play4.getcryptotravels.com/ Response headers etag "f43cd259fd6db5fdd6a1845b241c273c" x-amz-version-id null via 1.1 ff2d6deff1b50282a21f4b199088c76e.cloudfront.net (CloudFront) accept-ranges bytes x-amz-meta-last-modified 1640957694000 x-cache Miss from cloudfront content-length 116695 x-amz-cf-id zEd6N-R6I-fgiyNT4--9fDrG9FoXSximDoPXt9xppWLC4tJZLeWEfQ== date Fri, 06 Dec 2024 19:35:28 GMT content-type image/jpeg last-modified Tue, 23 Aug 2022 09:18:26 GMT server AmazonS3 x-amz-cf-pop IAD61-P3 vary Origin
GET H2	200	2e40467bc4764fcbab16ebb26aa85522-512x512.jpeg img.gamedistribution.com/	44 KB 44 KB	503ms 480ms	Image image/jpeg	3.162.125.14 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://img.gamedistribution.com/2e40467bc4764fcbab16ebb26aa85522-512x512.jpeg Requested by Host: www.play4.getcryptotravels.com URL: https://www.play4.getcryptotravels.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.162.125.14 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-3-162-125-14.iad61.r.cloudfront.net Software AmazonS3 / Resource Hash 5f60b4225f8f5c61ec9c60dd5f93e64dfd7de7c152d4d99be10eb16b875cf66d Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.play4.getcryptotravels.com/ Response headers etag "4c8a631819bf2599cc30734b16e84b9d" x-amz-version-id null age 46483 via 1.1 ff2d6deff1b50282a21f4b199088c76e.cloudfront.net (CloudFront) accept-ranges bytes x-amz-meta-last-modified 1605687333000 x-cache Hit from cloudfront content-length 44874 x-amz-cf-id 3PtOhTMnXxnmjuGtNOokBwJx9-5ozme5frAQnjbLZOECvma9EpJw4w== date Fri, 06 Dec 2024 06:40:45 GMT content-type image/jpeg last-modified Tue, 23 Aug 2022 09:17:41 GMT server AmazonS3 x-amz-cf-pop IAD61-P3 vary Origin
GET H2	200	6dfa80eaf3ad46bb95dc18f2983c240d-512x512.jpeg img.gamedistribution.com/	37 KB 38 KB	591ms 568ms	Image image/jpeg	3.162.125.14 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://img.gamedistribution.com/6dfa80eaf3ad46bb95dc18f2983c240d-512x512.jpeg Requested by Host: www.play4.getcryptotravels.com URL: https://www.play4.getcryptotravels.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.162.125.14 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-3-162-125-14.iad61.r.cloudfront.net Software AmazonS3 / Resource Hash 08749665f5a6f5228a0aa8f605d97367578d3fd97fce2e000e799ffef53c75a1 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.play4.getcryptotravels.com/ Response headers etag "1f09df1d7b8750d3e76664c8c9bd7ff6" x-amz-version-id null age 5868 via 1.1 ff2d6deff1b50282a21f4b199088c76e.cloudfront.net (CloudFront) accept-ranges bytes x-amz-meta-last-modified 1647209861000 x-cache Hit from cloudfront content-length 38185 x-amz-cf-id f_i9tKKyzVY-mjDGh4eLj0jK6JUCvGMNyYhQtpHnxL7zpHuVfYUdSQ== date Fri, 06 Dec 2024 17:57:40 GMT content-type image/jpeg last-modified Tue, 23 Aug 2022 09:20:35 GMT server AmazonS3 x-amz-cf-pop IAD61-P3 vary Origin
GET H2	200	9a24754a054545c7b04b193a4ba68e67-512x512.jpeg img.gamedistribution.com/	85 KB 85 KB	628ms 605ms	Image image/jpeg	3.162.125.14 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://img.gamedistribution.com/9a24754a054545c7b04b193a4ba68e67-512x512.jpeg Requested by Host: www.play4.getcryptotravels.com URL: https://www.play4.getcryptotravels.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.162.125.14 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-3-162-125-14.iad61.r.cloudfront.net Software AmazonS3 / Resource Hash 1f401ca145cd5af0a01ea715123a47c62533aa64fc8d31fce4cabe656d4563cc Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.play4.getcryptotravels.com/ Response headers etag "61038a4fec0eb75fee6ed6bd9adca1a0" x-amz-version-id null age 51187 via 1.1 ff2d6deff1b50282a21f4b199088c76e.cloudfront.net (CloudFront) accept-ranges bytes x-amz-meta-last-modified 1614847989000 x-cache Hit from cloudfront content-length 86948 x-amz-cf-id LcnCrOFRh_1Are4PvsYkvVsXnvTBIi3gZxX4SNKvUtHtEgHsHFfQbg== date Fri, 06 Dec 2024 05:22:20 GMT content-type image/jpeg last-modified Tue, 23 Aug 2022 09:21:33 GMT server AmazonS3 x-amz-cf-pop IAD61-P3 vary Origin
GET H2	200	440269579b97436c8273c7e82bece2f0-512x512.jpeg img.gamedistribution.com/	140 KB 141 KB	872ms 849ms	Image image/jpeg	3.162.125.14 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://img.gamedistribution.com/440269579b97436c8273c7e82bece2f0-512x512.jpeg Requested by Host: www.play4.getcryptotravels.com URL: https://www.play4.getcryptotravels.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.162.125.14 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-3-162-125-14.iad61.r.cloudfront.net Software AmazonS3 / Resource Hash 5d5a7ce146731404d2ad6cac8f0986020c8e17e477d6b66ba8bbbddc8c671597 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.play4.getcryptotravels.com/ Response headers x-amz-version-id null etag "edf707135ccfa54efd57fe1e737f1aab" via 1.1 ff2d6deff1b50282a21f4b199088c76e.cloudfront.net (CloudFront) accept-ranges bytes x-amz-meta-last-modified 1605215694000 x-cache RefreshHit from cloudfront content-length 143620 x-amz-cf-id GfsalpoS1PY3B2w3Qwo_oZ6qWr182gmFX2Kc5x8CMaeF75n6BFoLaQ== date Fri, 06 Dec 2024 19:35:28 GMT content-type image/jpeg last-modified Tue, 23 Aug 2022 09:19:04 GMT server AmazonS3 x-amz-cf-pop IAD61-P3 vary accept-encoding, Origin
GET H2	200	6a80275cf438415ebe4552ac1cda7aff-512x512.jpeg img.gamedistribution.com/	119 KB 120 KB	840ms 818ms	Image image/jpeg	3.162.125.14 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://img.gamedistribution.com/6a80275cf438415ebe4552ac1cda7aff-512x512.jpeg Requested by Host: www.play4.getcryptotravels.com URL: https://www.play4.getcryptotravels.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.162.125.14 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-3-162-125-14.iad61.r.cloudfront.net Software AmazonS3 / Resource Hash 6d1791902080052b7f021118c99401fb310ada93a68d44d033f5a498938636f6 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.play4.getcryptotravels.com/ Response headers vary accept-encoding, Origin x-amz-version-id mulChQwaHPmB87DV4CW6SkVYEh7FvNTf etag "818f848fc4ae3a05c60acbb18013d526" via 1.1 ff2d6deff1b50282a21f4b199088c76e.cloudfront.net (CloudFront) accept-ranges bytes x-cache RefreshHit from cloudfront content-length 121995 x-amz-cf-id jJYEhDi5nvagdmHONxP3cHo0siXqlfYGH0LWbmlnbnE6QIwMKQrL5g== date Fri, 06 Dec 2024 19:35:28 GMT content-type image/jpeg last-modified Thu, 03 Aug 2023 22:11:26 GMT server AmazonS3 x-amz-cf-pop IAD61-P3 x-amz-server-side-encryption AES256
GET H2	200	2e3f023e4dd945429cafda09824fe351-512x512.jpeg img.gamedistribution.com/	94 KB 94 KB	627ms 606ms	Image image/jpeg	3.162.125.14 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://img.gamedistribution.com/2e3f023e4dd945429cafda09824fe351-512x512.jpeg Requested by Host: www.play4.getcryptotravels.com URL: https://www.play4.getcryptotravels.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.162.125.14 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-3-162-125-14.iad61.r.cloudfront.net Software AmazonS3 / Resource Hash 488cf35960d0e9f7ccbd4498d8661b9d7e2a02b9bfe754a56117ee7dc978bf40 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.play4.getcryptotravels.com/ Response headers etag "855a4fa0f6b28ac7d9fb54e94f85c8cd" x-amz-version-id null age 10082 via 1.1 ff2d6deff1b50282a21f4b199088c76e.cloudfront.net (CloudFront) accept-ranges bytes x-amz-meta-last-modified 1627022100000 x-cache Hit from cloudfront content-length 95808 x-amz-cf-id wPtDzL37Ws4f5rBG58NJf13wg3ONGrw3zTNl23W-enbFYCWXvGLe_A== date Fri, 06 Dec 2024 16:47:26 GMT content-type image/jpeg last-modified Tue, 23 Aug 2022 09:17:39 GMT server AmazonS3 x-amz-cf-pop IAD61-P3 vary Origin
GET H3	200	OneSignalPageSDKES6.js Show response cdn.onesignal.com/sdks/	284 KB 68 KB	123ms 113ms	Script application/javascript	104.16.160.145 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151606 Requested by Host: cdn.onesignal.com URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js Protocol H3 Security QUIC, , AES_128_GCM Server 104.16.160.145 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 785d3e9ea187b7242e1a4365a48c3fd95dd7a469245d24c6769b8d46c4ef4b81 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.play4.getcryptotravels.com/ Response headers content-encoding br cf-cache-status HIT etag W/"7e91359b46e1da637080a03b759164fa" age 2910 expires Mon, 09 Dec 2024 19:35:27 GMT alt-svc h3=":443"; ma=86400 server-timing cfExtPri date Fri, 06 Dec 2024 19:35:27 GMT content-type application/javascript vary Accept-Encoding priority u=3,i=?0 access-control-allow-headers OneSignal-Subscription-Id strict-transport-security max-age=15552000; includeSubDomains cache-control public, max-age=259200 via 1.1 google cf-ray 8edeb81a8ec8fac2-SJC server cloudflare
GET H2	200	category_icon_2.svg www.play4.getcryptotravels.com/images/	14 KB 0	137ms 137ms	Image image/svg+xml	52.5.109.247 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://www.play4.getcryptotravels.com/images/category_icon_2.svg Requested by Host: www.play4.getcryptotravels.com URL: https://www.play4.getcryptotravels.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.5.109.247 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-5-109-247.compute-1.amazonaws.com Software LiteSpeed / Resource Hash a2d7c39312ee92f81173e6dfb69141f9ed85912d3fa69267147275dbe4693649 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.play4.getcryptotravels.com/ Response headers cache-control public, max-age=604800 content-encoding br etag "39ff-675290c7-1f8129;br" expires Fri, 13 Dec 2024 19:35:27 GMT accept-ranges bytes alt-svc h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" content-length 3905 date Fri, 06 Dec 2024 19:35:27 GMT last-modified Fri, 06 Dec 2024 05:51:03 GMT content-type image/svg+xml vary Accept-Encoding server LiteSpeed
GET H3	200	pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2 fonts.gstatic.com/s/poppins/v22/	8 KB 8 KB	339ms 187ms	Font font/woff2	142.251.163.94 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/poppins/v22/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;600&display=swap Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.163.94 Farmingdale, United States, ASN15169 (GOOGLE, US), Reverse DNS wv-in-f94.1e100.net Software sffe / Resource Hash f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Origin https://www.play4.getcryptotravels.com Referer https://fonts.googleapis.com/ Response headers age 194015 report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} x-content-type-options nosniff expires Thu, 04 Dec 2025 13:41:52 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Wed, 04 Dec 2024 13:41:52 GMT last-modified Wed, 04 Dec 2024 06:53:31 GMT content-type font/woff2 cache-control public, max-age=31536000 timing-allow-origin * cross-origin-opener-policy same-origin; report-to="apps-themes" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes accept-ranges bytes access-control-allow-origin * content-length 8000 x-xss-protection 0 server sffe
GET H3	200	pxiEyp8kv8JHgFVrJJfecg.woff2 fonts.gstatic.com/s/poppins/v22/	8 KB 8 KB	280ms 128ms	Font font/woff2	142.251.163.94 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/poppins/v22/pxiEyp8kv8JHgFVrJJfecg.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;600&display=swap Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.163.94 Farmingdale, United States, ASN15169 (GOOGLE, US), Reverse DNS wv-in-f94.1e100.net Software sffe / Resource Hash 7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Origin https://www.play4.getcryptotravels.com Referer https://fonts.googleapis.com/ Response headers age 212711 report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} x-content-type-options nosniff expires Thu, 04 Dec 2025 08:30:16 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Wed, 04 Dec 2024 08:30:16 GMT last-modified Wed, 04 Dec 2024 06:53:08 GMT content-type font/woff2 cache-control public, max-age=31536000 timing-allow-origin * cross-origin-opener-policy same-origin; report-to="apps-themes" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes accept-ranges bytes access-control-allow-origin * content-length 7884 x-xss-protection 0 server sffe
GET H3	200	pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2 fonts.gstatic.com/s/poppins/v22/	8 KB 8 KB	299ms 148ms	Font font/woff2	142.251.163.94 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/poppins/v22/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;600&display=swap Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.163.94 Farmingdale, United States, ASN15169 (GOOGLE, US), Reverse DNS wv-in-f94.1e100.net Software sffe / Resource Hash cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Origin https://www.play4.getcryptotravels.com Referer https://fonts.googleapis.com/ Response headers age 189975 report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} x-content-type-options nosniff expires Thu, 04 Dec 2025 14:49:12 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Wed, 04 Dec 2024 14:49:12 GMT last-modified Wed, 04 Dec 2024 06:54:05 GMT content-type font/woff2 cache-control public, max-age=31536000 timing-allow-origin * cross-origin-opener-policy same-origin; report-to="apps-themes" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes accept-ranges bytes access-control-allow-origin * content-length 7748 x-xss-protection 0 server sffe
GET H3	200	bootstrap-icons.woff2 cdn.jsdelivr.net/npm/bootstrap-icons@1.10.3/font/fonts/	118 KB 119 KB	194ms 101ms	Font font/woff2	104.18.187.31 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/bootstrap-icons@1.10.3/font/fonts/bootstrap-icons.woff2?24e3eb84d0bcaf83d77f904c78ac1f47 Requested by Host: cdn.jsdelivr.net URL: https://cdn.jsdelivr.net/npm/bootstrap-icons@1.10.3/font/bootstrap-icons.css Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.187.31 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 966620f9e3bec428663687f9e8d67a6b8e35d79adebf6fb204e9b139eada7599 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Origin https://www.play4.getcryptotravels.com Referer https://cdn.jsdelivr.net/npm/bootstrap-icons@1.10.3/font/bootstrap-icons.css Response headers access-control-expose-headers * cf-cache-status HIT etag W/"1d9d0-F9rQd2iZrRvq2r0GHDTioiss3nQ" age 720229 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=v2bbW2E5NIb6vmSukydd45XDdaoyejpsKDhZjl1siz6VPq2QM%2Bx3tAloVlkySfCED5C%2FaXYRNpqQCaS5cHY8fQ62aG%2FHL9TbbSDlB8qTSKnDH5XVFcu4QBi1GsN8JP2fanA%3D"}],"group":"cf-nel","max_age":604800} x-content-type-options nosniff x-jsd-version-type version alt-svc h3=":443"; ma=86400 x-cache HIT, HIT server-timing cfExtPri date Fri, 06 Dec 2024 19:35:27 GMT content-type font/woff2 x-served-by cache-fra-etou8220124-FRA, cache-lga21965-LGA vary Accept-Encoding priority u=0,i=?0 strict-transport-security max-age=31536000; includeSubDomains; preload cache-control public, max-age=31536000, s-maxage=31536000, immutable timing-allow-origin * nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} cross-origin-resource-policy cross-origin cf-ray 8edeb81b4edf6420-SJC accept-ranges bytes access-control-allow-origin * content-length 121296 server cloudflare x-jsd-version 1.10.3
GET H3	200	fontawesome-webfont.woff2 cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/	75 KB 76 KB	92ms 86ms	Font application/octet-stream	104.17.24.14 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0 Requested by Host: cdnjs.cloudflare.com URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css Protocol H3 Security QUIC, , AES_128_GCM Server 104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Origin https://www.play4.getcryptotravels.com Referer https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css Response headers cf-cdnjs-via cfworker/kv cf-cache-status HIT etag "5eb03e5f-12d68" age 665538 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Y7CwTfaiKjGiJNidMFvpd0380%2FHpOJOx6Z7k7Tt%2Fl37HLcXsiETbLgGKEzi3bHO%2FnPmBN6%2B4EPxLePI44ZKM%2F%2B9VXHNcTu1xvytNB73U7Ihmucas4OO5GL%2BqHmTNiY5up9zb%2Bp9c"}],"group":"cf-nel","max_age":604800} x-content-type-options nosniff expires Wed, 26 Nov 2025 19:35:27 GMT alt-svc h3=":443"; ma=86400 server-timing cfExtPri date Fri, 06 Dec 2024 19:35:27 GMT content-type application/octet-stream; charset=utf-8 last-modified Mon, 04 May 2020 16:10:07 GMT vary Accept-Encoding priority u=0,i=?0 strict-transport-security max-age=15780000 cache-control public, max-age=30672000 timing-allow-origin * nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} cross-origin-resource-policy cross-origin cf-ray 8edeb81abc41cedd-SJC accept-ranges bytes access-control-allow-origin * content-length 77160 server cloudflare
GET H3	200	pubads_impl.js Show response securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412030101/	497 KB 153 KB	158ms 146ms	Script text/javascript	142.251.16.157 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412030101/pubads_impl.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.16.157 Farmingdale, United States, ASN15169 (GOOGLE, US), Reverse DNS bl-in-f157.1e100.net Software cafe / Resource Hash 28f6ada997873a7e073fc506b93f86b6d2be7de4cc6ae085557bc322cc6df331 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.play4.getcryptotravels.com/ Response headers content-encoding br etag 6831530709922679929 age 24478 x-content-type-options nosniff expires Sat, 06 Dec 2025 12:47:29 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" date Fri, 06 Dec 2024 12:47:29 GMT content-disposition attachment; filename="f.txt" content-type text/javascript; charset=UTF-8 vary Accept-Encoding cache-control public, immutable, max-age=31536000 timing-allow-origin * cross-origin-resource-policy cross-origin access-control-allow-origin * content-length 157012 x-xss-protection 0 server cafe
GET H3	200	gpt securepubads.g.doubleclick.net/pagead/managed/dict/m202412050101/	63 KB 22 KB	153ms 148ms	Other text/plain	142.251.16.157 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/managed/dict/m202412050101/gpt Requested by Host: www.play4.getcryptotravels.com URL: https://www.play4.getcryptotravels.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.16.157 Farmingdale, United States, ASN15169 (GOOGLE, US), Reverse DNS bl-in-f157.1e100.net Software cafe / Resource Hash 3afadb2c1b557e72372f35ddac45c9638faa3de842363f36e560ab7d1045b32a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer Response headers content-encoding br etag 4443559573512225521 age 11069 x-content-type-options nosniff expires Sat, 07 Dec 2024 16:30:58 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" date Fri, 06 Dec 2024 16:30:58 GMT content-type text/plain; charset=UTF-8 vary Accept-Encoding cache-control public, max-age=86400, stale-while-revalidate=7200 timing-allow-origin * cross-origin-resource-policy cross-origin access-control-allow-origin * content-length 22952 x-xss-protection 0 server cafe use-as-dictionary match="/gampad/ads", id="m202412050101"
GET H2	200	23213423875 Show response fundingchoicesmessages.google.com/i/	196 KB 65 KB	696ms 152ms	Script application/javascript	2607:f8b0:4004:c1f::8a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/i/23213423875?ers=3 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412030101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c1f::8a Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 28b2917356ab5610f020a2ab09bc0b97ad7df983abadc5cbacc09f5f12594e25 Security Headers Name Value Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-X1hXIQyBEx1zI2glpQMmzA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.play4.getcryptotravels.com/ Response headers content-encoding gzip x-content-type-options nosniff expires Mon, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Fri, 06 Dec 2024 19:35:28 GMT content-type application/javascript; charset=utf-8 x-frame-options SAMEORIGIN reporting-endpoints default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjStDikmLw1JBikPj6kkkLiJ3SZ7CGAHHrzXOs04E46d951hIgNlS4xOoMxI5Fl1g9gVi15xKrORDfX3eJ9TkQzzh_mXUBEBdJXGFtAWKGr1dYOYBYiIejYcnZXWwCO_Z-uc6spJGUXxifnJ9XUpSZVFqSX5SWnJZanFpUlloUb2RgZGJoZGCqZ2ASX2AAAOw5Pb8" content-security-policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-X1hXIQyBEx1zI2glpQMmzA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist cache-control no-cache, no-store, max-age=0, must-revalidate timing-allow-origin * cross-origin-opener-policy same-origin pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-resource-policy cross-origin permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=* x-xss-protection 0 server ESF
GET H2	200	AGSKWxVFoCzLq-ioqLZfc3_vrYoVQwrleV4sAW-HIhubhi0L9WuGuqqa233xjeD0n5icdXtgEiDQdKcsjUTRJZoKWVUauRAl_Uj7EtuPhFRrvF9CUhB3XlrL119PpWR87kOdKZW1jM_qCA== Show response fundingchoicesmessages.google.com/f/	10 KB 5 KB	188ms 177ms	Script application/javascript	2607:f8b0:4004:c1f::8a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/f/AGSKWxVFoCzLq-ioqLZfc3_vrYoVQwrleV4sAW-HIhubhi0L9WuGuqqa233xjeD0n5icdXtgEiDQdKcsjUTRJZoKWVUauRAl_Uj7EtuPhFRrvF9CUhB3XlrL119PpWR87kOdKZW1jM_qCA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzMzNTEzNzI5LDUyMzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly93d3cucGxheTQuZ2V0Y3J5cHRvdHJhdmVscy5jb20vIixudWxsLFtbOCwiXzlFZHFWNmNIWlUiXSxbOSwiZW4tVVMiXSxbMTYsIlsxLDEsMV0iXSxbMTksIjIiXSxbMTcsIlswXSJdXV0 Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US._9EdqV6cHZU.es5.O/am=DAY/d=1/rs=AJlcJMw0FmpIlG1Kd0r2k86hMU8_AAENdw/m=kernel_loader,loader_js_executable Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c1f::8a Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 49196b2ff4a0205e56324a843eef0e4cb7177918f911c81776ed75d236ef17b1 Security Headers Name Value Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-BW5Jr6zrH3E7JGMYYqp7Zw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.play4.getcryptotravels.com/ Response headers content-encoding gzip x-content-type-options nosniff expires Mon, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Fri, 06 Dec 2024 19:35:29 GMT content-type application/javascript; charset=utf-8 x-frame-options SAMEORIGIN reporting-endpoints default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjStDikmII1pBikPj6kkkLiJ3SZ7CGAHHrzXOs04E46d951hIgNlS4xOoMxI5Fl1g9gVi15xKrORDfX3eJ9TkQzzh_mXUBEBdJXGFtAWKGr1dYOYBYiIejccnZXWwCJ_auWsGkpJGUXxifnJ9XUpSZVFqSX5SWnJZanFpUlloUb2RgZGJoZGCqZ2ASX2AAAN_lPWA" content-security-policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-BW5Jr6zrH3E7JGMYYqp7Zw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist cache-control no-cache, no-store, max-age=0, must-revalidate timing-allow-origin * cross-origin-opener-policy same-origin pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-resource-policy cross-origin permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=* x-xss-protection 0 server ESF
GET H3	200	topics_frame.html securepubads.g.doubleclick.net/static/topics/ Frame EC49	0 0	1213ms 121ms	Document text/html	142.251.16.156 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/static/topics/topics_frame.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412030101/pubads_impl.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.16.156 Farmingdale, United States, ASN15169 (GOOGLE, US), Reverse DNS bl-in-f156.1e100.net Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.play4.getcryptotravels.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers accept-ranges bytes age 2073 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=3000, stale-while-revalidate=3600 content-encoding br content-length 28994 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Fri, 06 Dec 2024 19:00:57 GMT expires Fri, 06 Dec 2024 19:50:57 GMT last-modified Mon, 18 Nov 2024 20:43:40 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	207 KB 20 KB	811ms 795ms	Fetch text/plain	142.251.16.157 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1024237977227583&correlator=1371015316731319&eid=31083345%2C31084129&output=ldjh&gdfp_req=1&vrg=202412030101&ptt=17&impl=fifs&iu_parts=23213423875%2CAds%2Cads_Play4&enc_prev_ius=%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1%2C%2F0%2F2%2C%2F0%2F2%2C%2F0%2F2%2C%2F0%2F2%2C%2F0%2F2%2C%2F0%2F1%2C%2F0%2F1&prev_iu_szs=450x280%7C450x250%7C450x400%7C450x400%7C450x50%2C450x280%7C450x215%7C450x50%7C450x400%7C415x250%2C400x280%2C415x250%7C415x600%2C415x250%7C415x600%2C415x250%7C415x600%2C415x250%2C415x250%2C240x400%2C300x250&ifi=1&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1733513729574&lmt=1733513729&adxs=-9%2C-9%2C575%2C-9%2C563%2C563%2C-9%2C-9%2C-9%2C-9&adys=-9%2C-9%2C732%2C-9%2C140%2C3059%2C-9%2C-9%2C-9%2C-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1%7C-1%7C0%7C-1%7C0%7C1%7C-1%7C-1%7C-1%7C-1&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.play4.getcryptotravels.com%2F&vis=1&psz=0x-1%7C0x-1%7C475x2654%7C0x-1%7C475x3797%7C475x3797%7C0x-1%7C0x-1%7C0x-1%7C0x-1&msz=0x-1%7C0x-1%7C451x280%7C0x-1%7C475x250%7C475x250%7C0x-1%7C0x-1%7C0x-1%7C0x-1&fws=2%2C2%2C0%2C2%2C0%2C0%2C2%2C2%2C2%2C2&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&topics=9&tps=9&htps=10&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1733513724589&idt=3684&adks=1431508383%2C842300392%2C90316341%2C412051607%2C2180922533%2C3301026467%2C923428263%2C3940776279%2C3693766947%2C1132087846&frm=20&eoidce=1&td=1&egid=43941&tan=e2712de0-8679-4ade-8c61-cc8bce9d1a8e%2Ce2712de0-8679-4ade-8c61-cc8bce9d1a8f%2Ce2712de0-8679-4ade-8c61-cc8bce9d1a90%2Ce2712de0-8679-4ade-8c61-cc8bce9d1a91%2Ce2712de0-8679-4ade-8c61-cc8bce9d1a92%2Ce2712de0-8679-4ade-8c61-cc8bce9d1a93%2Ce2712de0-8679-4ade-8c61-cc8bce9d1a94%2Ce2712de0-8679-4ade-8c61-cc8bce9d1a95%2Ce2712de0-8679-4ade-8c61-cc8bce9d1a96%2Ce2712de0-8679-4ade-8c61-cc8bce9d1a97&tdf=2 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412030101/pubads_impl.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.16.157 Farmingdale, United States, ASN15169 (GOOGLE, US), Reverse DNS bl-in-f157.1e100.net Software cafe / Resource Hash c811bfc88efcb11bb8d5fe3310c91b471f433eb1acaf9bb0c3cc75580b43b08c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.play4.getcryptotravels.com/ Response headers access-control-expose-headers x-google-amp-ad-validated-version content-encoding dcb google-lineitem-id -2,-2,-1,-1,-1,-2,-2,-2,-2,-2 observe-browsing-topics ?1 x-content-type-options nosniff google-mediationtag-id -2 google-mediationgroup-id -2,-2,-2,-2,-2,-2,-2 expires Fri, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" date Fri, 06 Dec 2024 19:35:30 GMT content-type text/plain; charset=UTF-8 google-creative-id -2,-2,-1,-1,-1,-2,-2,-2,-2,-2 cache-control no-cache, must-revalidate timing-allow-origin * pragma no-cache cross-origin-resource-policy cross-origin access-control-allow-credentials true access-control-allow-origin https://www.play4.getcryptotravels.com content-length 20236 x-xss-protection 0 server cafe
GET H2	200	container.html 7cb5e89398988bd3d8b62611c9d923ca.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7107	0 0	1404ms 122ms	Document text/html	2607:f8b0:4004:c17::84 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://7cb5e89398988bd3d8b62611c9d923ca.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412030101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c17::84 Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.play4.getcryptotravels.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private, max-age=300 content-encoding br content-length 2653 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Fri, 06 Dec 2024 19:35:31 GMT expires Fri, 06 Dec 2024 19:35:31 GMT last-modified Thu, 03 Nov 2022 19:10:08 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	contentmobilead. Show response fundingchoicesmessages.google.com/f/AGSKWxU5eCZzkR41qjxrXhYTa4G2MHv80re5FRfh2udj0CnSsKZgBjSZclbexL88jXTn1633rvZJyrrSJN0Jz6JuNI-1YOjIss9qNo8LpJZ4S9SYEI_3JV6FMgmzeWT9LnZInGLluilGNj1SgIXf-QTI_t1FRp3vZ...	54 B 109 B	148ms 144ms	Script application/javascript	142.251.179.139 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/f/AGSKWxU5eCZzkR41qjxrXhYTa4G2MHv80re5FRfh2udj0CnSsKZgBjSZclbexL88jXTn1633rvZJyrrSJN0Jz6JuNI-1YOjIss9qNo8LpJZ4S9SYEI_3JV6FMgmzeWT9LnZInGLluilGNj1SgIXf-QTI_t1FRp3vZSP9nJKcOmHQtN7tI4bPmlkThQTlU9E6/_-468-60./ads_google./468x60.-your-ads-here./contentmobilead. Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US._9EdqV6cHZU.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMzSDLaO-HT6nbB3RY9t6_2n3xR0NQ/m=ad_blocking_detection_executable Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.179.139 Farmingdale, United States, ASN15169 (GOOGLE, US), Reverse DNS pd-in-f139.1e100.net Software ESF / Resource Hash 8a37445c5787a69590db88943aa59607ee992bda9e721e5ad67e74e4d33c8d1a Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-0fnSl0cGgYYPGTVLc1dqkg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.play4.getcryptotravels.com/ Response headers content-encoding gzip x-content-type-options nosniff expires Mon, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Fri, 06 Dec 2024 19:35:30 GMT content-type application/javascript; charset=utf-8 x-frame-options SAMEORIGIN reporting-endpoints default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjStDikmLw05BikPj6kkkLiJ3SZ7CGAHHrzXOs04E46d951hIgNlS4xOoMxI5Fl1g9gVi15xKrORDfX3eJ9TkQzzh_mXUBEBdJXGFtAWKGr1dYOYBYiIejacnZXWwCDRPbbzEqaSTlF8Yn5-eVFGUmlZbkF6Ulp6UWpxaVpRbFGxkYmRgaGZjqGZjEFxgAAMpcPPY" content-security-policy script-src 'report-sample' 'nonce-0fnSl0cGgYYPGTVLc1dqkg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport cache-control no-cache, no-store, max-age=0, must-revalidate cross-origin-opener-policy same-origin pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-resource-policy cross-origin permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=* x-xss-protection 0 server ESF
GET H3	200	google_top_exp.js Show response pagead2.googlesyndication.com/pagead/js/	47 B 67 B	763ms 126ms	Script text/javascript	142.250.31.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/google_top_exp.js?fcd=true Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US._9EdqV6cHZU.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMzSDLaO-HT6nbB3RY9t6_2n3xR0NQ/m=ad_blocking_detection_executable Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.31.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS bj-in-f155.1e100.net Software cafe / Resource Hash ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.play4.getcryptotravels.com/ Response headers content-encoding br etag 13036835877489095579 age 15517 x-content-type-options nosniff expires Fri, 20 Dec 2024 15:16:54 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" date Fri, 06 Dec 2024 15:16:54 GMT content-disposition attachment; filename="f.txt" content-type text/javascript; charset=UTF-8 vary Accept-Encoding cache-control public, max-age=1209600 timing-allow-origin * cross-origin-resource-policy cross-origin content-length 42 x-xss-protection 0 server cafe
POST H3	204	AGSKWxX8dVjIk1s6OlhEPCQ84Ky8QcnodgUcd5jQ1Q5TMCffaxXtliEZJ1JaRdWOT-e3l16EpyWT0RYs15N-eYAPg3LxNi3Dqsl4gC8YqlB9GilcM1LQJj6DVBZkH0u0Q0S0F6dSaEplMQ== Show response fundingchoicesmessages.google.com/el/	0 28 B	264ms 141ms	XHR text/html	142.251.179.139 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/el/AGSKWxX8dVjIk1s6OlhEPCQ84Ky8QcnodgUcd5jQ1Q5TMCffaxXtliEZJ1JaRdWOT-e3l16EpyWT0RYs15N-eYAPg3LxNi3Dqsl4gC8YqlB9GilcM1LQJj6DVBZkH0u0Q0S0F6dSaEplMQ== Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US._9EdqV6cHZU.es5.O/am=DAY/d=1/rs=AJlcJMw0FmpIlG1Kd0r2k86hMU8_AAENdw/m=kernel_loader,loader_js_executable Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.179.139 Farmingdale, United States, ASN15169 (GOOGLE, US), Reverse DNS pd-in-f139.1e100.net Software ESF / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-mq8M-SohYanB6dUGZ3w3tA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Content-Type text/plain Referer https://www.play4.getcryptotravels.com/ Response headers access-control-max-age 86400 access-control-allow-methods POST, GET, OPTIONS x-content-type-options nosniff expires Mon, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Fri, 06 Dec 2024 19:35:30 GMT content-type text/html; charset=utf-8 x-frame-options SAMEORIGIN reporting-endpoints default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmJw1pBicEqfwRoCxAxfr7ByALEQD0fTkrO72AQmvLg5kUnJJSm_MD45P68kNa9ENzGlWBfELspMKi3JL0Jhp5aBVOTkp6dn5qXHGxkYmRgaGZjqGZjHFxgAABHXJiI" content-security-policy script-src 'report-sample' 'nonce-mq8M-SohYanB6dUGZ3w3tA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport cache-control no-cache, no-store, max-age=0, must-revalidate cross-origin-opener-policy same-origin pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version access-control-allow-credentials true permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=* access-control-allow-origin https://www.play4.getcryptotravels.com content-length 0 x-xss-protection 0 server ESF
POST H3	204	AGSKWxX8dVjIk1s6OlhEPCQ84Ky8QcnodgUcd5jQ1Q5TMCffaxXtliEZJ1JaRdWOT-e3l16EpyWT0RYs15N-eYAPg3LxNi3Dqsl4gC8YqlB9GilcM1LQJj6DVBZkH0u0Q0S0F6dSaEplMQ== Show response fundingchoicesmessages.google.com/el/	0 28 B	147ms 146ms	XHR text/html	142.251.179.139 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/el/AGSKWxX8dVjIk1s6OlhEPCQ84Ky8QcnodgUcd5jQ1Q5TMCffaxXtliEZJ1JaRdWOT-e3l16EpyWT0RYs15N-eYAPg3LxNi3Dqsl4gC8YqlB9GilcM1LQJj6DVBZkH0u0Q0S0F6dSaEplMQ== Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US._9EdqV6cHZU.es5.O/am=DAY/d=1/rs=AJlcJMw0FmpIlG1Kd0r2k86hMU8_AAENdw/m=kernel_loader,loader_js_executable Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.179.139 Farmingdale, United States, ASN15169 (GOOGLE, US), Reverse DNS pd-in-f139.1e100.net Software ESF / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-mB-8llGwgbed3NOloGT7nA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Content-Type text/plain Referer https://www.play4.getcryptotravels.com/ Response headers access-control-max-age 86400 access-control-allow-methods POST, GET, OPTIONS x-content-type-options nosniff expires Mon, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Fri, 06 Dec 2024 19:35:30 GMT content-type text/html; charset=utf-8 x-frame-options SAMEORIGIN reporting-endpoints default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmLw1JBicEqfwRoCxAxfr7ByALEQD0fTkrO72AQOvDi-jlnJJSm_MD45P68kNa9ENzGlWBfELspMKi3JL0Jhp5aBVOTkp6dn5qXHGxkYmRgaGZjqGZjHFxgAACWkJmQ" content-security-policy script-src 'report-sample' 'nonce-mB-8llGwgbed3NOloGT7nA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport cache-control no-cache, no-store, max-age=0, must-revalidate cross-origin-opener-policy same-origin pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version access-control-allow-credentials true permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=* access-control-allow-origin https://www.play4.getcryptotravels.com content-length 0 x-xss-protection 0 server ESF
GET H2	200	amp4ads-v0.mjs Show response cdn.ampproject.org/rtv/012406252034000/ Frame FD7A	196 KB 56 KB	745ms 121ms	Script text/javascript	2607:f8b0:4004:c1b::84 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012406252034000/amp4ads-v0.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412030101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 278685d4467e915e1a1ce58a24e15dcdefbd7719acf70a59655361c35f8e273d Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.play4.getcryptotravels.com/ Response headers content-encoding br etag "ab8c5e684db96b44" age 94091 report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} x-content-type-options nosniff expires Fri, 05 Dec 2025 17:27:20 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Thu, 05 Dec 2024 17:27:20 GMT content-type text/javascript; charset=UTF-8 vary Accept-Encoding strict-transport-security max-age=31536000; includeSubDomains; preload content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp cache-control public, max-age=31536000 timing-allow-origin * cross-origin-resource-policy cross-origin accept-ranges bytes access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" content-length 56152 x-xss-protection 0 server sffe
GET H2	200	amp-ad-exit-0.1.mjs Show response cdn.ampproject.org/rtv/012406252034000/v0/ Frame FD7A	15 KB 5 KB	1025ms 403ms	Script text/javascript	2607:f8b0:4004:c1b::84 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012406252034000/v0/amp-ad-exit-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412030101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash fa843245814c185e1139a54052cf819ea23a33ac393d90f3525958116681e8be Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.play4.getcryptotravels.com/ Response headers content-encoding br etag "de79a6048671db85" age 95885 report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} x-content-type-options nosniff expires Fri, 05 Dec 2025 16:57:26 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Thu, 05 Dec 2024 16:57:26 GMT content-type text/javascript; charset=UTF-8 vary Accept-Encoding strict-transport-security max-age=31536000; includeSubDomains; preload content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp cache-control public, max-age=31536000 timing-allow-origin * cross-origin-resource-policy cross-origin accept-ranges bytes access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" content-length 5219 x-xss-protection 0 server sffe
GET H2	200	amp-analytics-0.1.mjs Show response cdn.ampproject.org/rtv/012406252034000/v0/ Frame FD7A	95 KB 28 KB	945ms 323ms	Script text/javascript	2607:f8b0:4004:c1b::84 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012406252034000/v0/amp-analytics-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412030101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7442d5ba404c482128280bb0416c3d62c8d06868594c1a23892b06df1ee2983a Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.play4.getcryptotravels.com/ Response headers content-encoding br etag "16a9579aec57c4a5" age 73802 report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} x-content-type-options nosniff expires Fri, 05 Dec 2025 23:05:29 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Thu, 05 Dec 2024 23:05:29 GMT content-type text/javascript; charset=UTF-8 vary Accept-Encoding strict-transport-security max-age=31536000; includeSubDomains; preload content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp cache-control public, max-age=31536000 timing-allow-origin * cross-origin-resource-policy cross-origin accept-ranges bytes access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" content-length 29025 x-xss-protection 0 server sffe
GET H2	200	amp-fit-text-0.1.mjs Show response cdn.ampproject.org/rtv/012406252034000/v0/ Frame FD7A	5 KB 2 KB	1024ms 402ms	Script text/javascript	2607:f8b0:4004:c1b::84 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012406252034000/v0/amp-fit-text-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412030101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f4a66f520e5a1676afa712f63b38fec877047301b208e1d2df15fd94d16a2435 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.play4.getcryptotravels.com/ Response headers content-encoding br etag "b7204740773aee25" age 80139 report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} x-content-type-options nosniff expires Fri, 05 Dec 2025 21:19:52 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Thu, 05 Dec 2024 21:19:52 GMT content-type text/javascript; charset=UTF-8 vary Accept-Encoding strict-transport-security max-age=31536000; includeSubDomains; preload content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp cache-control public, max-age=31536000 timing-allow-origin * cross-origin-resource-policy cross-origin accept-ranges bytes access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" content-length 1907 x-xss-protection 0 server sffe
GET H2	200	amp-form-0.1.mjs Show response cdn.ampproject.org/rtv/012406252034000/v0/ Frame FD7A	40 KB 13 KB	1005ms 384ms	Script text/javascript	2607:f8b0:4004:c1b::84 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012406252034000/v0/amp-form-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412030101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 0e284c175ea1cd1866d5d88171f3ca5fcad2b370093f0ae7891c152827a12dd0 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.play4.getcryptotravels.com/ Response headers content-encoding br etag "c65b00eac3dcf073" age 76415 report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} x-content-type-options nosniff expires Fri, 05 Dec 2025 22:21:56 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Thu, 05 Dec 2024 22:21:56 GMT content-type text/javascript; charset=UTF-8 vary Accept-Encoding strict-transport-security max-age=31536000; includeSubDomains; preload content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp cache-control public, max-age=31536000 timing-allow-origin * cross-origin-resource-policy cross-origin accept-ranges bytes access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" content-length 12949 x-xss-protection 0 server sffe
GET H2	200	css fonts.googleapis.com/ Frame FD7A	17 KB 2 KB	140ms 134ms	Stylesheet text/css	2607:f8b0:4004:c09::5f GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Open%20Sans%3A400%2C600%7COpen%20Sans%3A400%2C500 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412030101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c09::5f Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 1db2ffeec7d561a371b8443e533519bbd8768119ebed38ee8813e8da51bbc589 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.play4.getcryptotravels.com/ Response headers content-encoding gzip x-content-type-options nosniff expires Fri, 06 Dec 2024 19:35:31 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Fri, 06 Dec 2024 19:35:31 GMT content-type text/css; charset=utf-8 vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site last-modified Fri, 06 Dec 2024 19:03:32 GMT x-frame-options SAMEORIGIN strict-transport-security max-age=31536000 link <https://fonts.gstatic.com>; rel=preconnect; crossorigin cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * cross-origin-opener-policy same-origin-allow-popups cross-origin-resource-policy cross-origin access-control-allow-origin * x-xss-protection 0 server ESF
GET H2	200	14763004658117789537 tpc.googlesyndication.com/simgad/616380613712707817/ Frame FD7A	4 KB 5 KB	514ms 116ms	Image image/jpeg	2607:f8b0:4004:c09::84 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/616380613712707817/14763004658117789537?w=100&h=100&tw=1&q=75 Requested by Host: www.play4.getcryptotravels.com URL: https://www.play4.getcryptotravels.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c09::84 Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash b73b2cf69b44dea5ec7b7638cdac42770083d7017c5e3571a4ea1474b75a41a9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.play4.getcryptotravels.com/ Response headers age 4615 report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} x-content-type-options nosniff expires Sat, 06 Dec 2025 18:18:36 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 allow-fenced-frame-automatic-beacons true date Fri, 06 Dec 2024 18:18:36 GMT last-modified Thu, 28 Nov 2024 10:13:57 GMT content-type image/jpeg cache-control public, max-age=31536000 timing-allow-origin * x-dns-prefetch-control off cross-origin-resource-policy cross-origin accept-ranges bytes access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" content-length 4201 x-xss-protection 0 server sffe
GET H2	200	14763004658117789537 tpc.googlesyndication.com/simgad/2373554871754597790/ Frame FD7A	11 KB 11 KB	636ms 239ms	Image image/jpeg	2607:f8b0:4004:c09::84 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/2373554871754597790/14763004658117789537?w=400&h=209&tw=1&q=75 Requested by Host: www.play4.getcryptotravels.com URL: https://www.play4.getcryptotravels.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c09::84 Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4f0b8fabf430fa6cf1c464ba5ab720882a2dd53aa21ef07076ea801ce34ead39 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.play4.getcryptotravels.com/ Response headers age 4615 report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} x-content-type-options nosniff expires Sat, 06 Dec 2025 18:18:36 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 allow-fenced-frame-automatic-beacons true date Fri, 06 Dec 2024 18:18:36 GMT last-modified Fri, 06 Dec 2024 14:07:24 GMT content-type image/jpeg cache-control public, max-age=31536000 timing-allow-origin * x-dns-prefetch-control off cross-origin-resource-policy cross-origin accept-ranges bytes access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" content-length 11258 x-xss-protection 0 server sffe
GET DATA	200 OK	truncated / Frame FD7A	217 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 6feb7cbe183c3ebfa0b9b3b6a812ee0212eabefcc133b506fdea82672dfba3e0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer Response headers Content-Type image/png
GET H2	200	amp4ads-v0.mjs Show response cdn.ampproject.org/rtv/012406252034000/ Frame B378	196 KB 0	667ms 667ms	Script text/javascript	2607:f8b0:4004:c1b::84 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012406252034000/amp4ads-v0.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412030101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 278685d4467e915e1a1ce58a24e15dcdefbd7719acf70a59655361c35f8e273d Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.play4.getcryptotravels.com/ Response headers content-encoding br etag "ab8c5e684db96b44" age 94091 report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} x-content-type-options nosniff expires Fri, 05 Dec 2025 17:27:20 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Thu, 05 Dec 2024 17:27:20 GMT content-type text/javascript; charset=UTF-8 vary Accept-Encoding content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp cache-control public, max-age=31536000 timing-allow-origin * cross-origin-resource-policy cross-origin accept-ranges bytes access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" content-length 56152 x-xss-protection 0 server sffe
GET H2	200	amp-ad-exit-0.1.mjs Show response cdn.ampproject.org/rtv/012406252034000/v0/ Frame B378	15 KB 0	395ms 395ms	Script text/javascript	2607:f8b0:4004:c1b::84 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012406252034000/v0/amp-ad-exit-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412030101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash fa843245814c185e1139a54052cf819ea23a33ac393d90f3525958116681e8be Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.play4.getcryptotravels.com/ Response headers content-encoding br etag "de79a6048671db85" age 95885 report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} x-content-type-options nosniff expires Fri, 05 Dec 2025 16:57:26 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Thu, 05 Dec 2024 16:57:26 GMT content-type text/javascript; charset=UTF-8 vary Accept-Encoding content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp cache-control public, max-age=31536000 timing-allow-origin * cross-origin-resource-policy cross-origin accept-ranges bytes access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" content-length 5219 x-xss-protection 0 server sffe
GET H2	200	amp-analytics-0.1.mjs Show response cdn.ampproject.org/rtv/012406252034000/v0/ Frame B378	95 KB 0	315ms 315ms	Script text/javascript	2607:f8b0:4004:c1b::84 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012406252034000/v0/amp-analytics-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412030101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7442d5ba404c482128280bb0416c3d62c8d06868594c1a23892b06df1ee2983a Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.play4.getcryptotravels.com/ Response headers content-encoding br etag "16a9579aec57c4a5" age 73802 report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} x-content-type-options nosniff expires Fri, 05 Dec 2025 23:05:29 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Thu, 05 Dec 2024 23:05:29 GMT content-type text/javascript; charset=UTF-8 vary Accept-Encoding content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp cache-control public, max-age=31536000 timing-allow-origin * cross-origin-resource-policy cross-origin accept-ranges bytes access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" content-length 29025 x-xss-protection 0 server sffe
GET H2	200	amp-fit-text-0.1.mjs Show response cdn.ampproject.org/rtv/012406252034000/v0/ Frame B378	5 KB 0	394ms 394ms	Script text/javascript	2607:f8b0:4004:c1b::84 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012406252034000/v0/amp-fit-text-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412030101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f4a66f520e5a1676afa712f63b38fec877047301b208e1d2df15fd94d16a2435 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.play4.getcryptotravels.com/ Response headers content-encoding br etag "b7204740773aee25" age 80139 report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} x-content-type-options nosniff expires Fri, 05 Dec 2025 21:19:52 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Thu, 05 Dec 2024 21:19:52 GMT content-type text/javascript; charset=UTF-8 vary Accept-Encoding content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp cache-control public, max-age=31536000 timing-allow-origin * cross-origin-resource-policy cross-origin accept-ranges bytes access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" content-length 1907 x-xss-protection 0 server sffe
GET H2	200	amp-form-0.1.mjs Show response cdn.ampproject.org/rtv/012406252034000/v0/ Frame B378	40 KB 0	376ms 376ms	Script text/javascript	2607:f8b0:4004:c1b::84 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012406252034000/v0/amp-form-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412030101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 0e284c175ea1cd1866d5d88171f3ca5fcad2b370093f0ae7891c152827a12dd0 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.play4.getcryptotravels.com/ Response headers content-encoding br etag "c65b00eac3dcf073" age 76415 report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} x-content-type-options nosniff expires Fri, 05 Dec 2025 22:21:56 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Thu, 05 Dec 2024 22:21:56 GMT content-type text/javascript; charset=UTF-8 vary Accept-Encoding content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp cache-control public, max-age=31536000 timing-allow-origin * cross-origin-resource-policy cross-origin accept-ranges bytes access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" content-length 12949 x-xss-protection 0 server sffe
GET H2	200	css fonts.googleapis.com/ Frame B378	7 KB 827 B	158ms 135ms	Stylesheet text/css	2607:f8b0:4004:c09::5f GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412030101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c09::5f Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash fe53b72de605eaeaa413bd918760961ddf0d8557891ca23e74b3ad6785b733cc Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.play4.getcryptotravels.com/ Response headers content-encoding gzip x-content-type-options nosniff expires Fri, 06 Dec 2024 19:35:31 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Fri, 06 Dec 2024 19:35:31 GMT content-type text/css; charset=utf-8 vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site last-modified Fri, 06 Dec 2024 19:00:55 GMT x-frame-options SAMEORIGIN strict-transport-security max-age=31536000 link <https://fonts.gstatic.com>; rel=preconnect; crossorigin cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * cross-origin-opener-policy same-origin-allow-popups cross-origin-resource-policy cross-origin access-control-allow-origin * x-xss-protection 0 server ESF
GET H2	200	14763004658117789537 tpc.googlesyndication.com/simgad/2373554871754597790/ Frame B378	17 KB 17 KB	450ms 131ms	Image image/jpeg	2607:f8b0:4004:c09::84 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/2373554871754597790/14763004658117789537 Requested by Host: www.play4.getcryptotravels.com URL: https://www.play4.getcryptotravels.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c09::84 Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash be39006c6c340d89aab19a4651023c5a5c5a0ace919aa84bc0dcac9656d1edc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.play4.getcryptotravels.com/ Response headers age 11163 report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} x-content-type-options nosniff expires Sat, 06 Dec 2025 16:29:28 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 allow-fenced-frame-automatic-beacons true date Fri, 06 Dec 2024 16:29:28 GMT last-modified Fri, 06 Dec 2024 14:07:24 GMT content-type image/jpeg cache-control public, max-age=31536000 timing-allow-origin * x-dns-prefetch-control off cross-origin-resource-policy cross-origin accept-ranges bytes access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" content-length 17614 x-xss-protection 0 server sffe
GET H2	200	14763004658117789537 tpc.googlesyndication.com/simgad/616380613712707817/ Frame B378	4 KB 0	440ms 440ms	Image image/jpeg	2607:f8b0:4004:c09::84 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/616380613712707817/14763004658117789537?w=100&h=100&tw=1&q=75 Requested by Host: www.play4.getcryptotravels.com URL: https://www.play4.getcryptotravels.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c09::84 Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash b73b2cf69b44dea5ec7b7638cdac42770083d7017c5e3571a4ea1474b75a41a9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.play4.getcryptotravels.com/ Response headers age 4615 report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} x-content-type-options nosniff expires Sat, 06 Dec 2025 18:18:36 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 allow-fenced-frame-automatic-beacons true date Fri, 06 Dec 2024 18:18:36 GMT last-modified Thu, 28 Nov 2024 10:13:57 GMT content-type image/jpeg cache-control public, max-age=31536000 timing-allow-origin * x-dns-prefetch-control off cross-origin-resource-policy cross-origin accept-ranges bytes access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" content-length 4201 x-xss-protection 0 server sffe
GET DATA	200 OK	truncated / Frame B378	213 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 64cf421502eaaf7c99d9f309b3606dbe668ca7679abae0e19e16c6d08f245b81 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer Response headers Content-Type image/png
GET H2	200	en.png tpc.googlesyndication.com/pagead/images/adchoices/ Frame FD7A	2 KB 3 KB	524ms 264ms	Image image/png	2607:f8b0:4004:c09::84 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/pagead/images/adchoices/en.png Requested by Host: www.play4.getcryptotravels.com URL: https://www.play4.getcryptotravels.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c09::84 Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.play4.getcryptotravels.com/ Response headers cache-control public, max-age=86400 timing-allow-origin * etag 14819457070020093239 age 22820 cross-origin-resource-policy cross-origin x-content-type-options nosniff expires Sat, 07 Dec 2024 13:15:11 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-length 2502 x-xss-protection 0 date Fri, 06 Dec 2024 13:15:11 GMT content-type image/png vary Accept-Encoding server cafe
GET H2	200	icon.png tpc.googlesyndication.com/pagead/images/adchoices/ Frame FD7A	295 B 532 B	389ms 130ms	Image image/png	2607:f8b0:4004:c09::84 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png Requested by Host: www.play4.getcryptotravels.com URL: https://www.play4.getcryptotravels.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c09::84 Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.play4.getcryptotravels.com/ Response headers cache-control public, max-age=86400 timing-allow-origin * etag 426692510519060060 age 82439 cross-origin-resource-policy cross-origin x-content-type-options nosniff expires Fri, 06 Dec 2024 20:41:32 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-length 295 x-xss-protection 0 date Thu, 05 Dec 2024 20:41:32 GMT content-type image/png vary Accept-Encoding server cafe
GET H3	200	/ www.googleadservices.com/pagead/ar-adview/ Frame FD7A Redirect Chain https://securepubads.g.doubleclick.net/pagead/adview?ai=C741DAVJTZ9CnL5etqMwPorL-yAuy9Yz9e8SDkOH6Es79h5-tCRABIMfY1qUBYMme9oaAgKAZoAHGyuCOPsgBAeACAKgDAcgDCqoEvQJP0MEHTCttM7t0oJFrqkFRbCzXOuwkRCIASmvE... https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x3cadcc6aac79e980000000000000000%22,%222%22:%220xc230da553896a1c70000000000000000%22,%223%22:%220xac64f5f...	0 20 B	316ms 135ms	Image text/css	142.251.167.157 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x3cadcc6aac79e980000000000000000%22,%222%22:%220xc230da553896a1c70000000000000000%22,%223%22:%220xac64f5f8c85d0a470000000000000000%22,%224%22:%220x74ad1c9426e69b6e0000000000000000%22,%225%22:%220xaa0d091497695d410000000000000000%22},%22debug_key%22:%2216682452188460453781%22,%22debug_reporting%22:true,%22destination%22:%22https://blingenvy.site%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2216673940806%22],%2222%22:[%22true%22],%224%22:[%2212-06%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2211098033023764329889%22}&andc=true Requested by Host: www.play4.getcryptotravels.com URL: https://www.play4.getcryptotravels.com/ Protocol H3 Server 142.251.167.157 Farmingdale, United States, ASN15169 (GOOGLE, US), Reverse DNS ww-in-f157.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.play4.getcryptotravels.com/ Response headers cache-control private timing-allow-origin * cross-origin-resource-policy cross-origin x-content-type-options nosniff expires Fri, 06 Dec 2024 19:35:31 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-length 0 date Fri, 06 Dec 2024 19:35:31 GMT x-xss-protection 0 attribution-reporting-register-source {"aggregation_keys":{"1":"0x3cadcc6aac79e980000000000000000","2":"0xc230da553896a1c70000000000000000","3":"0xac64f5f8c85d0a470000000000000000","4":"0x74ad1c9426e69b6e0000000000000000","5":"0xaa0d091497695d410000000000000000"},"debug_key":"16682452188460453781","debug_reporting":true,"destination":"https://blingenvy.site","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["16673940806"],"22":["true"],"4":["12-06"],"6":["true"]},"priority":"500","source_event_id":"11098033023764329889"} content-type text/css; charset=UTF-8 server cafe Redirect headers content-security-policy script-src 'none'; object-src 'none' timing-allow-origin * location https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x3cadcc6aac79e980000000000000000","2":"0xc230da553896a1c70000000000000000","3":"0xac64f5f8c85d0a470000000000000000","4":"0x74ad1c9426e69b6e0000000000000000","5":"0xaa0d091497695d410000000000000000"},"debug_key":"16682452188460453781","debug_reporting":true,"destination":"https://blingenvy.site","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["16673940806"],"22":["true"],"4":["12-06"],"6":["true"]},"priority":"500","source_event_id":"11098033023764329889"}&andc=true cross-origin-resource-policy cross-origin access-control-allow-credentials true x-content-type-options nosniff access-control-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" content-length 0 date Fri, 06 Dec 2024 19:35:31 GMT x-xss-protection 0 content-type text/html; charset=UTF-8 server cafe
GET H2	200	en.png tpc.googlesyndication.com/pagead/images/adchoices/ Frame B378	2 KB 0	393ms 386ms	Image image/png	2607:f8b0:4004:c09::84 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/pagead/images/adchoices/en.png Requested by Host: www.play4.getcryptotravels.com URL: https://www.play4.getcryptotravels.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c09::84 Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.play4.getcryptotravels.com/ Response headers cache-control public, max-age=86400 timing-allow-origin * etag 14819457070020093239 age 22820 cross-origin-resource-policy cross-origin x-content-type-options nosniff expires Sat, 07 Dec 2024 13:15:11 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-length 2502 x-xss-protection 0 date Fri, 06 Dec 2024 13:15:11 GMT content-type image/png vary Accept-Encoding server cafe
GET H2	200	icon.png tpc.googlesyndication.com/pagead/images/adchoices/ Frame B378	295 B 0	244ms 244ms	Image image/png	2607:f8b0:4004:c09::84 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png Requested by Host: www.play4.getcryptotravels.com URL: https://www.play4.getcryptotravels.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c09::84 Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.play4.getcryptotravels.com/ Response headers cache-control public, max-age=86400 timing-allow-origin * etag 426692510519060060 age 82439 cross-origin-resource-policy cross-origin x-content-type-options nosniff expires Fri, 06 Dec 2024 20:41:32 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-length 295 x-xss-protection 0 date Thu, 05 Dec 2024 20:41:32 GMT content-type image/png vary Accept-Encoding server cafe
GET H3	200	/ www.googleadservices.com/pagead/ar-adview/ Frame B378 Redirect Chain https://securepubads.g.doubleclick.net/pagead/adview?ai=CfBm_AVJTZ9KnL5etqMwPorL-yAuy9Yz9e8SDkOH6Es79h5-tCRABIMfY1qUBYMme9oaAgKAZoAHGyuCOPsgBCeACAKgDAcgDCqoEwwJP0LEvNw1FnwIFntfTL_OaO_EznkJtRi2HFn3Z... https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x3cadcc6aac79e980000000000000000%22,%222%22:%220xc230da553896a1c70000000000000000%22,%223%22:%220xac64f5f...	0 20 B	313ms 133ms	Image text/css	142.251.167.157 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x3cadcc6aac79e980000000000000000%22,%222%22:%220xc230da553896a1c70000000000000000%22,%223%22:%220xac64f5f8c85d0a470000000000000000%22,%224%22:%220x74ad1c9426e69b6e0000000000000000%22,%225%22:%220xaa0d091497695d410000000000000000%22},%22debug_key%22:%222023256011396606055%22,%22debug_reporting%22:true,%22destination%22:%22https://blingenvy.site%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2216673940806%22],%2222%22:[%22true%22],%224%22:[%2212-06%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2215807129487402072385%22}&andc=true Requested by Host: www.play4.getcryptotravels.com URL: https://www.play4.getcryptotravels.com/ Protocol H3 Server 142.251.167.157 Farmingdale, United States, ASN15169 (GOOGLE, US), Reverse DNS ww-in-f157.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.play4.getcryptotravels.com/ Response headers cache-control private timing-allow-origin * cross-origin-resource-policy cross-origin x-content-type-options nosniff expires Fri, 06 Dec 2024 19:35:31 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-length 0 date Fri, 06 Dec 2024 19:35:31 GMT x-xss-protection 0 attribution-reporting-register-source {"aggregation_keys":{"1":"0x3cadcc6aac79e980000000000000000","2":"0xc230da553896a1c70000000000000000","3":"0xac64f5f8c85d0a470000000000000000","4":"0x74ad1c9426e69b6e0000000000000000","5":"0xaa0d091497695d410000000000000000"},"debug_key":"2023256011396606055","debug_reporting":true,"destination":"https://blingenvy.site","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["16673940806"],"22":["true"],"4":["12-06"],"6":["true"]},"priority":"500","source_event_id":"15807129487402072385"} content-type text/css; charset=UTF-8 server cafe Redirect headers content-security-policy script-src 'none'; object-src 'none' timing-allow-origin * location https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x3cadcc6aac79e980000000000000000","2":"0xc230da553896a1c70000000000000000","3":"0xac64f5f8c85d0a470000000000000000","4":"0x74ad1c9426e69b6e0000000000000000","5":"0xaa0d091497695d410000000000000000"},"debug_key":"2023256011396606055","debug_reporting":true,"destination":"https://blingenvy.site","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["16673940806"],"22":["true"],"4":["12-06"],"6":["true"]},"priority":"500","source_event_id":"15807129487402072385"}&andc=true cross-origin-resource-policy cross-origin access-control-allow-credentials true x-content-type-options nosniff access-control-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" content-length 0 date Fri, 06 Dec 2024 19:35:31 GMT x-xss-protection 0 content-type text/html; charset=UTF-8 server cafe
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	2 KB 617 B	1274ms 1270ms	Fetch text/plain	142.251.16.157 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1024237977227583&correlator=1371015316731319&eid=31083345%2C31084129&output=ldjh&gdfp_req=1&vrg=202412030101&ptt=17&impl=fifs&iu_parts=23213423875%2CAds%2Cgetcryptotravels&enc_prev_ius=%2F0%2F1%2C%2F0%2F1%2C%2F0%2F2%2C%2F0%2F1&prev_iu_szs=1x1%2C1x1%2C1x1%2C1x1&ifi=11&sfv=1-0-40&ists=4&fas=2%2C8%2C4%2C3&fsapi=4&sc=1&cookie=ID%3Defc0f3758642b018%3AT%3D1733513729%3ART%3D1733513729%3AS%3DALNI_MakHcfGOrwmRN9VVYKNzuRKUyWhsw&gpic=UID%3D00000fa9b2a141c9%3AT%3D1733513729%3ART%3D1733513729%3AS%3DALNI_MYzGyLBrlEHqAAJGQYX_5yt4VjM7g&abxe=1&dt=1733513731166&lmt=1733513731&adxs=-9%2C-9%2C-9%2C-9&adys=-9%2C-9%2C-9%2C-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1%7C-1%7C-1%7C-1&ucis=b%7Cc%7Cd%7Ce&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.play4.getcryptotravels.com%2F&vis=1&psz=0x-1%7C0x-1%7C0x-1%7C0x-1&msz=0x-1%7C0x-1%7C0x-1%7C0x-1&fws=2%2C2%2C2%2C2&ohw=0%2C0%2C0%2C0&psts=AOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a&topics=9&tps=9&htps=10&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1733513724589&idt=3684&adks=1645824657%2C1645824658%2C4036839990%2C1645824659&frm=20&is_cau=1%2C1%2C1%2C1&no_cau_info=1&plas=%7C%7C500x1080_r%7C500x1080_l&eo_id_str=ID%3D2ff0eb067cb08854%3AT%3D1733513729%3ART%3D1733513729%3AS%3DAA-Afja921jz1XsBoxneHLDqeozA&td=1&egid=43941&tan=e2712de0-8679-4ade-8c61-cc8bce9d1a98%2Ce2712de0-8679-4ade-8c61-cc8bce9d1a99%2Ce2712de0-8679-4ade-8c61-cc8bce9d1a9a%2Ce2712de0-8679-4ade-8c61-cc8bce9d1a9b&tdf=2 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412030101/pubads_impl.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.16.157 Farmingdale, United States, ASN15169 (GOOGLE, US), Reverse DNS bl-in-f157.1e100.net Software cafe / Resource Hash 0d7b48064637f58c757423b0b7c813262d8f3f6ec580af9bd4a8c5b7c62997fc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.play4.getcryptotravels.com/ Response headers content-encoding dcb google-lineitem-id -2,-2,-2,-2 observe-browsing-topics ?1 x-content-type-options nosniff google-mediationtag-id -2 google-mediationgroup-id -2,-2,-2,-2 expires Fri, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" date Fri, 06 Dec 2024 19:35:32 GMT content-type text/plain; charset=UTF-8 google-creative-id -2,-2,-2,-2 cache-control no-cache, must-revalidate timing-allow-origin * pragma no-cache cross-origin-resource-policy cross-origin access-control-allow-credentials true access-control-allow-origin https://www.play4.getcryptotravels.com content-length 585 x-xss-protection 0 server cafe
GET H3	200	pubads_impl_page_level_ads.js Show response securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412030101/	49 KB 50 KB	144ms 143ms	Script text/javascript	142.251.16.157 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412030101/pubads_impl_page_level_ads.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412030101/pubads_impl.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.16.157 Farmingdale, United States, ASN15169 (GOOGLE, US), Reverse DNS bl-in-f157.1e100.net Software cafe / Resource Hash 7c87e4021dd37e0942d8224a0eea1e44d0b2901220e55675a3ad86dd6bbcb9cd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.play4.getcryptotravels.com/ Response headers etag 4711729110921537043 age 26708 x-content-type-options nosniff expires Sat, 06 Dec 2025 12:10:23 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" date Fri, 06 Dec 2024 12:10:23 GMT content-disposition attachment; filename="f.txt" content-type text/javascript; charset=ISO-8859-1 vary Accept-Encoding cache-control public, immutable, max-age=31536000 timing-allow-origin * cross-origin-resource-policy cross-origin access-control-allow-origin * content-length 50666 x-xss-protection 0 server cafe
GET H3	200	memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 fonts.gstatic.com/s/opensans/v40/ Frame FD7A	47 KB 47 KB	125ms 124ms	Font font/woff2	142.251.163.94 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Open%20Sans%3A400%2C600%7COpen%20Sans%3A400%2C500 Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.163.94 Farmingdale, United States, ASN15169 (GOOGLE, US), Reverse DNS wv-in-f94.1e100.net Software sffe / Resource Hash 3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Origin https://www.play4.getcryptotravels.com Referer https://fonts.googleapis.com/ Response headers age 58687 report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} x-content-type-options nosniff expires Sat, 06 Dec 2025 03:17:24 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Fri, 06 Dec 2024 03:17:24 GMT last-modified Thu, 14 Dec 2023 02:08:40 GMT content-type font/woff2 cache-control public, max-age=31536000 timing-allow-origin * cross-origin-opener-policy same-origin; report-to="apps-themes" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes accept-ranges bytes access-control-allow-origin * content-length 48236 x-xss-protection 0 server sffe
POST H3	204	AGSKWxX8dVjIk1s6OlhEPCQ84Ky8QcnodgUcd5jQ1Q5TMCffaxXtliEZJ1JaRdWOT-e3l16EpyWT0RYs15N-eYAPg3LxNi3Dqsl4gC8YqlB9GilcM1LQJj6DVBZkH0u0Q0S0F6dSaEplMQ== Show response fundingchoicesmessages.google.com/el/	0 28 B	167ms 149ms	XHR text/html	142.251.179.139 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/el/AGSKWxX8dVjIk1s6OlhEPCQ84Ky8QcnodgUcd5jQ1Q5TMCffaxXtliEZJ1JaRdWOT-e3l16EpyWT0RYs15N-eYAPg3LxNi3Dqsl4gC8YqlB9GilcM1LQJj6DVBZkH0u0Q0S0F6dSaEplMQ== Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US._9EdqV6cHZU.es5.O/am=DAY/d=1/rs=AJlcJMw0FmpIlG1Kd0r2k86hMU8_AAENdw/m=kernel_loader,loader_js_executable Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.179.139 Farmingdale, United States, ASN15169 (GOOGLE, US), Reverse DNS pd-in-f139.1e100.net Software ESF / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-fGUGe93ACP5NZcPNbOePBg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Content-Type text/plain Referer https://www.play4.getcryptotravels.com/ Response headers access-control-max-age 86400 access-control-allow-methods POST, GET, OPTIONS x-content-type-options nosniff expires Mon, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Fri, 06 Dec 2024 19:35:31 GMT content-type text/html; charset=utf-8 x-frame-options SAMEORIGIN reporting-endpoints default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmLw15BicEqfwRoCxAxfr7ByALEQD0fzkrO72AQOXJzez6jkkpRfGJ-cn1eSmleim5hSrAtiF2UmlZbkF6GwU8tAKnLy09Mz89LjjQyMTAyNDEz1DMzjCwwACskmAw" content-security-policy script-src 'report-sample' 'nonce-fGUGe93ACP5NZcPNbOePBg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport cache-control no-cache, no-store, max-age=0, must-revalidate cross-origin-opener-policy same-origin pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version access-control-allow-credentials true permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=* access-control-allow-origin https://www.play4.getcryptotravels.com content-length 0 x-xss-protection 0 server ESF
POST H3	204	AGSKWxX8dVjIk1s6OlhEPCQ84Ky8QcnodgUcd5jQ1Q5TMCffaxXtliEZJ1JaRdWOT-e3l16EpyWT0RYs15N-eYAPg3LxNi3Dqsl4gC8YqlB9GilcM1LQJj6DVBZkH0u0Q0S0F6dSaEplMQ== Show response fundingchoicesmessages.google.com/el/	0 28 B	183ms 167ms	XHR text/html	142.251.179.139 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/el/AGSKWxX8dVjIk1s6OlhEPCQ84Ky8QcnodgUcd5jQ1Q5TMCffaxXtliEZJ1JaRdWOT-e3l16EpyWT0RYs15N-eYAPg3LxNi3Dqsl4gC8YqlB9GilcM1LQJj6DVBZkH0u0Q0S0F6dSaEplMQ== Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US._9EdqV6cHZU.es5.O/am=DAY/d=1/rs=AJlcJMw0FmpIlG1Kd0r2k86hMU8_AAENdw/m=kernel_loader,loader_js_executable Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.179.139 Farmingdale, United States, ASN15169 (GOOGLE, US), Reverse DNS pd-in-f139.1e100.net Software ESF / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-s2b7YYdwWJwtwCW1WIMs1Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Content-Type text/plain Referer https://www.play4.getcryptotravels.com/ Response headers access-control-max-age 86400 access-control-allow-methods POST, GET, OPTIONS x-content-type-options nosniff expires Mon, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Fri, 06 Dec 2024 19:35:31 GMT content-type text/html; charset=utf-8 x-frame-options SAMEORIGIN reporting-endpoints default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmJw1ZBicEqfwRoCxAxfr7ByALEQD0fzkrO72AROzOmcwKjkkpRfGJ-cn1eSmleim5hSrAtiF2UmlZbkF6GwU8tAKnLy09Mz89LjjQyMTAyNDEz1DMzjCwwA9folvw" content-security-policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-s2b7YYdwWJwtwCW1WIMs1Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist cache-control no-cache, no-store, max-age=0, must-revalidate cross-origin-opener-policy same-origin pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version access-control-allow-credentials true permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=* access-control-allow-origin https://www.play4.getcryptotravels.com content-length 0 x-xss-protection 0 server ESF
GET H3	200	AGSKWxUSKnBqCLU-97Nh9yByu4H2rkP3_5a9VT2r1lFGu4rBi8JcSRrXAEXnO7DldDdrJTydiwTWaIpxue9qyuCLv1gEFYOxNXjiteKiIHDBMiTHxuDCbKZXkZiifcJ9R-wIJdBZj01afw== Show response fundingchoicesmessages.google.com/f/	3 KB 2 KB	183ms 173ms	Script application/javascript	142.251.179.139 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/f/AGSKWxUSKnBqCLU-97Nh9yByu4H2rkP3_5a9VT2r1lFGu4rBi8JcSRrXAEXnO7DldDdrJTydiwTWaIpxue9qyuCLv1gEFYOxNXjiteKiIHDBMiTHxuDCbKZXkZiifcJ9R-wIJdBZj01afw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzMzNTEzNzMxLDIxNDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNl0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vd3d3LnBsYXk0LmdldGNyeXB0b3RyYXZlbHMuY29tLyIsbnVsbCxbWzgsIl85RWRxVjZjSFpVIl0sWzksImVuLVVTIl0sWzE2LCJbMSwxLDFdIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US._9EdqV6cHZU.es5.O/am=DAY/d=1/rs=AJlcJMw0FmpIlG1Kd0r2k86hMU8_AAENdw/m=kernel_loader,loader_js_executable Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.179.139 Farmingdale, United States, ASN15169 (GOOGLE, US), Reverse DNS pd-in-f139.1e100.net Software ESF / Resource Hash 2b3f63583002ed21d9d6e3567c88d0d921e75fe6d87a27816efa56e698b96074 Security Headers Name Value Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-YooMZqTx3-gnr-YdJH6xfQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.play4.getcryptotravels.com/ Response headers content-encoding gzip x-content-type-options nosniff expires Mon, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Fri, 06 Dec 2024 19:35:31 GMT content-type application/javascript; charset=utf-8 x-frame-options SAMEORIGIN reporting-endpoints default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjStDikmJw15BikPj6kkkLiJ3SZ7CGAHHrzXOs04E46d951hIgNlS4xOoMxI5Fl1g9gVi15xKrORDfX3eJ9TkQzzh_mXUBEBdJXGFtAWKGr1dYOYBYiIejecnZXWwCG-Yum8qopJGUXxifnJ9XUpSZVFqSX5SWnJZanFpUlloUb2RgZGJoZGCqZ2ASX2AAAMsUPQY" content-security-policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-YooMZqTx3-gnr-YdJH6xfQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist cache-control no-cache, no-store, max-age=0, must-revalidate timing-allow-origin * cross-origin-opener-policy same-origin pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-resource-policy cross-origin permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=* x-xss-protection 0 server ESF
GET H3	200	KFOlCnqEu92Fr1MmWUlfBBc4.woff2 fonts.gstatic.com/s/roboto/v32/ Frame B378	18 KB 18 KB	144ms 132ms	Font font/woff2	142.251.163.94 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700 Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.163.94 Farmingdale, United States, ASN15169 (GOOGLE, US), Reverse DNS wv-in-f94.1e100.net Software sffe / Resource Hash d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Origin https://www.play4.getcryptotravels.com Referer https://fonts.googleapis.com/ Response headers age 53704 report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} x-content-type-options nosniff expires Sat, 06 Dec 2025 04:40:27 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Fri, 06 Dec 2024 04:40:27 GMT last-modified Thu, 01 Aug 2024 20:41:21 GMT content-type font/woff2 cache-control public, max-age=31536000 timing-allow-origin * cross-origin-opener-policy same-origin; report-to="apps-themes" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes accept-ranges bytes access-control-allow-origin * content-length 18596 x-xss-protection 0 server sffe
GET H3	200	KFOlCnqEu92Fr1MmSU5fBBc4.woff2 fonts.gstatic.com/s/roboto/v32/ Frame B378	18 KB 18 KB	197ms 185ms	Font font/woff2	142.251.163.94 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700 Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.163.94 Farmingdale, United States, ASN15169 (GOOGLE, US), Reverse DNS wv-in-f94.1e100.net Software sffe / Resource Hash 4dbd328e347e890a801d51f9a5f8d38a3efd51ec34c0aa22cc83d0a95d6d9d71 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Origin https://www.play4.getcryptotravels.com Referer https://fonts.googleapis.com/ Response headers age 95829 report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} x-content-type-options nosniff expires Fri, 05 Dec 2025 16:58:22 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Thu, 05 Dec 2024 16:58:22 GMT last-modified Thu, 01 Aug 2024 20:41:19 GMT content-type font/woff2 cache-control public, max-age=31536000 timing-allow-origin * cross-origin-opener-policy same-origin; report-to="apps-themes" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes accept-ranges bytes access-control-allow-origin * content-length 18492 x-xss-protection 0 server sffe
POST H3	204	AGSKWxX8dVjIk1s6OlhEPCQ84Ky8QcnodgUcd5jQ1Q5TMCffaxXtliEZJ1JaRdWOT-e3l16EpyWT0RYs15N-eYAPg3LxNi3Dqsl4gC8YqlB9GilcM1LQJj6DVBZkH0u0Q0S0F6dSaEplMQ== Show response fundingchoicesmessages.google.com/el/	0 28 B	156ms 141ms	XHR text/html	142.251.179.139 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/el/AGSKWxX8dVjIk1s6OlhEPCQ84Ky8QcnodgUcd5jQ1Q5TMCffaxXtliEZJ1JaRdWOT-e3l16EpyWT0RYs15N-eYAPg3LxNi3Dqsl4gC8YqlB9GilcM1LQJj6DVBZkH0u0Q0S0F6dSaEplMQ== Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US._9EdqV6cHZU.es5.O/am=DAY/d=1/rs=AJlcJMw0FmpIlG1Kd0r2k86hMU8_AAENdw/m=kernel_loader,loader_js_executable Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.179.139 Farmingdale, United States, ASN15169 (GOOGLE, US), Reverse DNS pd-in-f139.1e100.net Software ESF / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-G-D--2gBuuzt8CtjAawEwA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Content-Type text/plain Referer https://www.play4.getcryptotravels.com/ Response headers access-control-max-age 86400 access-control-allow-methods POST, GET, OPTIONS x-content-type-options nosniff expires Mon, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Fri, 06 Dec 2024 19:35:31 GMT content-type text/html; charset=utf-8 x-frame-options SAMEORIGIN reporting-endpoints default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmII1pBicEqfwRoCxAxfr7ByALEQD0fzkrO72AR2vJ32nVHJJSm_MD45P68kNa9ENzGlWBfELspMKi3JL0Jhp5aBVOTkp6dn5qXHGxkYmRgaGZjqGZjHFxgAAC8gJoI" content-security-policy script-src 'report-sample' 'nonce-G-D--2gBuuzt8CtjAawEwA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport cache-control no-cache, no-store, max-age=0, must-revalidate cross-origin-opener-policy same-origin pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version access-control-allow-credentials true permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=* access-control-allow-origin https://www.play4.getcryptotravels.com content-length 0 x-xss-protection 0 server ESF
GET H3	200	AGSKWxUsyhj3upTv37aANqkw_0DgdHWc-v7riK0WKFeGCAjLz47YCCKUTGHYgnkwTXV8aUjfBlKEdWvFpupoegYy-gYrXjGlCZgTy5OkGqf8j7Hwenrfr0xggQChJehgf9DYYx_YOSLBbw== Show response fundingchoicesmessages.google.com/f/	3 KB 2 KB	166ms 156ms	Script application/javascript	142.251.179.139 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/f/AGSKWxUsyhj3upTv37aANqkw_0DgdHWc-v7riK0WKFeGCAjLz47YCCKUTGHYgnkwTXV8aUjfBlKEdWvFpupoegYy-gYrXjGlCZgTy5OkGqf8j7Hwenrfr0xggQChJehgf9DYYx_YOSLBbw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzMzNTEzNzMxLDQzMzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiwxNV0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vd3d3LnBsYXk0LmdldGNyeXB0b3RyYXZlbHMuY29tLyIsbnVsbCxbWzgsIl85RWRxVjZjSFpVIl0sWzksImVuLVVTIl0sWzE2LCJbMSwxLDFdIl0sWzE5LCIyIl0sWzE3LCJbMF0iXSxbMiwiW251bGwsW251bGwsMSxbMTczMzUxMzczMSwzMDQ2MTgwMDBdXV0iXV1d Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US._9EdqV6cHZU.es5.O/am=DAY/d=1/rs=AJlcJMw0FmpIlG1Kd0r2k86hMU8_AAENdw/m=kernel_loader,loader_js_executable Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.179.139 Farmingdale, United States, ASN15169 (GOOGLE, US), Reverse DNS pd-in-f139.1e100.net Software ESF / Resource Hash 85dfe96fac6bcf929956d39dcb78d03ca58ac3ff4260443c351813d96cced103 Security Headers Name Value Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-ah9r8hRKy3aPX3PZOmYCIQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.play4.getcryptotravels.com/ Response headers content-encoding gzip x-content-type-options nosniff expires Mon, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Fri, 06 Dec 2024 19:35:31 GMT content-type application/javascript; charset=utf-8 x-frame-options SAMEORIGIN reporting-endpoints default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjStDikmLw0pBikPj6kkkLiJ3SZ7CGAHHrzXOs04E46d951hIgNlS4xOoMxI5Fl1g9gVi15xKrORDfX3eJ9TkQzzh_mXUBEBdJXGFtAWKGr1dYOYBYiIejecnZXWwCHb9a_zIqaSTlF8Yn5-eVFGUmlZbkF6Ulp6UWpxaVpRbFGxkYmRgaGZjqGZjEFxgAAOJBPYU" content-security-policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-ah9r8hRKy3aPX3PZOmYCIQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist cache-control no-cache, no-store, max-age=0, must-revalidate timing-allow-origin * cross-origin-opener-policy same-origin pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-resource-policy cross-origin permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=* x-xss-protection 0 server ESF
POST H3	204	AGSKWxWpHFHBDeiTfjrO-Hy_Syt3TwB1F_I3IVbDyjWX_vnKgTWnhJJbAWJ2bMISKVeOEFQaxLpMPzA3w5-Pu0qCPUfJ4nrS5xd4HoD9UIF2-OtywRyPuWU-L1_g_GaqQGWDSFTLDrliuw== Show response fundingchoicesmessages.google.com/el/	0 28 B	158ms 146ms	XHR text/html	142.251.179.139 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/el/AGSKWxWpHFHBDeiTfjrO-Hy_Syt3TwB1F_I3IVbDyjWX_vnKgTWnhJJbAWJ2bMISKVeOEFQaxLpMPzA3w5-Pu0qCPUfJ4nrS5xd4HoD9UIF2-OtywRyPuWU-L1_g_GaqQGWDSFTLDrliuw== Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US._9EdqV6cHZU.es5.O/am=DAY/d=1/rs=AJlcJMw0FmpIlG1Kd0r2k86hMU8_AAENdw/m=kernel_loader,loader_js_executable Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.179.139 Farmingdale, United States, ASN15169 (GOOGLE, US), Reverse DNS pd-in-f139.1e100.net Software ESF / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-VCa-dGvhi7n3eXkN-kIHdg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Content-Type text/plain Referer https://www.play4.getcryptotravels.com/ Response headers access-control-max-age 86400 access-control-allow-methods POST, GET, OPTIONS x-content-type-options nosniff expires Mon, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Fri, 06 Dec 2024 19:35:31 GMT content-type text/html; charset=utf-8 x-frame-options SAMEORIGIN reporting-endpoints default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmJw0ZBicEqfwRoCxAxfr7ByALEQD0fzkrO72AQufN5wjknJJSm_MD45P68kNa9ENzGlWBfELspMKi3JL0Jhp5aBVOTkp6dn5qXHGxkYmRgaGZjqGZjHFxgAAC31JoM" content-security-policy script-src 'report-sample' 'nonce-VCa-dGvhi7n3eXkN-kIHdg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport cache-control no-cache, no-store, max-age=0, must-revalidate cross-origin-opener-policy same-origin pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version access-control-allow-credentials true permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=* access-control-allow-origin https://www.play4.getcryptotravels.com content-length 0 x-xss-protection 0 server ESF
GET H3	200	sodar Show response ep1.adtrafficquality.google/getconfig/	17 KB 13 KB	367ms 139ms	XHR application/json	142.251.163.154 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ep1.adtrafficquality.google/getconfig/sodar?sv=200&tid=gpt&tv=m202412030101&st=env Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412030101/pubads_impl.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.163.154 Farmingdale, United States, ASN15169 (GOOGLE, US), Reverse DNS wv-in-f154.1e100.net Software cafe / Resource Hash d96086b6de5c615c0f738588a5306a58a79cf51d061bbf1def4ee2c6fe1515f5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.play4.getcryptotravels.com/ Response headers timing-allow-origin * content-encoding br cross-origin-resource-policy cross-origin x-content-type-options nosniff access-control-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-length 12908 date Fri, 06 Dec 2024 19:35:32 GMT x-xss-protection 0 content-type application/json; charset=UTF-8 content-disposition attachment; filename="f.txt" server cafe
GET H2	200	favicon.ico www.play4.getcryptotravels.com/images/	15 KB 3 KB	118ms 117ms	Other image/x-icon	52.5.109.247 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://www.play4.getcryptotravels.com/images/favicon.ico Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.5.109.247 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-5-109-247.compute-1.amazonaws.com Software LiteSpeed / Resource Hash da5ddcc5a3acc179279ad86c8d6b91317fe87100df97ffad8482996ebf2022b3 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.play4.getcryptotravels.com/ Response headers cache-control public, max-age=604800 content-encoding br etag "3a5e-675290c7-1f8127;br" expires Fri, 13 Dec 2024 19:35:32 GMT accept-ranges bytes alt-svc h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" content-length 2524 date Fri, 06 Dec 2024 19:35:32 GMT last-modified Fri, 06 Dec 2024 05:51:03 GMT content-type image/x-icon vary Accept-Encoding server LiteSpeed
GET		view securepubads.g.doubleclick.net/btr/ Frame FD7A	0 0
GET		view securepubads.g.doubleclick.net/btr/ Frame B378	0 0
GET		sodar2.js ep2.adtrafficquality.google/sodar/	0 0
GET H3	200	activeview pagead2.googlesyndication.com/pcs/ Frame B378	42 B 65 B	132ms 131ms	Image image/gif	142.250.31.155 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu2jjlwWq-YOeoUbNg-S3JvL9rDTO1Yzmyahryyc-KXsdANx8Vb64Q2b2hfZlu4Th4kDAJ-C8eh_WaTdHFmYtSawOp8LyVytbyODEMBZdlh_TRh9E4klzIo-Qhvc3regT9hKMvtOZocp31Qxkn5QarE7yV0ZwCj6Pz1pHBVTUOjuh7NaWjjIo7rQGWIOVYcFDyAlQ&sai=AMfl-YT7cQm1PvlBVLMw_2m_26r-NkO4e7ZmZq5Mkj6fRhegQjWLanFRZ51FWoUBqrPS5DhvB_embU01bz3W18Gt4HLTZd2PkyyuUB9oY4gzl82ZStwhsxDRGge--7Oz1yAgXaA61X2mg6JlhlRZQJY-yg&sig=Cg0ArKJSzIyJJKcFRP_7EAE&cid=CAQSTwCa7L7dRLWaRcgXIRkC78vbkBciybg05yEcsYlPD7t8c4iy0kSirPlptM4FbxMsB9pGV3ljahhbqlb7f6UP17h_Uz8pUBrJUwKJhYKAShEYAQ&id=ampim&o=563,140&d=415,600&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,0,1000,1000&tos=0,0,0,1000,0&tfs=1132&tls=2132&g=100&h=100&tt=2132&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.31.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS bj-in-f155.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://www.play4.getcryptotravels.com/ Response headers cache-control no-cache, must-revalidate timing-allow-origin * pragma no-cache cross-origin-resource-policy cross-origin access-control-allow-credentials true x-content-type-options nosniff expires Fri, 01 Jan 1990 00:00:00 GMT access-control-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-length 42 date Fri, 06 Dec 2024 19:35:33 GMT x-xss-protection 0 content-type image/gif server cafe

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

securepubads.g.doubleclick.net

URL

https://securepubads.g.doubleclick.net/btr/view?ai=C741DAVJTZ9CnL5etqMwPorL-yAuy9Yz9e8SDkOH6Es79h5-tCRABIMfY1qUBYMme9oaAgKAZoAHGyuCOPsgBAeACAKgDAcgDCqoEvQJP0MEHTCttM7t0oJFrqkFRbCzXOuwkRCIASmvEbG91JRksHE6bfH1NpaZyeNYwwd1AUmB8MtKhfmhAb4dH_klIaSAUx2H1lv577bg48T2ELUu47BK1JKFty-P0GaqN4cjXQk6DcJEdZH4MtBAM0jfxcvjgzDyOyMqYWP_h5TU6C2yIDi6iGTlS9FB-Mh_WGRZywW6J_Xqy6T0Xlid8fD8-i6VyWfwNtJkeqQt5k9AHwb8nVWfUp9FLHgsX5UAsWBSVg8i7m6fvOTSArfCC_OyrYXlta8xL-klBQktxPdz28Dbsn37HjozYjDUsH-7gulxwONX_kl_5hNIIJAIvo6sCw91Xw2ICN0p8J1Iz1qxJuMDmqcMVIRoY0D0CT_c_hNkngriegcWFVNP5igXNhcF8QCmlIqBuixezH9RIn8AEjNCP6oUF4AQBiAWbjuf5UZIFBAgEGAGSBQQIBRgEoAYugAfGgrHuGKgH1ckbqAfZtrECqAemvhuoB47OG6gHk9gbqAfw4BuoB-6WsQKoB_6esQKoB6--sQKoB_fCsQLYBwHyBwQQpesw0ggmCIBhEAEYHTICigI6C4BAgMCAgICgqIACSL39wTpYmfLL8PGTigOaCSRodHRwczovL2JsaW5nZW52eS5zaXRlLz9nYWRfc291cmNlPTWACgPICwHaDBEKCxDQw8v00a2ylcgBEgIBA-INEwicx8zw8ZOKAxWXFooDHSKZH7nqDRMIl7vN8PGTigMVlxaKAx0imR-52BMC0BUBgBcBshchCh0IABIUcHViLTU3MzA4NjU0MDEzNDA5NDAYz_iqARgBuhcCOAGyGAkSAsBPGC4iAQDQGAE&sigh=7TQHIUnvBnM&uach_m=%5B%5D&ase=2&nis=4&cid=CAQSTwCa7L7dRLWaRcgXIRkC78vbkBciybg05yEcsYlPD7t8c4iy0kSirPlptM4FbxMsB9pGV3ljahhbqlb7f6UP17h_Uz8pUBrJUwKJhYKAShEYAQ&template_id=5021&ibtr=1

Domain

securepubads.g.doubleclick.net

URL

https://securepubads.g.doubleclick.net/btr/view?ai=CfBm_AVJTZ9KnL5etqMwPorL-yAuy9Yz9e8SDkOH6Es79h5-tCRABIMfY1qUBYMme9oaAgKAZoAHGyuCOPsgBCeACAKgDAcgDCqoEwwJP0LEvNw1FnwIFntfTL_OaO_EznkJtRi2HFn3Zamvff3E2GjFm6qj8vZqXJz9RZ70oOk9p2ok6wVlm6fLjC1JQ0yTfkuqaFbqiPpYQI0_xQSxWfcB9Yw7RiVmfCPMOsI66IVJ-Z_1AD-3wEzAkeSQoUrI5N9KkYxhEEE7C8w7HX6H6GB6bjU19KdKhD1zalg2UQezGFhQY4mPtRMnaiY9Z4N7GvW6Q3bsHsvXnXsa8a-U9JlyiWKcoSreUk2CsdexFjITkwl0NPIW0xuMIoqQj-R5OIoAY-YZOIy3cnj1s2-QEPHVjgnCgLY3lmU4GjvT9wGAQwUSUws6UV48rGdNqXb99wve-iUKtHo3I2tBlyb0x-QrPKu8RnuVEJfcBX87qBdlc1UHWwM6vTS4JLovwZ3OwK2bg2k7CnjcRTM4v6xasPMAEjNCP6oUF4AQBiAWbjuf5UZIFBAgEGAGSBQQIBRgEoAYugAfGgrHuGKgH1ckbqAfZtrECqAemvhuoB47OG6gHk9gbqAfw4BuoB-6WsQKoB_6esQKoB6--sQKoB_fCsQLYBwDyBwQQ97xm0ggmCIBhEAEYHTICigI6C4BAgMCAgICgqIACSL39wTpYmfLL8PGTigOaCSRodHRwczovL2JsaW5nZW52eS5zaXRlLz9nYWRfc291cmNlPTWACgPICwHaDBEKCxCgpIvo14yr2sUBEgIBA-INEwiex8zw8ZOKAxWXFooDHSKZH7nqDRMImbvN8PGTigMVlxaKAx0imR-5uBPkA9gTAtAVAYAXAbIXIQodCAASFHB1Yi01NzMwODY1NDAxMzQwOTQwGM_4qgEYAboXAjgBshgJEgLATxguIgEA0BgB&sigh=ecOQlnF2xhM&uach_m=%5B%5D&ase=2&nis=4&cid=CAQSTwCa7L7dRLWaRcgXIRkC78vbkBciybg05yEcsYlPD7t8c4iy0kSirPlptM4FbxMsB9pGV3ljahhbqlb7f6UP17h_Uz8pUBrJUwKJhYKAShEYAQ&template_id=484&ibtr=1

Domain

ep2.adtrafficquality.google

URL

https://ep2.adtrafficquality.google/sodar/sodar2.js