wheel-of-names-firebase.firebaseapp.com Open in urlscan Pro
151.101.65.195 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://wheel-of-names-firebase.firebaseapp.com/
Effective URL:
https://wheel-of-names-firebase.firebaseapp.com/
Submission: On July 17 via manual (July 17th 2020, 3:47:00 am UTC) from US

Summary HTTP 74 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 26 IPs in 8 countries across 20 domains to perform 74 HTTP transactions. The main IP is 151.101.65.195, located in United States and belongs to FASTLY, US. The main domain is wheel-of-names-firebase.firebaseapp.com.
TLS certificate: Issued by GTS CA 1O1 on October 28th 2019. Valid for: a year.

This is the only time wheel-of-names-firebase.firebaseapp.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 9	151.101.65.195 151.101.65.195	54113 (FASTLY) (FASTLY)
3	23.111.9.35 23.111.9.35	33438 (HIGHWINDS2) (HIGHWINDS2)
1	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
16	2a00:1450:400... 2a00:1450:4001:818::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:819::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700:e0:... 2606:4700:e0::ac40:6502	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:818::2003	15169 (GOOGLE) (GOOGLE)
5	172.217.21.226 172.217.21.226	15169 (GOOGLE) (GOOGLE)
2	35.190.77.178 35.190.77.178	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:800::2001	15169 (GOOGLE) (GOOGLE)
2	2606:4700:e2:... 2606:4700:e2::ac40:8620	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.2.146 178.250.2.146	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2606:4700:e4:... 2606:4700:e4::ac40:a71e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	37.157.4.23 37.157.4.23	198622 (ADFORM) (ADFORM)
1	37.252.172.249 37.252.172.249	29990 (ASN-APPNEX) (ASN-APPNEX)
1	185.184.8.30 185.184.8.30	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
1	178.250.0.165 178.250.0.165	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 2	104.111.230.142 104.111.230.142	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:816::2001	15169 (GOOGLE) (GOOGLE)
1	85.206.143.247 85.206.143.247	43811 (TELIA-LIE...) (TELIA-LIETUVA)
2	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	151.101.113.108 151.101.113.108	54113 (FASTLY) (FASTLY)
74	26

9 151.101.65.195 (United States) 1 redirects

ASN54113 (FASTLY, US)

wheel-of-names-firebase.firebaseapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.111.9.35 (Phoenix, United States)

ASN33438 (HIGHWINDS2, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:818::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:819::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:e0::ac40:6502 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.lr-ingest.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:818::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.217.21.226 (United States)

ASN15169 (GOOGLE, US)

pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.77.178 (Mountain View, United States)

ASN15169 (GOOGLE, US)

cloud.setupad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:e2::ac40:8620 (United States)

ASN13335 (CLOUDFLARENET, US)

script.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::1c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:e4::ac40:a71e (United States)

ASN13335 (CLOUDFLARENET, US)

prebid-stag.setupad.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.4.23 (Denmark)

ASN198622 (ADFORM, DK)

adx.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.252.172.249 (Ascension Island)

ASN29990 (ASN-APPNEX, US)

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.184.8.30 (Poland)

ASN204995 (RTB-HOUSE-AMS, NL)

prebid-eu.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.230.142 (Netherlands) 1 redirects

ASN16625 (AKAMAI-AS, US)

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:816::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

4462d299475ef4aba69e1f057f30a0da.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.206.143.247 (Kaunas, Lithuania)

ASN43811 (TELIA-LIETUVA, LT)

node.setupad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.113.108 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com 4462d299475ef4aba69e1f057f30a0da.safeframe.googlesyndication.com	284 KB
9	firebaseapp.com 1 redirects wheel-of-names-firebase.firebaseapp.com	307 KB
8	doubleclick.net googleads.g.doubleclick.net pubads.g.doubleclick.net securepubads.g.doubleclick.net	106 KB
5	googletagservices.com www.googletagservices.com	124 KB
4	google.com apis.google.com adservice.google.com	6 KB
3	criteo.com 1 redirects gum.criteo.com mug.criteo.com bidder.criteo.com	2 KB
3	setupad.com cloud.setupad.com node.setupad.com	197 KB
3	google.de adservice.google.de	652 B
3	fontawesome.com use.fontawesome.com	106 KB
2	criteo.net static.criteo.net	44 KB
2	rubiconproject.com 1 redirects secure-assets.rubiconproject.com eus.rubiconproject.com	286 B
2	adnxs.com ib.adnxs.com acdn.adnxs.com	1 KB
2	adform.net adx.adform.net cm.adform.net	571 B
2	setupad.net prebid-stag.setupad.net	960 B
2	4dex.io script.4dex.io	20 KB
2	google-analytics.com www.google-analytics.com	18 KB
1	creativecdn.com prebid-eu.creativecdn.com	193 B
1	gstatic.com fonts.gstatic.com	17 KB
1	lr-ingest.io cdn.lr-ingest.io	121 KB
1	googleapis.com fonts.googleapis.com	541 B
74	20

	Domain	Requested by
11	pagead2.googlesyndication.com	wheel-of-names-firebase.firebaseapp.com pagead2.googlesyndication.com securepubads.g.doubleclick.net
9	wheel-of-names-firebase.firebaseapp.com	1 redirects wheel-of-names-firebase.firebaseapp.com
7	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com securepubads.g.doubleclick.net
5	www.googletagservices.com	pagead2.googlesyndication.com wheel-of-names-firebase.firebaseapp.com securepubads.g.doubleclick.net
4	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net wheel-of-names-firebase.firebaseapp.com
3	googleads.g.doubleclick.net	pagead2.googlesyndication.com
3	adservice.google.com	pagead2.googlesyndication.com www.googletagservices.com
3	adservice.google.de	pagead2.googlesyndication.com www.googletagservices.com
3	use.fontawesome.com	wheel-of-names-firebase.firebaseapp.com
2	static.criteo.net	cloud.setupad.com static.criteo.net
2	prebid-stag.setupad.net	cloud.setupad.com
2	script.4dex.io	cloud.setupad.com script.4dex.io
2	cloud.setupad.com	wheel-of-names-firebase.firebaseapp.com
2	www.google-analytics.com	wheel-of-names-firebase.firebaseapp.com
1	acdn.adnxs.com	cloud.setupad.com
1	node.setupad.com	wheel-of-names-firebase.firebaseapp.com
1	4462d299475ef4aba69e1f057f30a0da.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	cm.adform.net	wheel-of-names-firebase.firebaseapp.com
1	eus.rubiconproject.com	wheel-of-names-firebase.firebaseapp.com
1	secure-assets.rubiconproject.com	1 redirects
1	bidder.criteo.com	cloud.setupad.com
1	prebid-eu.creativecdn.com	cloud.setupad.com
1	ib.adnxs.com	cloud.setupad.com
1	adx.adform.net	cloud.setupad.com
1	mug.criteo.com	wheel-of-names-firebase.firebaseapp.com
1	gum.criteo.com	1 redirects
1	pubads.g.doubleclick.net	wheel-of-names-firebase.firebaseapp.com
1	fonts.gstatic.com	wheel-of-names-firebase.firebaseapp.com
1	cdn.lr-ingest.io	wheel-of-names-firebase.firebaseapp.com
1	apis.google.com	wheel-of-names-firebase.firebaseapp.com
1	fonts.googleapis.com	wheel-of-names-firebase.firebaseapp.com
74	31

This site contains links to these domains. Also see Links.

Domain
docs.google.com
en.wikipedia.org

Subject Issuer	Validity	Valid
firebaseapp.com GTS CA 1O1	`2019-10-28` - `2020-10-26`	a year	crt.sh
*.fontawesome.com DigiCert SHA2 Secure Server CA	`2019-10-28` - `2020-12-23`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2020-06-30` - `2020-09-22`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-06-30` - `2020-09-22`	3 months	crt.sh
*.apis.google.com GTS CA 1O1	`2020-06-17` - `2020-09-09`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-06-30` - `2020-09-22`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-06-17` - `2020-09-09`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-07-10` - `2021-07-10`	a year	crt.sh
*.gstatic.com GTS CA 1O1	`2020-06-30` - `2020-09-22`	3 months	crt.sh
cloud.setupad.com GTS CA 1D2	`2020-06-02` - `2020-08-31`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-06-30` - `2020-09-22`	3 months	crt.sh
*.criteo.com DigiCert ECC Secure Server CA	`2020-06-22` - `2020-09-20`	3 months	crt.sh
track.adform.net DigiCert SHA2 Secure Server CA	`2019-09-16` - `2021-09-20`	2 years	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
*.creativecdn.com RapidSSL RSA CA 2018	`2019-01-11` - `2021-04-11`	2 years	crt.sh
*.rubiconproject.com DigiCert SHA2 Secure Server CA	`2019-02-13` - `2021-02-17`	2 years	crt.sh
*.adform.net DigiCert SHA2 Secure Server CA	`2020-04-02` - `2021-06-02`	a year	crt.sh
node.setupad.com Let's Encrypt Authority X3	`2020-05-23` - `2020-08-21`	3 months	crt.sh
*.criteo.net DigiCert ECC Secure Server CA	`2020-06-22` - `2020-09-20`	3 months	crt.sh
cdn.adnxs.com GlobalSign CloudSSL CA - SHA256 - G3	`2020-04-13` - `2021-04-14`	a year	crt.sh

This page contains 11 frames:

Primary Page: https://wheel-of-names-firebase.firebaseapp.com/
Frame ID: 53EA26737CE9BEF50A9D2DA04B01B1B7
Requests: 29 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20200715/r20190131/zrt_lookup.html
Frame ID: D326E19466C361A129536D7A2415BE27
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7328928711756780&output=html&adk=1812271804&adf=3025194257&lmt=1594916100&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fwheel-of-names-firebase.firebaseapp.com%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1594957601374&bpp=18&bdt=97&idt=56&shv=r20200715&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7916138179572&frm=20&pv=2&ga_vid=126792998.1594957601&ga_sid=1594957601&ga_hid=1398747240&ga_fc=0&iag=0&icsg=2216&dssz=8&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066428%2C21066716&oid=3&pvsid=57887485796295&pem=537&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8208&bc=31&ifi=0&uci=a!0&fsb=1&dtd=73
Frame ID: 883022988FD6507CFCC0B94631DE835F
Requests: 1 HTTP requests in this frame

Frame: https://cloud.setupad.com/postbid/ldt3Y37cfk_190527.js
Frame ID: ADC0374EBCCB88A5457675A854B1E6B5
Requests: 26 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html
Frame ID: 9A81FDCDD67291EA3C18C2CA08B5B745
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Frame ID: 739D6DF5EB559D7D9B061A660414E72A
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssERO0-GkeZ1QoLtAwdOKiEdraBwfsDSd4IMqxYfVgYfALtHsZrYJTOQm0hkWLYGXxdISKC-2pwBNv_YKJPUUrdyrvWAbget7AEgytCVwDLqdqudCLl09-e7_3bg9LtSWMLOj1D_K98d8jXvD_JgTBSe0yjPMEDSR5s7jpRg-93Mh3ybghrpTSnwWByN-5adrIUANdbXMAYFy-wOk9QmFmSBj5c7GATjk9OAZkWfzqud2X_avTSU31KSxoFiGMLUNjS8Tc0EXJvSIUGLXDrm9OtnZhzQ7jZSEgsfiyQ8SgJdE1TzZj9u4JaSBGgmAc_FE1-nn6iHnVRaA&sig=Cg0ArKJSzGJXzZ6GfQRaEAE&urlfix=1&adurl=
Frame ID: C26C755B23A96C0C2A431C2EC7427129
Requests: 13 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html
Frame ID: 6E0899BC290C6792F3A055F7ACD3B3FD
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3970277535528613&output=html&h=250&slotname=4993865012&adk=637360423&adf=660089893&w=300&psa=0&guci=1.2.0.0.2.2.0.0&format=300x250&url=https%3A%2F%2Fwheel-of-names-firebase.firebaseapp.com%2F&ea=0&flash=0&wgl=1&adsid=NT&dt=1594957603913&bpp=6&bdt=76&idt=68&shv=r20200715&cbv=r20190131&ptt=9&saldr=aa&correlator=7916138179572&frm=23&ife=4&pv=2&ga_vid=1416432532.1594957604&ga_sid=1594957604&ga_hid=715629013&ga_fc=0&iag=63&icsg=682&nhd=3&dssz=11&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=24&ady=66&biw=1600&bih=1200&isw=300&ish=250&ifk=3696241913&scr_x=0&scr_y=0&oid=3&pvsid=4311754214480134&pem=537&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8212&bc=31&ifi=1&uci=1.6g462fjzvmya&fsb=1&dtd=76
Frame ID: 0150B0C6B9CAD0940FDE0E8BB537FF8A
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html
Frame ID: 7259566D46EFF56B7E34C9747AF6AFE7
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: 9D8D52903A092098D9736E975C3650E5
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://wheel-of-names-firebase.firebaseapp.com/ HTTP 301
https://wheel-of-names-firebase.firebaseapp.com/ Page URL

Page Statistics

74
Requests

97 %
HTTPS

54 %
IPv6

20
Domains

31
Subdomains

26
IPs

8
Countries

1354 kB
Transfer

4799 kB
Size

4
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://docs.google.com/forms/d/e/1FAIpQLSf4uHdyUJVctmMgrmgKFjTzcl9n13r1MfVJpo9IZ_NEVAc6Aw/viewform?entry.1064273724=Mozilla/5.0%20(Macintosh;%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/83.0.4103.61%20Safari/537.36
Title: Feedback

Search URL Search Domain Scan URL

URL: https://docs.google.com/forms/d/e/1FAIpQLSdLAmpGSSVJo0-4tsTy0wvdQpwWk-oixWovXHOxaQB5j3O3qg/viewform
Title: Report offensive content

Search URL Search Domain Scan URL

URL: https://en.wikipedia.org/wiki/Fred_Rogers
Title: Mister Rogers

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://wheel-of-names-firebase.firebaseapp.com/ HTTP 301
https://wheel-of-names-firebase.firebaseapp.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 33

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwheel-of-names-firebase.firebaseapp.com%2F&domain=wheel-of-names-firebase.firebaseapp.com&gdprString=BO2qzdfO2qzdgAKABBENCT-AAAAnd7_______9______9uz_Ov_v_f__33e87_9v_l_7_-___u_-3zd4-_1vf99yfm1-7etr3tp_87ues2_Xur__59__3z3_9phPrsk89r6337A&cw=1 HTTP 302
https://mug.criteo.com/sid?cpp=-yFmsnwyQ25LdkkzTmRHNGs0dHdVdlI4bXY0SG0wV1FNa3dXeEtlY0VWdzJNcXFiQ2hGUUVqSklwUHZmRDR3T291RFhPM2FLdzJUOG1OUndTZG01WVhQNXFYdlpPM3Jpa2wxRlZ0a01OWFFweFo2NW42ZkdUL2htNXVsbWZzcEFVdWpjUWsza29kUm9OZVJRd0lGVnk4aFZ4eURQS0N6SlJoR1NIUlRFN1RrbnBMenhiZ3dpZjBNZ2ZmV0hhSlJkSSswbjlOM2tMN05hS1lIazhMTDBpdHNIOGNPNE9mR2s3cTErd3QzM0t6ZUFaS1JRS2dQYXgyTFBYS2prbG9XTG5TUVZVNDhmZGdsdE4wclNLakI2YWhUL0NCUT09fA&cppv=2

Request Chain 41

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-setupad&endpoint=eu HTTP 302
https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu

74 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
wheel-of-names-firebase.firebaseapp.com/
Redirect Chain

http://wheel-of-names-firebase.firebaseapp.com/
https://wheel-of-names-firebase.firebaseapp.com/

4 KB
2 KB

426ms
390ms

Document
text/html

151.101.65.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://wheel-of-names-firebase.firebaseapp.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

77bf68141f75296907cb9a0a9f27a76226b655afc901c1cf1506766fbfd99e1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

:method: GET
:authority: wheel-of-names-firebase.firebaseapp.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
cache-control: max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
etag: "61ac4feca191bcc329a9fe77a4d89132d27b6cde99d9b7a12eaedecaa82860c8"
last-modified: Thu, 16 Jul 2020 16:15:00 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Fri, 17 Jul 2020 03:46:41 GMT
x-served-by: cache-ams21077-AMS
x-cache: MISS
x-cache-hits: 0
x-timer: S1594957601.889035,VS0,VE373
vary: x-fh-requested-host, accept-encoding
content-length: 1862

Redirect headers

Server: Varnish
Retry-After: 0
Location: https://wheel-of-names-firebase.firebaseapp.com/
Content-Length: 0
Accept-Ranges: bytes
Date: Fri, 17 Jul 2020 03:46:40 GMT
Connection: close
X-Served-By: cache-ams21025-AMS
X-Cache: HIT
X-Cache-Hits: 0
X-Timer: S1594957601.834080,VS0,VE0

GET
H2 200 all.css
use.fontawesome.com/releases/v5.13.0/css/ 57 KB
14 KB 23ms
21ms Stylesheet
text/css 23.111.9.35
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.13.0/css/all.css
Requested by: Host: wheel-of-names-firebase.firebaseapp.com
URL: https://wheel-of-names-firebase.firebaseapp.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 876d023d9d10c97941b80c3b03e2a5b94631ff7a4af9cee5604a6a2d39718d84

Request headers

Referer: https://wheel-of-names-firebase.firebaseapp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 17 Jul 2020 03:46:41 GMT
content-encoding: gzip
last-modified: Mon, 23 Mar 2020 16:09:20 GMT
server: NetDNA-cache/2.2
status: 200
etag: W/"76cb46c10b6c0293433b371bae2414b2"
vary: Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=31556926
x-cache: HIT

GET
H2 200 css
fonts.googleapis.com/ 1 KB
541 B 17ms
15ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Quicksand

Requested by

Host: wheel-of-names-firebase.firebaseapp.com
URL: https://wheel-of-names-firebase.firebaseapp.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

48d4e42d5d0ccee79aeb037dd3ecfe7208da5cc847026ab5d4313ad39e4ee3a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://wheel-of-names-firebase.firebaseapp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 17 Jul 2020 03:28:51 GMT
server: ESF
date: Fri, 17 Jul 2020 03:46:41 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 17 Jul 2020 03:46:41 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 117 KB
42 KB 40ms
20ms Script
text/javascript 2a00:1450:4001:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: wheel-of-names-firebase.firebaseapp.com
URL: https://wheel-of-names-firebase.firebaseapp.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fcdba056d63a6f9a02f8066b18be573c32b79507854189baf3f0d10414d4461e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wheel-of-names-firebase.firebaseapp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 17 Jul 2020 03:46:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42370
x-xss-protection: 0
server: cafe
etag: 15539805577875352861
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 17 Jul 2020 03:46:41 GMT

GET
H2 200 vendor.css
wheel-of-names-firebase.firebaseapp.com/css/ 350 KB
41 KB 346ms
344ms Stylesheet
text/css 151.101.65.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://wheel-of-names-firebase.firebaseapp.com/css/vendor.css

Requested by

Host: wheel-of-names-firebase.firebaseapp.com
URL: https://wheel-of-names-firebase.firebaseapp.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

404cef0d67dc6795ad8d3954f672cc8d6a98cca0ab8b8e5ae5a740ada6e3383e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://wheel-of-names-firebase.firebaseapp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
last-modified: Thu, 16 Jul 2020 16:15:00 GMT
x-timer: S1594957601.284895,VS0,VE324
etag: "27d1b7989a70f9f62cb0bf49fe3262cf662ae69ffe9ec286fcfd3a607639afc5"
x-served-by: cache-ams21077-AMS
vary: x-fh-requested-host, accept-encoding
x-cache: MISS
content-type: text/css; charset=utf-8
status: 200
cache-control: max-age=3600
date: Fri, 17 Jul 2020 03:46:41 GMT
accept-ranges: bytes
content-length: 41721
x-cache-hits: 0

GET
H2 200 index.css
wheel-of-names-firebase.firebaseapp.com/css/ 2 KB
814 B 366ms
364ms Stylesheet
text/css 151.101.65.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://wheel-of-names-firebase.firebaseapp.com/css/index.css

Requested by

Host: wheel-of-names-firebase.firebaseapp.com
URL: https://wheel-of-names-firebase.firebaseapp.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

04308aeacbe9eae0d7b354f407bf9a6ad8eed86fe2b165e17db6349de16bc6f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://wheel-of-names-firebase.firebaseapp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
last-modified: Thu, 16 Jul 2020 16:15:00 GMT
x-timer: S1594957601.285331,VS0,VE338
etag: "5eab172f8008392c61d976a3c679d059c2e7e46d5ef58ff876759fdb8644fae4"
x-served-by: cache-ams21077-AMS
vary: x-fh-requested-host, accept-encoding
x-cache: MISS
content-type: text/css; charset=utf-8
status: 200
cache-control: max-age=3600
date: Fri, 17 Jul 2020 03:46:41 GMT
accept-ranges: bytes
content-length: 702
x-cache-hits: 0

GET
H2 200 api.js Show response
apis.google.com/js/ 13 KB
6 KB 48ms
28ms Script
application/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/api.js

Requested by

Host: wheel-of-names-firebase.firebaseapp.com
URL: https://wheel-of-names-firebase.firebaseapp.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f24a309fc1c02fc9e80809586add3d5e0dcd8c055ce9c4d2e48ece64ae7ee4df

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-WkUh1RnkU8kB3dQJkP2SiQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://wheel-of-names-firebase.firebaseapp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 17 Jul 2020 03:46:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge, chrome=1
server: ESF
x-frame-options: SAMEORIGIN
etag: "4338429277d3503ceffcab4feee12582"
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
content-security-policy: script-src 'report-sample' 'nonce-WkUh1RnkU8kB3dQJkP2SiQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin: *
expires: Fri, 17 Jul 2020 03:46:41 GMT

GET
H2 200 vendor-e18640a165d93f17c874.js Show response
wheel-of-names-firebase.firebaseapp.com/ 528 KB
146 KB 622ms
621ms Script
text/javascript 151.101.65.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://wheel-of-names-firebase.firebaseapp.com/vendor-e18640a165d93f17c874.js

Requested by

Host: wheel-of-names-firebase.firebaseapp.com
URL: https://wheel-of-names-firebase.firebaseapp.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

101ab198e793d3527b4e75c49d830f366dbd4c57a1a3c8a6d1297e8f4619ddef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://wheel-of-names-firebase.firebaseapp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
last-modified: Thu, 16 Jul 2020 16:15:00 GMT
x-timer: S1594957601.285325,VS0,VE603
etag: "e20bf23fbdc18186456ee21c1b501253bb33e5073bb1b452b9a58c96732740d4"
x-served-by: cache-ams21077-AMS
vary: x-fh-requested-host, accept-encoding
x-cache: MISS
content-type: text/javascript; charset=utf-8
status: 200
cache-control: max-age=3600
date: Fri, 17 Jul 2020 03:46:41 GMT
accept-ranges: bytes
content-length: 149576
x-cache-hits: 0

GET
H2 200 index-127e70d5ff4b2b0927ce.js Show response
wheel-of-names-firebase.firebaseapp.com/ 160 KB
39 KB 433ms
432ms Script
text/javascript 151.101.65.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://wheel-of-names-firebase.firebaseapp.com/index-127e70d5ff4b2b0927ce.js

Requested by

Host: wheel-of-names-firebase.firebaseapp.com
URL: https://wheel-of-names-firebase.firebaseapp.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a222a8aee99893371e9869e1382230ad7d061e95c4c1d11b92d2d2532e9083be

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://wheel-of-names-firebase.firebaseapp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
last-modified: Thu, 16 Jul 2020 16:15:00 GMT
x-timer: S1594957601.285309,VS0,VE414
etag: "72832daffcfafc4796a002739331fd82de385ca18922ddaa146f6e1902592167"
x-served-by: cache-ams21077-AMS
vary: x-fh-requested-host, accept-encoding
x-cache: MISS
content-type: text/javascript; charset=utf-8
status: 200
cache-control: max-age=3600
date: Fri, 17 Jul 2020 03:46:41 GMT
accept-ranges: bytes
content-length: 39861
x-cache-hits: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: wheel-of-names-firebase.firebaseapp.com
URL: https://wheel-of-names-firebase.firebaseapp.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://wheel-of-names-firebase.firebaseapp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 04 Jun 2020 23:38:14 GMT
server: Golfe2
age: 3023
date: Fri, 17 Jul 2020 02:56:18 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18469
expires: Fri, 17 Jul 2020 04:56:18 GMT

GET
H2 200 collect
www.google-analytics.com/r/ 35 B
98 B 14ms
13ms Image
image/gif 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j83&aip=1&a=1398747240&t=pageview&_s=1&dl=https%3A%2F%2Fwheel-of-names-firebase.firebaseapp.com%2F&ul=en-us&de=UTF-8&dt=Wheel%20of%20Names&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEAB~&jid=317384286&gjid=300070817&cid=126792998.1594957601&tid=UA-164794522-1&_gid=1626187122.1594957601&_r=1&z=2068947610

Requested by

Host: wheel-of-names-firebase.firebaseapp.com
URL: https://wheel-of-names-firebase.firebaseapp.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://wheel-of-names-firebase.firebaseapp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Jul 2020 03:46:41 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
316 B 14ms
14ms Script
application/javascript 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=wheel-of-names-firebase.firebaseapp.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wheel-of-names-firebase.firebaseapp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 17 Jul 2020 03:46:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
168 B 14ms
14ms Script
application/javascript 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=wheel-of-names-firebase.firebaseapp.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wheel-of-names-firebase.firebaseapp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 17 Jul 2020 03:46:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20200715/r20190131/ 220 KB
83 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20200715/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8e98d84da2424bc7e75d8816697cb36062860d91b3cfdcba1d5a3083d076e931

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wheel-of-names-firebase.firebaseapp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 17 Jul 2020 03:46:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 84780
x-xss-protection: 0
server: cafe
etag: 2308157152436191864
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 17 Jul 2020 03:46:41 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20200715/r20190131/ Frame D326 0
0 6ms
6ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20200715/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20200715/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://wheel-of-names-firebase.firebaseapp.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://wheel-of-names-firebase.firebaseapp.com/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Thu, 16 Jul 2020 05:40:18 GMT
expires: Thu, 30 Jul 2020 05:40:18 GMT
content-type: text/html; charset=UTF-8
etag: 1809543571055990350
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4277
x-xss-protection: 0
cache-control: public, max-age=1209600
age: 79583
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2 403 ads
googleads.g.doubleclick.net/pagead/ Frame 8830 0
0 27ms
27ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7328928711756780&output=html&adk=1812271804&adf=3025194257&lmt=1594916100&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fwheel-of-names-firebase.firebaseapp.com%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1594957601374&bpp=18&bdt=97&idt=56&shv=r20200715&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7916138179572&frm=20&pv=2&ga_vid=126792998.1594957601&ga_sid=1594957601&ga_hid=1398747240&ga_fc=0&iag=0&icsg=2216&dssz=8&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066428%2C21066716&oid=3&pvsid=57887485796295&pem=537&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8208&bc=31&ifi=0&uci=a!0&fsb=1&dtd=73

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200715/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-7328928711756780&output=html&adk=1812271804&adf=3025194257&lmt=1594916100&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fwheel-of-names-firebase.firebaseapp.com%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1594957601374&bpp=18&bdt=97&idt=56&shv=r20200715&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7916138179572&frm=20&pv=2&ga_vid=126792998.1594957601&ga_sid=1594957601&ga_hid=1398747240&ga_fc=0&iag=0&icsg=2216&dssz=8&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066428%2C21066716&oid=3&pvsid=57887485796295&pem=537&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8208&bc=31&ifi=0&uci=a!0&fsb=1&dtd=73
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://wheel-of-names-firebase.firebaseapp.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://wheel-of-names-firebase.firebaseapp.com/

Response headers

status: 403
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 17 Jul 2020 03:46:41 GMT
server: cafe
content-length: 46
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 17-Jul-2020 04:01:41 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 71 KB
27 KB 15ms
13ms Script
text/javascript 2a00:1450:4001:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200715/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1dac9119f69dbddeec387d9577fc106269800c59633b2fd917bd99eecff01173

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wheel-of-names-firebase.firebaseapp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 17 Jul 2020 03:46:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1594830332173426"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 27205
x-xss-protection: 0
expires: Fri, 17 Jul 2020 03:46:41 GMT

GET
H2 200 logger.min.js Show response
cdn.lr-ingest.io/ 737 KB
121 KB 47ms
30ms Script
text/javascript 2606:4700:e0::ac40:6502
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.lr-ingest.io/logger.min.js

Requested by

Host: wheel-of-names-firebase.firebaseapp.com
URL: https://wheel-of-names-firebase.firebaseapp.com/vendor-e18640a165d93f17c874.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e0::ac40:6502 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

15ccabe769beea46ea5b92d4bc1d2c05b5df30efa7b1a50300ee2a07d73f7daa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

Referer: https://wheel-of-names-firebase.firebaseapp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 17 Jul 2020 03:46:41 GMT
content-encoding: br
vary: x-fh-requested-host, accept-encoding
cf-cache-status: HIT
age: 281
x-cache: MISS
status: 200
cf-request-id: 03fc7ab4ac0000d70965399200000001
x-served-by: cache-fra19176-FRA
last-modified: Thu, 16 Jul 2020 22:32:53 GMT
server: cloudflare
x-timer: S1594938959.219161,VS0,VE563
etag: W/"7cca0a39ed2e42d788d42e4092fe92c7ade8a3ebe55a5ef5cf974b56e68cb454"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31556926
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=14400
cf-ray: 5b40fa344b59d709-FRA
x-cache-hits: 0

GET
BLOB 200
OK 81b1e92c-96e7-4e3d-a991-15a09b54203d
https://wheel-of-names-firebase.firebaseapp.com/ 7 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://wheel-of-names-firebase.firebaseapp.com/81b1e92c-96e7-4e3d-a991-15a09b54203d
Requested by: Host: wheel-of-names-firebase.firebaseapp.com
URL: https://wheel-of-names-firebase.firebaseapp.com/vendor-e18640a165d93f17c874.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 115f7b625a2546621aacf4043bc220590234d4923e37559c3b427c35d2298809

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Length: 7018

GET
H2 200 locale-en-US-aa90d730f3bbc79b38fd.js Show response
wheel-of-names-firebase.firebaseapp.com/ 8 KB
3 KB 368ms
367ms Script
text/javascript 151.101.65.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://wheel-of-names-firebase.firebaseapp.com/locale-en-US-aa90d730f3bbc79b38fd.js

Requested by

Host: wheel-of-names-firebase.firebaseapp.com
URL: https://wheel-of-names-firebase.firebaseapp.com/index-127e70d5ff4b2b0927ce.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

25d7f13bdf965cac5790c09ade059f2ca9bfb146f8c4d5e21af50d81ad5ba867

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://wheel-of-names-firebase.firebaseapp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
last-modified: Thu, 16 Jul 2020 16:15:00 GMT
x-timer: S1594957602.017345,VS0,VE350
etag: "4c0e9b7295592c525c2bc0de988a9b99bd37c98905a35d012df7c1f536727675"
x-served-by: cache-ams21077-AMS
vary: x-fh-requested-host, accept-encoding
x-cache: MISS
content-type: text/javascript; charset=utf-8
status: 200
cache-control: max-age=3600
date: Fri, 17 Jul 2020 03:46:42 GMT
accept-ranges: bytes
content-length: 3159
x-cache-hits: 0

GET
BLOB 200
OK 0361fc4d-67b5-4a9d-a4cf-fdc63ba8176f
https://wheel-of-names-firebase.firebaseapp.com/ 555 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://wheel-of-names-firebase.firebaseapp.com/0361fc4d-67b5-4a9d-a4cf-fdc63ba8176f
Requested by: Host: cdn.lr-ingest.io
URL: https://cdn.lr-ingest.io/logger.min.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2adb4cd160ed4ed2150ede8c7c8fadcd190ce2237902789fefb1d682a23c49a2

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Length: 568087

GET
H2 200 fa-solid-900.woff2
use.fontawesome.com/releases/v5.13.0/webfonts/ 78 KB
78 KB 19ms
18ms Font
font/woff2 23.111.9.35
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.13.0/webfonts/fa-solid-900.woff2
Requested by: Host: wheel-of-names-firebase.firebaseapp.com
URL: https://wheel-of-names-firebase.firebaseapp.com/index-127e70d5ff4b2b0927ce.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 7f4d3fd0a705dbf8403298aad91d5de6972e6b5d536068eba8b24954a5a0a8c7

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://use.fontawesome.com/releases/v5.13.0/css/all.css
Origin: https://wheel-of-names-firebase.firebaseapp.com

Response headers

date: Fri, 17 Jul 2020 03:46:42 GMT
last-modified: Mon, 23 Mar 2020 16:08:17 GMT
server: NetDNA-cache/2.2
status: 200
etag: "b15db15f746f29ffa02638cb455b8ec0"
vary: Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=31556926
x-cache: HIT
accept-ranges: bytes
content-length: 79444

GET
H2 200 6xK-dSZaM9iE8KbpRA_LJ3z8mH9BOJvgkP8o58a-xDwxUD2GFw.woff
fonts.gstatic.com/s/quicksand/v21/ 17 KB
17 KB 6ms
6ms Font
font/woff 2a00:1450:4001:818::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/quicksand/v21/6xK-dSZaM9iE8KbpRA_LJ3z8mH9BOJvgkP8o58a-xDwxUD2GFw.woff

Requested by

Host: wheel-of-names-firebase.firebaseapp.com
URL: https://wheel-of-names-firebase.firebaseapp.com/index-127e70d5ff4b2b0927ce.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cb5fe327268d95da18ea494eee9ee8bfd3d13c6ca6f7aba9ac0abe15d8d02fe2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Quicksand
Origin: https://wheel-of-names-firebase.firebaseapp.com

Response headers

date: Fri, 26 Jun 2020 04:22:33 GMT
x-content-type-options: nosniff
last-modified: Fri, 26 Jun 2020 02:38:08 GMT
server: sffe
age: 1812249
status: 200
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17096
x-xss-protection: 0
expires: Sat, 26 Jun 2021 04:22:33 GMT

GET
H2 200 fa-regular-400.woff2
use.fontawesome.com/releases/v5.13.0/webfonts/ 13 KB
14 KB 18ms
18ms Font
font/woff2 23.111.9.35
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.13.0/webfonts/fa-regular-400.woff2
Requested by: Host: wheel-of-names-firebase.firebaseapp.com
URL: https://wheel-of-names-firebase.firebaseapp.com/index-127e70d5ff4b2b0927ce.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 6a8c8e9e1e7f692c21af1956de163f3d026778e6449fe93a09a671847ca1ae65

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://use.fontawesome.com/releases/v5.13.0/css/all.css
Origin: https://wheel-of-names-firebase.firebaseapp.com

Response headers

date: Fri, 17 Jul 2020 03:46:42 GMT
last-modified: Mon, 23 Mar 2020 16:10:08 GMT
server: NetDNA-cache/2.2
status: 200
etag: "c20b5b7362d8d7bb7eddf94344ace33e"
vary: Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=31556926
x-cache: HIT
accept-ranges: bytes
content-length: 13584

GET
DATA 200
OK truncated
/ 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 adx Show response
pubads.g.doubleclick.net/gampad/ 53 KB
13 KB 107ms
54ms XHR
text/html 172.217.21.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/adx?iu=/147246189/wheelofnames.com_300x250_desktop_DFP&sz=300x250&t=Placement_type%3Dserving&1594957602770

Requested by

Host: wheel-of-names-firebase.firebaseapp.com
URL: https://wheel-of-names-firebase.firebaseapp.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.21.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

30e991b3d3b7ba136847475e99ed5f59c65c372b545ede9da66687f8b8241817

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wheel-of-names-firebase.firebaseapp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 17 Jul 2020 03:46:42 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12456
x-xss-protection: 0
google-lineitem-id: 5422276488
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138317501986
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://wheel-of-names-firebase.firebaseapp.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ding.mp3 Show response
wheel-of-names-firebase.firebaseapp.com/ 2 KB
1 KB 449ms
449ms XHR
audio/mpeg 151.101.65.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://wheel-of-names-firebase.firebaseapp.com/ding.mp3

Requested by

Host: wheel-of-names-firebase.firebaseapp.com
URL: https://wheel-of-names-firebase.firebaseapp.com/vendor-e18640a165d93f17c874.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

69a7af2f02e618dc932a378b63e330823ade2b49cc80859594f310ef116fd2a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://wheel-of-names-firebase.firebaseapp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
last-modified: Thu, 16 Jul 2020 16:15:00 GMT
x-timer: S1594957603.780295,VS0,VE428
etag: "ae62ab73bb6b00d9a20263d14df77f4a7e4ef32790fbd4036317509a142ba266"
x-served-by: cache-ams21077-AMS
vary: x-fh-requested-host, accept-encoding
x-cache: MISS
content-type: audio/mpeg
status: 200
cache-control: max-age=604800
date: Fri, 17 Jul 2020 03:46:43 GMT
accept-ranges: bytes
content-length: 977
x-cache-hits: 0

GET
H2 200 SMALL_CROWD_APPLAUSE-Yannick_Lemieux-1268806408-soft.mp3 Show response
wheel-of-names-firebase.firebaseapp.com/ 74 KB
73 KB 593ms
592ms XHR
audio/mpeg 151.101.65.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://wheel-of-names-firebase.firebaseapp.com/SMALL_CROWD_APPLAUSE-Yannick_Lemieux-1268806408-soft.mp3

Requested by

Host: wheel-of-names-firebase.firebaseapp.com
URL: https://wheel-of-names-firebase.firebaseapp.com/vendor-e18640a165d93f17c874.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a596fcdde6726508aaae8d8bd56e470a7a3d53300ed01afe3762e8bdd6b44b00

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://wheel-of-names-firebase.firebaseapp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
last-modified: Thu, 16 Jul 2020 16:15:00 GMT
x-timer: S1594957603.780424,VS0,VE569
etag: "29997652d2192c1e72b32299a1b2e6f9c0c89eda7b3cfa2b5a87af58f6235a43"
x-served-by: cache-ams21077-AMS
vary: x-fh-requested-host, accept-encoding
x-cache: MISS
content-type: audio/mpeg
status: 200
cache-control: max-age=604800
date: Fri, 17 Jul 2020 03:46:43 GMT
accept-ranges: bytes
content-length: 74438
x-cache-hits: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 7 KB
6 KB 40ms
20ms XHR
application/json 2a00:1450:4001:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20200715&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200715/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

90210a4387d456f141da0f6cbedd47afd15096fa03c91d0cf5cd8aa68c545129

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wheel-of-names-firebase.firebaseapp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 17 Jul 2020 03:46:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 5630
x-xss-protection: 0

GET
H2 200 ldt3Y37cfk_190527.js Show response
cloud.setupad.com/postbid/ Frame ADC0 128 KB
37 KB 77ms
17ms Script
application/javascript 35.190.77.178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cloud.setupad.com/postbid/ldt3Y37cfk_190527.js
Requested by: Host: wheel-of-names-firebase.firebaseapp.com
URL: https://wheel-of-names-firebase.firebaseapp.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.77.178 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: nginx/1.14.1 /
Resource Hash: 3d22a7341ef338dba69bfda9a5e65bb4ddb4dbd276c937fef1f698f78806da79

Request headers

Referer: https://wheel-of-names-firebase.firebaseapp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 09 Jul 2020 09:46:38 GMT
content-encoding: gzip
age: 669605
status: 200
alt-svc: clear
content-length: 37956
access-control-allow-origin: *
last-modified: Fri, 28 Jun 2019 12:58:40 GMT
server: nginx/1.14.1
etag: W/"5d160f00-1ff27"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
via: 1.1 google
access-control-expose-headers: Content-Length,Content-Range
cache-control: max-age=2592000,public
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires: Sat, 08 Aug 2020 09:46:38 GMT

GET
H2 200 stpd200611.js Show response
cloud.setupad.com/postbid/ Frame ADC0 425 KB
159 KB 99ms
40ms Script
application/javascript 35.190.77.178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cloud.setupad.com/postbid/stpd200611.js
Requested by: Host: wheel-of-names-firebase.firebaseapp.com
URL: https://wheel-of-names-firebase.firebaseapp.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.77.178 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: nginx/1.14.1 /
Resource Hash: 864b128733a17d57f1c8c7f2a499d1908a40c2b72c43580c66ba48c1627390a7

Request headers

Referer: https://wheel-of-names-firebase.firebaseapp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 15 Jul 2020 07:34:21 GMT
content-encoding: gzip
age: 159142
status: 200
alt-svc: clear
content-length: 163023
access-control-allow-origin: *
last-modified: Fri, 12 Jun 2020 11:57:40 GMT
server: nginx/1.14.1
etag: W/"5ee36db4-6a345"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
via: 1.1 google
access-control-expose-headers: Content-Length,Content-Range
cache-control: max-age=2592000,public
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires: Fri, 14 Aug 2020 07:34:21 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 14 KB
6 KB 36ms
14ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200715/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wheel-of-names-firebase.firebaseapp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 17 Jul 2020 03:46:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1591403518460474"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5540
x-xss-protection: 0
expires: Fri, 17 Jul 2020 03:46:43 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/210/ Frame 9A81 0
0 6ms
6ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/210/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://wheel-of-names-firebase.firebaseapp.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://wheel-of-names-firebase.firebaseapp.com/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 4590
date: Fri, 17 Jul 2020 01:09:27 GMT
expires: Sat, 17 Jul 2021 01:09:27 GMT
last-modified: Wed, 26 Feb 2020 19:47:50 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 9436
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 localstore.js Show response
script.4dex.io/ Frame ADC0 450 B
746 B 44ms
10ms Script
application/javascript 2606:4700:e2::ac40:8620
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: cloud.setupad.com
URL: https://cloud.setupad.com/postbid/stpd200611.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:8620 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9ca8e213054d163276dedede01f9eaedf3daf414063621030719d3cbde1eca51

Request headers

Referer: https://wheel-of-names-firebase.firebaseapp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 17 Jul 2020 03:46:43 GMT
content-encoding: br
cf-cache-status: HIT
age: 545
status: 200
x-amz-request-id: ACFF88AD41A2F183
x-amz-id-2: IQA2Bt6d7xgVchGrbOumB9Njp/qWufzP04E5aI4IPS1JC9DoybcJw4WvdJRtrJ14ZL1Ve9ua85Q=
last-modified: Wed, 24 Jun 2020 14:54:57 GMT
server: cloudflare
etag: W/"bfa52622781c173885812009122c3f7c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=1800
cf-request-id: 03fc7ab9f600001f2df68ec200000001
cf-ray: 5b40fa3cb8441f2d-FRA

GET
H2

200

sid Show response
mug.criteo.com/ Frame ADC0
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwheel-of-names-firebase.firebaseapp.com%2F&domain=wheel-of-names-firebase.firebaseapp.com&gdprString=BO2qzdfO2qzdgAKABBENCT-AAAAnd...
https://mug.criteo.com/sid?cpp=-yFmsnwyQ25LdkkzTmRHNGs0dHdVdlI4bXY0SG0wV1FNa3dXeEtlY0VWdzJNcXFiQ2hGUUVqSklwUHZmRDR3T291RFhPM2FLdzJUOG1OUndTZG01WVhQNXFYdlpPM3Jpa2wxRlZ0a01OWFFweFo2NW42ZkdUL2htNXVsbW...

459 B
752 B

81ms
19ms

XHR
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=-yFmsnwyQ25LdkkzTmRHNGs0dHdVdlI4bXY0SG0wV1FNa3dXeEtlY0VWdzJNcXFiQ2hGUUVqSklwUHZmRDR3T291RFhPM2FLdzJUOG1OUndTZG01WVhQNXFYdlpPM3Jpa2wxRlZ0a01OWFFweFo2NW42ZkdUL2htNXVsbWZzcEFVdWpjUWsza29kUm9OZVJRd0lGVnk4aFZ4eURQS0N6SlJoR1NIUlRFN1RrbnBMenhiZ3dpZjBNZ2ZmV0hhSlJkSSswbjlOM2tMN05hS1lIazhMTDBpdHNIOGNPNE9mR2s3cTErd3QzM0t6ZUFaS1JRS2dQYXgyTFBYS2prbG9XTG5TUVZVNDhmZGdsdE4wclNLakI2YWhUL0NCUT09fA&cppv=2

Requested by

Host: wheel-of-names-firebase.firebaseapp.com
URL: https://wheel-of-names-firebase.firebaseapp.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

ebad66a44bb98b1e49106e4667e546a7a4325a6e6a9e6974f3a28b5121fbf0b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://wheel-of-names-firebase.firebaseapp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Fri, 17 Jul 2020 03:46:43 GMT
status: 200
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1185
content-length: 459
expires: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=31536000
status: 302
date: Fri, 17 Jul 2020 03:46:42 GMT
location: https://mug.criteo.com/sid?cpp=-yFmsnwyQ25LdkkzTmRHNGs0dHdVdlI4bXY0SG0wV1FNa3dXeEtlY0VWdzJNcXFiQ2hGUUVqSklwUHZmRDR3T291RFhPM2FLdzJUOG1OUndTZG01WVhQNXFYdlpPM3Jpa2wxRlZ0a01OWFFweFo2NW42ZkdUL2htNXVsbWZzcEFVdWpjUWsza29kUm9OZVJRd0lGVnk4aFZ4eURQS0N6SlJoR1NIUlRFN1RrbnBMenhiZ3dpZjBNZ2ZmV0hhSlJkSSswbjlOM2tMN05hS1lIazhMTDBpdHNIOGNPNE9mR2s3cTErd3QzM0t6ZUFaS1JRS2dQYXgyTFBYS2prbG9XTG5TUVZVNDhmZGdsdE4wclNLakI2YWhUL0NCUT09fA&cppv=2
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://wheel-of-names-firebase.firebaseapp.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2092
content-length: 541
expires: 0

POST
H2 200 cookie_sync Show response
prebid-stag.setupad.net/ Frame ADC0 403 B
407 B 194ms
149ms XHR
application/json 2606:4700:e4::ac40:a71e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-stag.setupad.net/cookie_sync
Requested by: Host: cloud.setupad.com
URL: https://cloud.setupad.com/postbid/stpd200611.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a71e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f08de2406bdffb9939c4ecaa4184c113ecd9c843a6c16eacbf6948f8bef227f8

Request headers

Referer: https://wheel-of-names-firebase.firebaseapp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 17 Jul 2020 03:46:43 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://wheel-of-names-firebase.firebaseapp.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 5b40fa3d1fccc2db-FRA
cf-request-id: 03fc7aba2b0000c2dbb0076200000001
expires: 0

POST
H2 200 auction Show response
prebid-stag.setupad.net/openrtb2/ Frame ADC0 111 B
553 B 146ms
103ms XHR
application/json 2606:4700:e4::ac40:a71e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-stag.setupad.net/openrtb2/auction
Requested by: Host: cloud.setupad.com
URL: https://cloud.setupad.com/postbid/stpd200611.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a71e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 74488dd5655133bcffa9ec5713afbae85a2d4f0e178a80b0ee6441cbfae1ed64

Request headers

Referer: https://wheel-of-names-firebase.firebaseapp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 17 Jul 2020 03:46:43 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: application/json
access-control-allow-origin: https://wheel-of-names-firebase.firebaseapp.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 5b40fa3d1fcfc2db-FRA
cf-request-id: 03fc7aba2b0000c2dbb0077200000001
expires: 0

GET
H2 200 / Show response
adx.adform.net/adx/ Frame ADC0 5 B
465 B 101ms
31ms XHR
application/json 37.157.4.23
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?rp=4&bWlkPTg0Njk3NSZ0cmFuc2FjdGlvbklkPWMzMzIxNzMxLTJmYmMtNGU5OC1hZTVlLTY2Mzc2OGZkYWUwNw%3D%3D&pt=gross&stid=b1812de2-1ae5-47b0-9c28-0ca5aed361ec&gdpr=true&gdpr_consent=BO2qzdfO2qzdgAKABBENCT-AAAAnd7_______9______9uz_Ov_v_f__33e87_9v_l_7_-___u_-3zd4-_1vf99yfm1-7etr3tp_87ues2_Xur__59__3z3_9phPrsk89r6337A&fd=1

Requested by

Host: cloud.setupad.com
URL: https://cloud.setupad.com/postbid/stpd200611.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://wheel-of-names-firebase.firebaseapp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 17 Jul 2020 03:46:43 GMT
server: nginx
status: 200
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://wheel-of-names-firebase.firebaseapp.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json; charset=utf-8
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length: 5
expires: -1

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame ADC0 142 B
1 KB 126ms
37ms XHR
application/json 37.252.172.249
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cloud.setupad.com
URL: https://cloud.setupad.com/postbid/stpd200611.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.249 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.13.4 /

Resource Hash

72c7f9f45391bbbde565c3823456c4793e519b0be9879b834b63a912f65bd001

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://wheel-of-names-firebase.firebaseapp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 17 Jul 2020 03:46:45 GMT
X-Proxy-Origin: 82.102.19.136; 82.102.19.136; 534.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.44:80
AN-X-Request-Uuid: c7221b6c-e1c8-4ab1-a27a-e3451553c595
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://wheel-of-names-firebase.firebaseapp.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 142
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame ADC0 0
193 B 61ms
21ms XHR
text/plain 185.184.8.30
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: cloud.setupad.com
URL: https://cloud.setupad.com/postbid/stpd200611.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.30 , Poland, ASN204995 (RTB-HOUSE-AMS, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://wheel-of-names-firebase.firebaseapp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Fri, 17 Jul 2020 03:46:43 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://wheel-of-names-firebase.firebaseapp.com
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame ADC0 0
169 B 73ms
20ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=31&wv=3.23.0-pre&cb=32815331398
Requested by: Host: cloud.setupad.com
URL: https://cloud.setupad.com/postbid/stpd200611.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://wheel-of-names-firebase.firebaseapp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Fri, 17 Jul 2020 03:46:42 GMT
access-control-allow-credentials: true
server: Finatra
access-control-allow-origin: https://wheel-of-names-firebase.firebaseapp.com
timing-allow-origin: *
vary: Origin

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame ADC0 49 KB
17 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: wheel-of-names-firebase.firebaseapp.com
URL: https://wheel-of-names-firebase.firebaseapp.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3dc7bc815f85dd2b0db8668d60a58b3505c9d10eb08bc360d976a90ef237b043

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wheel-of-names-firebase.firebaseapp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 17 Jul 2020 03:46:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "573 / 739 of 1000 / last-modified: 1594937525"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 16722
x-xss-protection: 0
expires: Fri, 17 Jul 2020 03:46:43 GMT

GET
H/1.1

200
OK

usync.html
eus.rubiconproject.com/ Frame 739D
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-setupad&endpoint=eu
https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu

0
0

79ms
29ms

Document
text/html

104.111.230.142
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Requested by: Host: wheel-of-names-firebase.firebaseapp.com
URL: https://wheel-of-names-firebase.firebaseapp.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.230.142 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://wheel-of-names-firebase.firebaseapp.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://wheel-of-names-firebase.firebaseapp.com/

Response headers

Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Last-Modified: Fri, 29 May 2020 23:03:21 GMT
Content-Encoding: gzip
Content-Length: 9232
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=12546
Expires: Fri, 17 Jul 2020 07:15:49 GMT
Date: Fri, 17 Jul 2020 03:46:43 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Date: Fri, 17 Jul 2020 03:46:43 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H2 200 adagio.js Show response
script.4dex.io/ Frame ADC0 63 KB
19 KB 369ms
137ms Fetch
application/javascript 2606:4700:e2::ac40:8620
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:8620 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 272f0b94a4cc8f18c95a3b9519ff5e850ddb2b1c6c6cc27df4cc306a4886ae88

Request headers

Referer: https://wheel-of-names-firebase.firebaseapp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 17 Jul 2020 03:46:43 GMT
content-encoding: br
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: MISS
x-amz-request-id: E184DC3DB5DF5EDD
status: 200
x-amz-id-2: qBLjYCQw7DNJweQyfFPF7+fsBE0vZI2TZh3BqWzcR+3gXor9mGRtCRjqBc82ir/ShsT9hhYhIg4=
last-modified: Wed, 24 Jun 2020 14:54:55 GMT
server: cloudflare
etag: W/"e271d40dcaf476981753ddafc272f0ba"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1800
cf-request-id: 03fc7abb54000096c2cbadf200000001
cf-ray: 5b40fa3eee6196c2-FRA

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
120 B 19ms
18ms Image
image/gif 2a00:1450:4001:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=210&t=2&li=gda_r20200715&jk=57887485796295&bg=!o6CloLhYrTnXEpaA42ICAAAAXFIAAAAkmQGYR0T4BcyQ0NjXC5D0Fll8H6RO4j4tHtgG_OXkGiJspYbKMgduXtqqUgf-bjBj7v7ppUerti2T5C1pg7ahbnk_vkCE5HBBOdrLhKzSN3iQ7SwKYSb2vgwLCIiQa1d6DFQiSLL5DtTLyC8h3KjOhncA6xaiWqecjqSHDWP3MnjAPCYYK5PxbQFR11yVLM60NCrOELWjU5kGV9h9FiPIrwtoeqI--x62ggb__xlYKPSZ4K0blcO7rb6BsPWUYd_qcDx1XVOLlemz5Rq0Gmgw8GhqXdeO4b1Df0ND_Kir6PtkUiM_tV1nyFNeRJ_P00ndJr7XiV8yhLzzAc18GvKPuoB9wXYYFdB_lbo1nqCMMBW8ro-8dhfVJa3kDjXDWHqkqMXj40mHB6T1DEMyx7_hDewnqzkLbjcmaK1hyXxef0Zlvl-zwxj9Zr2TWhbCzCCTp-ZgHSQiTzj_6zEVAzeZ93AH4Rbi4nWD7VPk1xaUOtfUsoevQVdC3WvJIw-5QA-4wXBIsZ92VPx-Cf7Ag0WzJsK3bFgjS5sa4xxT

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wheel-of-names-firebase.firebaseapp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Jul 2020 03:46:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame ADC0 109 B
168 B 25ms
14ms Script
application/javascript 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=wheel-of-names-firebase.firebaseapp.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wheel-of-names-firebase.firebaseapp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 17 Jul 2020 03:46:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame ADC0 109 B
168 B 26ms
14ms Script
application/javascript 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=wheel-of-names-firebase.firebaseapp.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wheel-of-names-firebase.firebaseapp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 17 Jul 2020 03:46:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 pubads_impl_2020071408.js Show response
securepubads.g.doubleclick.net/gpt/ Frame ADC0 253 KB
90 KB 95ms
32ms Script
text/javascript 172.217.21.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020071408.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.21.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fafbd585ae32ad7f5c38e5a7278d8d45e0f3277fd207827c608a60c9847d0db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wheel-of-names-firebase.firebaseapp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 17 Jul 2020 03:46:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 14 Jul 2020 15:41:28 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 91632
x-xss-protection: 0
expires: Fri, 17 Jul 2020 03:46:43 GMT

GET
H2 200 cookie
cm.adform.net/ Frame ADC0 43 B
106 B 94ms
29ms Image
image/gif 37.157.4.23
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dadform%26gdpr%3D1%26gdpr_consent%3DBO2qzdfO2qzdgAKABBENCT-AAAAnd7_______9______9uz_Ov_v_f__33e87_9v_l_7_-___u_-3zd4-_1vf99yfm1-7etr3tp_87ues2_Xur__59__3z3_9phPrsk89r6337A%26uid%3D%24UID
Requested by: Host: wheel-of-names-firebase.firebaseapp.com
URL: https://wheel-of-names-firebase.firebaseapp.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://wheel-of-names-firebase.firebaseapp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Fri, 17 Jul 2020 03:46:43 GMT
server: nginx
content-length: 43
content-type: image/gif

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame ADC0 4 KB
3 KB 156ms
151ms XHR
text/plain 172.217.21.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1635543843671738&correlator=3787296096918340&output=ldjh&impl=fifs&adsid=NT&eid=21063911%2C21064367%2C21066721&vrg=2020071408&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200717&iu_parts=147246189%2Cwheelofnames.com_300x250_desktop&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&eri=5&cust_params=hb_rf%3D0%26hb_rf_ct%3D0&cookie_enabled=1&cdm=wheel-of-names-firebase.firebaseapp.com&bc=31&abxe=1&dt=1594957603645&dlt=1594957603005&idt=616&ea=0&frm=23&biw=1600&bih=1200&isw=300&ish=150&oid=3&adxs=24&adys=66&adks=3355244645&ucis=bguvasr8ofmv&ifi=1&ifk=1127847812&u_tz=120&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=2&iag=15&url=wheelofnames.com&loc=https%3A%2F%2Fwheel-of-names-firebase.firebaseapp.com%2F&top=wheel-of-names-firebase.firebaseapp.com&dssz=10&icsg=8234&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x150&msz=300x250&ga_vid=126792998.1594957601&ga_sid=1594957604&ga_hid=18739403&ga_fc=true&fws=256&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020071408.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.21.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54c0ba66de7c604b9941996e570c7b8ccf53a295e9fbdd802b1341480bffb78c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wheel-of-names-firebase.firebaseapp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 17 Jul 2020 03:46:43 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2378
x-xss-protection: 0
google-lineitem-id: 5324721969
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138306041957
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://wheel-of-names-firebase.firebaseapp.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
4462d299475ef4aba69e1f057f30a0da.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame ADC0 0
0 50ms
16ms Other
text/html 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://4462d299475ef4aba69e1f057f30a0da.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020071408.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://wheel-of-names-firebase.firebaseapp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame ADC0 0
0 9ms
8ms Other
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020071408.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://wheel-of-names-firebase.firebaseapp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame C26C 0
0 33ms
33ms Fetch
image/gif 172.217.21.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssERO0-GkeZ1QoLtAwdOKiEdraBwfsDSd4IMqxYfVgYfALtHsZrYJTOQm0hkWLYGXxdISKC-2pwBNv_YKJPUUrdyrvWAbget7AEgytCVwDLqdqudCLl09-e7_3bg9LtSWMLOj1D_K98d8jXvD_JgTBSe0yjPMEDSR5s7jpRg-93Mh3ybghrpTSnwWByN-5adrIUANdbXMAYFy-wOk9QmFmSBj5c7GATjk9OAZkWfzqud2X_avTSU31KSxoFiGMLUNjS8Tc0EXJvSIUGLXDrm9OtnZhzQ7jZSEgsfiyQ8SgJdE1TzZj9u4JaSBGgmAc_FE1-nn6iHnVRaA&sig=Cg0ArKJSzGJXzZ6GfQRaEAE&urlfix=1&adurl=

Requested by

Host: wheel-of-names-firebase.firebaseapp.com
URL: https://wheel-of-names-firebase.firebaseapp.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.21.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wheel-of-names-firebase.firebaseapp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 17 Jul 2020 03:46:43 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame C26C 117 KB
41 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020071408.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fcdba056d63a6f9a02f8066b18be573c32b79507854189baf3f0d10414d4461e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wheel-of-names-firebase.firebaseapp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 17 Jul 2020 03:46:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42370
x-xss-protection: 0
server: cafe
etag: 15539805577875352861
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 17 Jul 2020 03:46:43 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame C26C 73 KB
28 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020071408.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4f5a9ebeab89f09786cdd0eea0de5eb23b3443381009057eb688fd703864c781

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wheel-of-names-firebase.firebaseapp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 17 Jul 2020 03:46:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1594830332173426"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28326
x-xss-protection: 0
expires: Fri, 17 Jul 2020 03:46:43 GMT

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame ADC0 71 KB
27 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020071408.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1dac9119f69dbddeec387d9577fc106269800c59633b2fd917bd99eecff01173

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wheel-of-names-firebase.firebaseapp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 17 Jul 2020 03:46:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1594830332173426"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 27205
x-xss-protection: 0
expires: Fri, 17 Jul 2020 03:46:43 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame ADC0 7 KB
6 KB 17ms
17ms XHR
application/json 2a00:1450:4001:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020071408&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020071408.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1d5c039962bf84f35a23a5d4efe1692fd07875988e84f5c0cd016d0b8bf89243

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wheel-of-names-firebase.firebaseapp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 17 Jul 2020 03:46:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 5628
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame ADC0 14 KB
5 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020071408.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wheel-of-names-firebase.firebaseapp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 17 Jul 2020 03:46:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1591403518460474"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5540
x-xss-protection: 0
expires: Fri, 17 Jul 2020 03:46:43 GMT

GET
DATA 200
OK truncated
/ Frame C26C 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b4371eba5e8fe5487adb736d80e4ae2124efe492a28b630cdda5aaff2b98c37e

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/210/ Frame 6E08 0
0 6ms
5ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/210/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://wheel-of-names-firebase.firebaseapp.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://wheel-of-names-firebase.firebaseapp.com/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 4590
date: Fri, 17 Jul 2020 01:09:27 GMT
expires: Sat, 17 Jul 2021 01:09:27 GMT
last-modified: Wed, 26 Feb 2020 19:47:50 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 9436
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame C26C 109 B
168 B 15ms
14ms Script
application/javascript 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=wheel-of-names-firebase.firebaseapp.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wheel-of-names-firebase.firebaseapp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 17 Jul 2020 03:46:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame C26C 109 B
168 B 15ms
14ms Script
application/javascript 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=wheel-of-names-firebase.firebaseapp.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wheel-of-names-firebase.firebaseapp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 17 Jul 2020 03:46:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20200715/r20190131/ Frame C26C 220 KB
83 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20200715/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8e98d84da2424bc7e75d8816697cb36062860d91b3cfdcba1d5a3083d076e931

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wheel-of-names-firebase.firebaseapp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 17 Jul 2020 03:46:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 84780
x-xss-protection: 0
server: cafe
etag: 2308157152436191864
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 17 Jul 2020 03:46:43 GMT

GET
H2 403 ads
googleads.g.doubleclick.net/pagead/ Frame 0150 0
0 24ms
24ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3970277535528613&output=html&h=250&slotname=4993865012&adk=637360423&adf=660089893&w=300&psa=0&guci=1.2.0.0.2.2.0.0&format=300x250&url=https%3A%2F%2Fwheel-of-names-firebase.firebaseapp.com%2F&ea=0&flash=0&wgl=1&adsid=NT&dt=1594957603913&bpp=6&bdt=76&idt=68&shv=r20200715&cbv=r20190131&ptt=9&saldr=aa&correlator=7916138179572&frm=23&ife=4&pv=2&ga_vid=1416432532.1594957604&ga_sid=1594957604&ga_hid=715629013&ga_fc=0&iag=63&icsg=682&nhd=3&dssz=11&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=24&ady=66&biw=1600&bih=1200&isw=300&ish=250&ifk=3696241913&scr_x=0&scr_y=0&oid=3&pvsid=4311754214480134&pem=537&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8212&bc=31&ifi=1&uci=1.6g462fjzvmya&fsb=1&dtd=76

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200715/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3970277535528613&output=html&h=250&slotname=4993865012&adk=637360423&adf=660089893&w=300&psa=0&guci=1.2.0.0.2.2.0.0&format=300x250&url=https%3A%2F%2Fwheel-of-names-firebase.firebaseapp.com%2F&ea=0&flash=0&wgl=1&adsid=NT&dt=1594957603913&bpp=6&bdt=76&idt=68&shv=r20200715&cbv=r20190131&ptt=9&saldr=aa&correlator=7916138179572&frm=23&ife=4&pv=2&ga_vid=1416432532.1594957604&ga_sid=1594957604&ga_hid=715629013&ga_fc=0&iag=63&icsg=682&nhd=3&dssz=11&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=24&ady=66&biw=1600&bih=1200&isw=300&ish=250&ifk=3696241913&scr_x=0&scr_y=0&oid=3&pvsid=4311754214480134&pem=537&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8212&bc=31&ifi=1&uci=1.6g462fjzvmya&fsb=1&dtd=76
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://wheel-of-names-firebase.firebaseapp.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkjZ5nlj6KSWPjCFO3I-gFqtL5O8Boa8XyB8UvPplHE9bVK8Yp4N462AXK9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://wheel-of-names-firebase.firebaseapp.com/

Response headers

status: 403
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 17 Jul 2020 03:46:44 GMT
server: cafe
content-length: 46
x-xss-protection: 0
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame C26C 71 KB
27 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200715/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1dac9119f69dbddeec387d9577fc106269800c59633b2fd917bd99eecff01173

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wheel-of-names-firebase.firebaseapp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 17 Jul 2020 03:46:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1594830332173426"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 27205
x-xss-protection: 0
expires: Fri, 17 Jul 2020 03:46:43 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame C26C 0
54 B 35ms
34ms Image
image/gif 172.217.21.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssLty1P5BtxmXOR-jd6qZx0Z_G7LfGKmJDs_JNcBErEEnTWW0S_vFaHYXyRfBjXpfvg0_aL1JxhR8cobFNLFVX6rdDi7fOt___yOtpQWgGzXqfbrm2etTnft6IrM609_JUVqRFzGq_rYmiQ0E39arHjFx-ZatHVrqCHxYaQSvISRU7YKBk-DqhiXeI1HhxcbQQDQb-FRs7VxPnLCKvJIezLSY8LhS7y_2iao-QPqBXSxeJzTufiI1Xamkqpyu_p5C8XmWdnZwmtLw_ixToxd4uzPtasyLIfbdeQNud3z7A&sig=Cg0ArKJSzI3UMo_dj-A1EAE&urlfix=1&adurl=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.21.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 17 Jul 2020 03:46:44 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame C26C 7 KB
6 KB 18ms
17ms XHR
application/json 2a00:1450:4001:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20200715&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200715/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

15a4cfcf47feb34479d29b8e20171b733ce26cf323b005dfb372dccae35e31d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wheel-of-names-firebase.firebaseapp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 17 Jul 2020 03:46:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 5661
x-xss-protection: 0

POST
H2 200 node.php Show response
node.setupad.com/node/ Frame ADC0 0
208 B 152ms
49ms XHR
text/html 85.206.143.247
TELIA-LIETUVA

General

Check archive.org

Show headers Download Go to

Full URL: https://node.setupad.com/node/node.php
Requested by: Host: wheel-of-names-firebase.firebaseapp.com
URL: https://wheel-of-names-firebase.firebaseapp.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 85.206.143.247 Kaunas, Lithuania, ASN43811 (TELIA-LIETUVA, LT),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://wheel-of-names-firebase.firebaseapp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Fri, 17 Jul 2020 03:46:44 GMT
content-encoding: gzip
server: nginx/1.10.3 (Ubuntu)
status: 200
access-control-allow-methods: GET, POST
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame C26C 14 KB
5 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200715/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wheel-of-names-firebase.firebaseapp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 17 Jul 2020 03:46:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1591403518460474"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5540
x-xss-protection: 0
expires: Fri, 17 Jul 2020 03:46:44 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame ADC0 0
55 B 14ms
14ms Image
image/gif 2a00:1450:4001:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=210&t=2&li=gpt_2020071408&jk=1635543843671738&bg=!GBulGwNY511Qh-0U00sCAAAAcFIAAAAUmQH6r0pqKEnKb5nLBFdKT8g7V4GubwIaVK4_CzINkxzLsS09gvCQdx6ynYnesA04BCz3p_U2YTf462IIaphQ35Qb5eJRrWVdxBngpo_zAzoLLXSyoBGaS7Lt7YGN20-K2H8BM_vGMJOpGz554hCWbDu6zFBfQjKU_Cd1PImmdOfIx5Guu7t3R6X_Uob-JmrERww8M00dUpFHFsWGnr7F8V38mifn4RID9nraWi21UDuoUS_VXdp8gjYDrCMhybcq5P7GztpP94yipEarr9n5tJNEQcfkajxIQkhN1mq62ewcKVun8mGVrTGEk6d7GGTjcP28m9oADb2eaUBXu_H_p0Dx0TeDfCkxuKFWipejGR6wYhho49NuOFsAfs720mrY8HZCINoUu3f4v7nSZFngS9BECqVjsOZXD8nAdkTVbdlkCqHaALkaQTzjxJYv2FoqQKuFd6v_9lG7QsWhn4wFhdn-TbTtAbwV1GLFuolaDcoZJKecoL86apgYltOH-FQ3uTMo72yQS8NEUbMdgKBXKd_-yHDKKPA29BNlk-ZECsfCT5fZ1TpW5nnNBC9BcUoWoONipkkdKXGdMCbSOmfqdqW6v6NGWfvtJQRwr-5bDqtCI-KBWfcKfzlGAMjM8I2jitkhozdteD-IaXtGdV6_Df3952yADyqW99yuGww

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wheel-of-names-firebase.firebaseapp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Jul 2020 03:46:44 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/210/ Frame 7259 0
0 7ms
6ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/210/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://wheel-of-names-firebase.firebaseapp.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://wheel-of-names-firebase.firebaseapp.com/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 4590
date: Fri, 17 Jul 2020 01:09:27 GMT
expires: Sat, 17 Jul 2021 01:09:27 GMT
last-modified: Wed, 26 Feb 2020 19:47:50 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 9437
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C26C 0
55 B 15ms
14ms Image
image/gif 2a00:1450:4001:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=210&t=2&li=gda_r20200715&jk=4311754214480134&bg=!1tWl1c1YZfJf_dVBZxgCAAAAS1IAAAANmQIAUezUOhfIhLhPQnRrvlRwTro-ghqpzMbc4z85mT9v4-gSsi-qL6TRWJt0B-HtRa0aI-SqSXedv4OfiWwWBB-uZZkCawfc5N2JCAxZqElz_Y3yMN6486TlsNxTKVjcnNz6rsoj5HH6IFkTgQDMeZjkPWg-7ihCCFQGYvPVb0ER29zUYbIe3dAC9_VcE6fUOgq_kgxMU9MCmuyb3hxgAbmBgAuEEy5-jWdOXp99s1QjV_rY_ic-ZHdCavk0A0i3Qy31Y1R0Pl_L8CsKQeTBf-5q4OTS4CnfXZ7zg0ufhIVQQdQuZrNJjt_9_eOXkNxo4RrGrBTyRMjaxSXzQaEApQyksfTVI5bJWJlH2Utu5doU_Hsefd0P4NoRGT9ilaXlJB-onC3xDlp-D2FAmTiNFfFZBdZPyuCXN2SAjk_t010wWF-gW5JFzQJyKJ5JQjMhA2Yt9qI3Ao4WpRpaaxLuWlWGMw0pJoE5jgxpxcpzMBiP6Rc3P5QxThptvY9Dzq7lvSS82wIY0E9RTc2oS5-nZHApVEwhDst5KLoLMRJ8OArxM1yCte8mZ3rjEahirYs0hwmnhEz6iNZuIxccbZLIttf6caWZRxRWkXktqj1pzISKy7QkUIrAGX0Yk_rTgqbk18-DbJS7INB3EZRrGcS_Hns3kQE2aGW8vzqW1D5iozE_kY8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wheel-of-names-firebase.firebaseapp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Jul 2020 03:46:44 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame C26C 42 B
112 B 14ms
14ms Image
image/gif 2a00:1450:4001:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssD58w8Dy6kkhBi0joGbJdM8-glAlDCvTKjC1q4biDfXgN9AOGBCwl6-9FAnVArbTnAVSkX0R2zp-s1DpGfZmsD1A2nYveMqJiAExK91pE&sig=Cg0ArKJSzHafI--7ewD9EAE&adk=3355244645&tt=-1&bs=1600%2C1200&mtos=973,973,1082,1082,1082&tos=973,0,109,0,0&p=0,0,250,300&mcvt=1082&rs=3&ht=0&tfs=163&tls=1245&mc=1&lte=0.6&bas=0&bac=0&met=ie&avms=nio&exg=1&md=2&btr=0&lm=2&rst=1594957603842&dlt&rpt=81&isd=0&msd&ext&xdi=0&ps=1600%2C839&ss=1600%2C1200&pt=-1&bin=4&deb=1-0-0-11-7-10-10-0-0-0&tvt=1240&is=300%2C250&iframe_loc=https%3A%2F%2Fwheel-of-names-firebase.firebaseapp.com%2F&r=v&id=osdim&vs=4&uc=11&upc=1&tgt=DIV&cl=1&cec=1&wf=0&cac=1&cd=0x0&itpl=19&v=20200715

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wheel-of-names-firebase.firebaseapp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Jul 2020 03:46:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame ADC0 72 KB
22 KB 64ms
18ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: cloud.setupad.com
URL: https://cloud.setupad.com/postbid/stpd200611.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: fd60fcdfb0ecb5a5505bd98cea1da96a6716f6a4cae0a614d49478068a8b3017

Request headers

Referer: https://wheel-of-names-firebase.firebaseapp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 17 Jul 2020 03:46:46 GMT
content-encoding: gzip
last-modified: Wed, 01 Jul 2020 10:37:51 GMT
server: nginx
etag: W/"5efc677f-12154"
status: 200
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
timing-allow-origin: *
expires: Sat, 18 Jul 2020 03:46:46 GMT

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame ADC0 72 KB
22 KB 51ms
18ms XHR
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: fd60fcdfb0ecb5a5505bd98cea1da96a6716f6a4cae0a614d49478068a8b3017

Request headers

Referer: https://wheel-of-names-firebase.firebaseapp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 17 Jul 2020 03:46:46 GMT
content-encoding: gzip
last-modified: Wed, 01 Jul 2020 10:37:51 GMT
server: nginx
etag: W/"5efc677f-12154"
status: 200
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
timing-allow-origin: *
expires: Sat, 18 Jul 2020 03:46:46 GMT

GET
H/1.1 200
OK async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame 9D8D 0
0 65ms
19ms Document
text/html 151.101.113.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by: Host: cloud.setupad.com
URL: https://cloud.setupad.com/postbid/stpd200611.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.13.10 /
Resource Hash

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://wheel-of-names-firebase.firebaseapp.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://wheel-of-names-firebase.firebaseapp.com/

Response headers

Connection: keep-alive
Content-Length: 506
Server: nginx/1.13.10
Content-Type: text/html
Last-Modified: Fri, 20 May 2016 02:07:09 GMT
ETag: W/"573e714d-3e3"
Expires: Thu, 06 May 2021 05:24:22 GMT
Cache-Control: max-age=31536000
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish 1.1 varnish
Accept-Ranges: bytes
Date: Fri, 17 Jul 2020 03:46:46 GMT
Age: 6214946
X-Served-By: cache-lga21948-LGA, cache-hhn4036-HHN
X-Cache: HIT, HIT
X-Cache-Hits: 236858, 3247720
X-Timer: S1594957607.548635,VS0,VE0
Vary: Accept-Encoding

Verdicts & Comments Add Verdict or Comment

62 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.wheel-of-names-firebase.firebaseapp.com/	1970-01-19 11:02:37	Name: _gat Value: 1
.doubleclick.net/	1970-01-19 11:02:38	Name: test_cookie Value: CheckForPermission
.wheel-of-names-firebase.firebaseapp.com/	1970-01-19 11:04:04	Name: _gid Value: GA1.3.1626187122.1594957601
.wheel-of-names-firebase.firebaseapp.com/	1970-01-20 04:33:49	Name: _ga Value: GA1.3.126792998.1594957601

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4462d299475ef4aba69e1f057f30a0da.safeframe.googlesyndication.com
acdn.adnxs.com
adservice.google.com
adservice.google.de
adx.adform.net
apis.google.com
bidder.criteo.com
cdn.lr-ingest.io
cloud.setupad.com
cm.adform.net
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
mug.criteo.com
node.setupad.com
pagead2.googlesyndication.com
prebid-eu.creativecdn.com
prebid-stag.setupad.net
pubads.g.doubleclick.net
script.4dex.io
secure-assets.rubiconproject.com
securepubads.g.doubleclick.net
static.criteo.net
tpc.googlesyndication.com
use.fontawesome.com
wheel-of-names-firebase.firebaseapp.com
www.google-analytics.com
www.googletagservices.com
104.111.230.142
151.101.113.108
151.101.65.195
172.217.21.226
178.250.0.165
178.250.2.146
185.184.8.30
23.111.9.35
2606:4700:e0::ac40:6502
2606:4700:e2::ac40:8620
2606:4700:e4::ac40:a71e
2a00:1450:4001:800::2001
2a00:1450:4001:800::200a
2a00:1450:4001:806::200e
2a00:1450:4001:808::200e
2a00:1450:4001:80b::2002
2a00:1450:4001:816::2001
2a00:1450:4001:818::2002
2a00:1450:4001:818::2003
2a00:1450:4001:819::2002
2a02:2638::1c
2a02:2638::3
35.190.77.178
37.157.4.23
37.252.172.249
85.206.143.247
04308aeacbe9eae0d7b354f407bf9a6ad8eed86fe2b165e17db6349de16bc6f3
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c
101ab198e793d3527b4e75c49d830f366dbd4c57a1a3c8a6d1297e8f4619ddef
115f7b625a2546621aacf4043bc220590234d4923e37559c3b427c35d2298809
15a4cfcf47feb34479d29b8e20171b733ce26cf323b005dfb372dccae35e31d5
15ccabe769beea46ea5b92d4bc1d2c05b5df30efa7b1a50300ee2a07d73f7daa
1d5c039962bf84f35a23a5d4efe1692fd07875988e84f5c0cd016d0b8bf89243
1dac9119f69dbddeec387d9577fc106269800c59633b2fd917bd99eecff01173
25d7f13bdf965cac5790c09ade059f2ca9bfb146f8c4d5e21af50d81ad5ba867
272f0b94a4cc8f18c95a3b9519ff5e850ddb2b1c6c6cc27df4cc306a4886ae88
2adb4cd160ed4ed2150ede8c7c8fadcd190ce2237902789fefb1d682a23c49a2
30e991b3d3b7ba136847475e99ed5f59c65c372b545ede9da66687f8b8241817
3d22a7341ef338dba69bfda9a5e65bb4ddb4dbd276c937fef1f698f78806da79
3dc7bc815f85dd2b0db8668d60a58b3505c9d10eb08bc360d976a90ef237b043
404cef0d67dc6795ad8d3954f672cc8d6a98cca0ab8b8e5ae5a740ada6e3383e
48d4e42d5d0ccee79aeb037dd3ecfe7208da5cc847026ab5d4313ad39e4ee3a2
4f5a9ebeab89f09786cdd0eea0de5eb23b3443381009057eb688fd703864c781
54c0ba66de7c604b9941996e570c7b8ccf53a295e9fbdd802b1341480bffb78c
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
69a7af2f02e618dc932a378b63e330823ade2b49cc80859594f310ef116fd2a1
6a8c8e9e1e7f692c21af1956de163f3d026778e6449fe93a09a671847ca1ae65
72c7f9f45391bbbde565c3823456c4793e519b0be9879b834b63a912f65bd001
74488dd5655133bcffa9ec5713afbae85a2d4f0e178a80b0ee6441cbfae1ed64
77bf68141f75296907cb9a0a9f27a76226b655afc901c1cf1506766fbfd99e1e
7f4d3fd0a705dbf8403298aad91d5de6972e6b5d536068eba8b24954a5a0a8c7
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
864b128733a17d57f1c8c7f2a499d1908a40c2b72c43580c66ba48c1627390a7
876d023d9d10c97941b80c3b03e2a5b94631ff7a4af9cee5604a6a2d39718d84
8e98d84da2424bc7e75d8816697cb36062860d91b3cfdcba1d5a3083d076e931
90210a4387d456f141da0f6cbedd47afd15096fa03c91d0cf5cd8aa68c545129
9ca8e213054d163276dedede01f9eaedf3daf414063621030719d3cbde1eca51
a222a8aee99893371e9869e1382230ad7d061e95c4c1d11b92d2d2532e9083be
a596fcdde6726508aaae8d8bd56e470a7a3d53300ed01afe3762e8bdd6b44b00
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b4371eba5e8fe5487adb736d80e4ae2124efe492a28b630cdda5aaff2b98c37e
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
cb5fe327268d95da18ea494eee9ee8bfd3d13c6ca6f7aba9ac0abe15d8d02fe2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ebad66a44bb98b1e49106e4667e546a7a4325a6e6a9e6974f3a28b5121fbf0b4
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f08de2406bdffb9939c4ecaa4184c113ecd9c843a6c16eacbf6948f8bef227f8
f24a309fc1c02fc9e80809586add3d5e0dcd8c055ce9c4d2e48ece64ae7ee4df
fafbd585ae32ad7f5c38e5a7278d8d45e0f3277fd207827c608a60c9847d0db7
fcdba056d63a6f9a02f8066b18be573c32b79507854189baf3f0d10414d4461e
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955
fd60fcdfb0ecb5a5505bd98cea1da96a6716f6a4cae0a614d49478068a8b3017

wheel-of-names-firebase.firebaseapp.com Open in urlscan Pro 151.101.65.195 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

74 Requests

97 %HTTPS

54 %IPv6

20 Domains

31 Subdomains

26 IPs

8 Countries

1354 kBTransfer

4799 kBSize

4 Cookies

3 Outgoing links

Page URL History

Redirected requests

74 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

wheel-of-names-firebase.firebaseapp.com Open in urlscan Pro
151.101.65.195 Public Scan

Screenshot
Live screenshot

Full Image

74
Requests

97 %
HTTPS

54 %
IPv6

20
Domains

31
Subdomains

26
IPs

8
Countries

1354 kB
Transfer

4799 kB
Size

4
Cookies

74 HTTP transactions
2 data transactions