freeinvaders.org Open in urlscan Pro
62.212.95.32 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://freeinvaders.org/
Effective URL:
https://freeinvaders.org/
Submission: On November 20 via api (November 20th 2023, 8:32:19 pm UTC) from US — Scanned from NL

Summary HTTP 102 Redirects Links 21 Behaviour Indicators

Summary

This website contacted 21 IPs in 3 countries across 15 domains to perform 102 HTTP transactions. The main IP is 62.212.95.32, located in Netherlands and belongs to LEASEWEB-NL-AMS-01 Netherlands, NL. The main domain is freeinvaders.org.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on April 29th 2023. Valid for: a year.

This is the only time freeinvaders.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 3	62.212.95.32 62.212.95.32	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
23	143.204.215.105 143.204.215.105	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
1	169.150.247.37 169.150.247.37	60068 (CDN77 ^_^) (CDN77 ^_^)
21	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
2	2620:116:800d... 2620:116:800d:21:e365:4988:e8a7:3270	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	2400:52e0:1e0... 2400:52e0:1e00::1082:1	200325 (BUNNYCDN) (BUNNYCDN)
1	2600:9000:223... 2600:9000:223c:c00:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
6 8	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
3 7	172.64.151.101 172.64.151.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 5	37.252.171.149 37.252.171.149	29990 (ASN-APPNEX) (ASN-APPNEX)
4	142.250.186.38 142.250.186.38	15169 (GOOGLE) (GOOGLE)
17	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2006	15169 (GOOGLE) (GOOGLE)
2	18.66.147.91 18.66.147.91	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
3	172.217.18.3 172.217.18.3	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::2004	() ()
102	21

3 62.212.95.32 (Netherlands) 1 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: host.eugamesvps.com

freeinvaders.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 143.204.215.105 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-105.fra53.r.cloudfront.net

turbo.freevideogames.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 169.150.247.37 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: 169-150-247-37.bunnyinfra.net

plausible.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:e365:4988:e8a7:3270 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2400:52e0:1e00::1082:1 (Germany)

ASN200325 (BUNNYCDN, SI)

plausible.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:c00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.185.66 (United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 172.64.151.101 (United States) 3 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 37.252.171.149 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.38 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.147.91 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-91.fra60.r.cloudfront.net

tag.researchnow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.18.3 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2004 (None, )

ASN- ()

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
38	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 97 tpc.googlesyndication.com — Cisco Umbrella Rank: 149	457 KB
23	freevideogames.org turbo.freevideogames.org — Cisco Umbrella Rank: 340896	1 MB
19	doubleclick.net 6 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 cm.g.doubleclick.net — Cisco Umbrella Rank: 245 ad.doubleclick.net — Cisco Umbrella Rank: 154	148 KB
7	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 625	5 KB
5	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 246	4 KB
4	gstatic.com fonts.gstatic.com www.gstatic.com	36 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 212	192 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31	3 KB
3	freeinvaders.org 1 redirects freeinvaders.org	21 KB
2	researchnow.com tag.researchnow.com — Cisco Umbrella Rank: 2316	866 B
2	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 300	47 KB
2	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 1245 pixel.quantserve.com — Cisco Umbrella Rank: 964	9 KB
2	plausible.io plausible.io — Cisco Umbrella Rank: 10361	2 KB
1	google.com www.google.com	1 KB
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 1212	641 B
102	15

	Domain	Requested by
23	turbo.freevideogames.org	freeinvaders.org turbo.freevideogames.org
21	pagead2.googlesyndication.com	freeinvaders.org pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
17	tpc.googlesyndication.com	googleads.g.doubleclick.net tpc.googlesyndication.com pagead2.googlesyndication.com
8	cm.g.doubleclick.net	6 redirects googleads.g.doubleclick.net
7	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
7	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
5	ib.adnxs.com	3 redirects googleads.g.doubleclick.net
4	ad.doubleclick.net	googleads.g.doubleclick.net
3	www.gstatic.com	googleads.g.doubleclick.net
3	www.googletagservices.com	googleads.g.doubleclick.net
3	fonts.googleapis.com	freeinvaders.org googleads.g.doubleclick.net
3	freeinvaders.org	1 redirects turbo.freevideogames.org
2	tag.researchnow.com	googleads.g.doubleclick.net
2	s0.2mdn.net	googleads.g.doubleclick.net
2	plausible.io	freeinvaders.org plausible.io
1	www.google.com	tpc.googlesyndication.com
1	pixel.quantserve.com	freeinvaders.org
1	rules.quantcount.com	secure.quantserve.com
1	fonts.gstatic.com	fonts.googleapis.com
1	secure.quantserve.com	freeinvaders.org
102	20

This site contains links to these domains. Also see Links.

Domain
freepacman.org
happyhopper.org
freepong.org
freeasteroids.org
freejetpac.org
freekong.org
freeflappybird.org
freefishy.org
freewordle.org
freemahjong.org
freesolitaire.org
freeminesweeper.org
theempiregame.com
thebigfarmgame.com
freesonic.org
freegalaga.com
freeqbert.org
freetennis.org
freesimon.org
freevideogames.org

Subject Issuer	Validity	Valid
freevideogamesonline.org Sectigo RSA Domain Validation Secure Server CA	`2023-04-29` - `2024-05-29`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
plausible.io R3	`2023-10-30` - `2024-01-28`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
quantserve.com R3	`2023-10-28` - `2024-01-26`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.researchnow.com Amazon RSA 2048 M03	`2023-09-13` - `2024-10-11`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh

This page contains 14 frames:

Primary Page: https://freeinvaders.org/
Frame ID: 0FFC6DB158A734B680E074D95D9B358F
Requests: 35 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/zrt_lookup_fy2021.html
Frame ID: 6542FFD911185DA5D7D55F7DD78D441E
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7437598866529614&output=html&adk=1812271804&adf=3025194257&lmt=1700512334&plat=1%3A16777216%2C2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Ffreeinvaders.org%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700512334357&bpp=2&bdt=524&idt=426&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1935581822378&frm=20&pv=2&ga_vid=1558642952.1700512335&ga_sid=1700512335&ga_hid=911902459&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079629%2C31078301%2C44807764%2C44808149%2C44808285%2C44809053&oid=2&pvsid=1751689554796356&tmod=962098543&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=445
Frame ID: 566BAECA52738A920F058301BF76FD98
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7437598866529614&output=html&h=600&slotname=8642003316&adk=2244860935&adf=2783646740&pi=t.ma~as.8642003316&w=300&fwrn=4&fwrnh=100&lmt=1700512334&rafmt=1&format=300x600&url=https%3A%2F%2Ffreeinvaders.org%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700512334359&bpp=2&bdt=526&idt=455&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1935581822378&frm=20&pv=1&ga_vid=1558642952.1700512335&ga_sid=1700512335&ga_hid=911902459&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=5&ady=300&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079629%2C31078301%2C44807764%2C44808149%2C44808285%2C44809053&oid=2&pvsid=1751689554796356&tmod=962098543&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfoE%7C&abl=CF&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=459
Frame ID: A0C2455762F016DC5107F2B62893A883
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7437598866529614&output=html&h=600&slotname=6441724690&adk=3795804311&adf=3224686418&pi=t.ma~as.6441724690&w=300&fwrn=4&fwrnh=100&lmt=1700512334&rafmt=1&format=300x600&url=https%3A%2F%2Ffreeinvaders.org%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700512334361&bpp=1&bdt=528&idt=465&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600&nras=1&correlator=1935581822378&frm=20&pv=1&ga_vid=1558642952.1700512335&ga_sid=1700512335&ga_hid=911902459&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1295&ady=300&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079629%2C31078301%2C44807764%2C44808149%2C44808285%2C44809053&oid=2&pvsid=1751689554796356&tmod=962098543&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfoE%7C&abl=CF&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=467
Frame ID: 0F0522383B113B210EBFB450FA271E5C
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMGuFBCz0J0CGIamv-YBMAE&v=APEucNVElNb2JefbaSEcai8KRKChu8o7hSDloNii5DmCKa2mpBkU4RCZE09ufvyGJFpp-XGh0QBvjKmOW-2gp214ywJbGBr7hvZyIe4P_wN-Ab_VY-2FBep8nJaoSbk07GeSdrT47eA9qFkrXeT6Hh1aGDDnY0uV_7fkGJdXYsLoiBPD4YLRz9I
Frame ID: A610079C5A19CCADC33BA058B381088E
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMGuFBCz0J0CGIamv-YBMAE&v=APEucNXUXAHudpLHsCv_m3RDa9LBJf4A-FH2whgreOPO2ph48VC-NafAIzP6KNLHGbtcuViSFqxj_P09SABH73o78_mwdPXQtsKKP3TQMdzDSD8tE2ROohzsHp6rKEpWnX2apbvXn3WEee3KkcXk49VOMqB-moGldStwuavoIFMo7o0eeqK1Brw
Frame ID: DC494AB00C8677C02A95F406FBBF504D
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 81BC96326A14A3AE8F438A322C7C5AF0
Requests: 6 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 21FFD145204FD1430229DE77DC1D4924
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: E4A8959184261EC8EA8D529007E337EB
Requests: 3 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: E474D500E3236F83FE112A106A5558C3
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Yf5BzeG23wDzTlqXlXQekm6IYbjoDTlv95nUi6zaUwA.js
Frame ID: 3519AE4E92F2C1A82457B05784B0A200
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 05347527C01DFAA78FC7F664EF7BA8FB
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 0156565C26BCF85A3FF0C99DC3D2D621
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Free Invaders

Page URL History Show full URLs

http://freeinvaders.org/ HTTP 301
https://freeinvaders.org/ Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Page Statistics

102
Requests

92 %
HTTPS

55 %
IPv6

15
Domains

20
Subdomains

21
IPs

3
Countries

2315 kB
Transfer

6941 kB
Size

10
Cookies

21 Outgoing links

These are links going to different origins than the main page.

URL: https://freepacman.org/

Search URL Search Domain Scan URL

URL: https://happyhopper.org/

Search URL Search Domain Scan URL

URL: https://freepong.org/

Search URL Search Domain Scan URL

URL: https://freeasteroids.org/

Search URL Search Domain Scan URL

URL: https://freejetpac.org/

Search URL Search Domain Scan URL

URL: https://freekong.org/

Search URL Search Domain Scan URL

URL: https://freeflappybird.org/

Search URL Search Domain Scan URL

URL: https://freefishy.org/

Search URL Search Domain Scan URL

URL: https://freewordle.org/
Title: Wordle

Search URL Search Domain Scan URL

URL: https://freemahjong.org/
Title: Mahjong

Search URL Search Domain Scan URL

URL: https://freesolitaire.org/
Title: Solitaire

Search URL Search Domain Scan URL

URL: https://freeminesweeper.org/
Title: Minesweeper

Search URL Search Domain Scan URL

URL: https://theempiregame.com/
Title: Empire

Search URL Search Domain Scan URL

URL: https://thebigfarmgame.com/
Title: Big Farm

Search URL Search Domain Scan URL

URL: https://freesonic.org/
Title: Sonic

Search URL Search Domain Scan URL

URL: https://freegalaga.com/
Title: Galaga

Search URL Search Domain Scan URL

URL: https://freeqbert.org/
Title: Qbert

Search URL Search Domain Scan URL

URL: https://freetennis.org/
Title: Tennis

Search URL Search Domain Scan URL

URL: https://freesimon.org/
Title: Simon

Search URL Search Domain Scan URL

URL: https://freevideogames.org/privacy.html
Title: Privacy

Search URL Search Domain Scan URL

URL: https://freevideogames.org/copyright.html
Title: Copyright

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://freeinvaders.org/ HTTP 301
https://freeinvaders.org/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 40

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ2IzohltH78Oz8CZFP5NqA&google_cver=1

Request Chain 41

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZVvCUK7kgzlAQie3NGtuJAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ2IzohltH78Oz8CZFP5NqA&google_cver=1

Request Chain 42

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEFmQYCpvjb0Tgk-geBsVIFA&google_cver=1

Request Chain 43

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODMxODkxMzYzNjc5MDU1MDIz

Request Chain 61

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ2IzohltH78Oz8CZFP5NqA&google_cver=1

Request Chain 62

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZVvCUK7kgzlAQie3NGtuJAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ2IzohltH78Oz8CZFP5NqA&google_cver=1

Request Chain 63

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEFmQYCpvjb0Tgk-geBsVIFA&google_cver=1

Request Chain 64

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODMxODkxMzYzNjc5MDU1MDIz

102 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
freeinvaders.org/
Redirect Chain

http://freeinvaders.org/
https://freeinvaders.org/

12 KB
3 KB

98ms
62ms

Document
text/html

62.212.95.32
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://freeinvaders.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 62.212.95.32 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: host.eugamesvps.com
Software: nginx /
Resource Hash: 1a9cb7e4e6b3622fb41a158d4b05d21744c8ddf3cb63e34ba53d352879867530

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 20 Nov 2023 20:32:13 GMT
server: nginx

Redirect headers

Connection: keep-alive
Content-Length: 232
Content-Type: text/html; charset=iso-8859-1
Date: Mon, 20 Nov 2023 20:32:13 GMT
Location: https://freeinvaders.org
Server: nginx

GET
H2 200 ruffle.js Show response
turbo.freevideogames.org/includes/js/flash-emulator/ 66 KB
19 KB 126ms
30ms Script
application/javascript 143.204.215.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://turbo.freevideogames.org/includes/js/flash-emulator/ruffle.js
Requested by: Host: freeinvaders.org
URL: https://freeinvaders.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-105.fra53.r.cloudfront.net
Software: nginx /
Resource Hash: b8eb8a4b05307e44f4c0dd10e2f2d380dcd36ebf59dbe9e320ae3a9a67b6d0f8

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freeinvaders.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 09:11:18 GMT
content-encoding: br
via: 1.1 78c402b74e65ae12b398b6b957ab229e.cloudfront.net (CloudFront)
last-modified: Sat, 04 Feb 2023 21:30:18 GMT
server: nginx
x-amz-cf-pop: FRA53-C1
age: 40884
etag: W/"63dece6a-10829"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400, public
x-amz-cf-id: vdDXR1Epq4s4pfaKGxdiff1K8zvKGY6aBMss7EJKhpb7r0jiTzv7zQ==

GET
H2 200 core.ruffle.5e850f90e6e2fab0bb54.js Show response
turbo.freevideogames.org/includes/js/flash-emulator/ 35 KB
12 KB 121ms
26ms Script
application/javascript 143.204.215.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://turbo.freevideogames.org/includes/js/flash-emulator/core.ruffle.5e850f90e6e2fab0bb54.js
Requested by: Host: freeinvaders.org
URL: https://freeinvaders.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-105.fra53.r.cloudfront.net
Software: nginx /
Resource Hash: cb3e4e7620280612e296993311f7ca65618a6a05ad9e28c56192cfc3d5e0e18e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freeinvaders.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 11:02:59 GMT
content-encoding: br
via: 1.1 78c402b74e65ae12b398b6b957ab229e.cloudfront.net (CloudFront)
last-modified: Sat, 04 Feb 2023 21:30:13 GMT
server: nginx
x-amz-cf-pop: FRA53-C1
age: 34413
etag: W/"63dece65-8ad8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400, public
x-amz-cf-id: Y7Pk1Lgp4kLRBYDZWYVaxt20bp1ItTv7oKVhUwixewqNEPcWyc2uEg==

GET
H2 200 cbe7657b7dc9d70da5a6.module.wasm
turbo.freevideogames.org/includes/js/flash-emulator/ 4 MB
1 MB 128ms
26ms Other
application/wasm 143.204.215.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://turbo.freevideogames.org/includes/js/flash-emulator/cbe7657b7dc9d70da5a6.module.wasm
Requested by: Host: freeinvaders.org
URL: https://freeinvaders.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-105.fra53.r.cloudfront.net
Software: nginx /
Resource Hash: 70aaea7036c0d39c74857c634efddb40a053986fb164448d1408ace800e5db56

Request headers

Referer: https://freeinvaders.org/
Origin: https://freeinvaders.org
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 14:16:53 GMT
content-encoding: br
via: 1.1 fc7091924e65025d5bfb92361ec3e660.cloudfront.net (CloudFront)
last-modified: Sat, 04 Feb 2023 21:30:17 GMT
server: nginx
x-amz-cf-pop: FRA53-C1
age: 1750520
etag: W/"63dece69-3d1ffc"
access-control-allow-methods: GET
content-type: application/wasm
access-control-allow-origin: *
x-cache: Hit from cloudfront
cache-control: max-age=2592000, public
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, API-Key, Authorization, X-Test
x-amz-cf-id: IqU2qfsepnvJsgt9f-PpZSBBJhljS6SUkfgCWvdjE_5RY9lRwTWcCw==

GET
H2 200 joystick-150-coffee.gif
turbo.freevideogames.org/core-images/preloaders/ 26 KB
27 KB 27ms
27ms Image
image/gif 143.204.215.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://turbo.freevideogames.org/core-images/preloaders/joystick-150-coffee.gif
Requested by: Host: freeinvaders.org
URL: https://freeinvaders.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-105.fra53.r.cloudfront.net
Software: nginx /
Resource Hash: 0825718379f6291527eecb7e537b77731565ef22a7d765ccab6b5f3b84f1aefe

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freeinvaders.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 05:59:26 GMT
via: 1.1 78c402b74e65ae12b398b6b957ab229e.cloudfront.net (CloudFront)
last-modified: Sat, 04 Feb 2023 21:29:51 GMT
server: nginx
x-amz-cf-pop: FRA53-C1
age: 225167
etag: "63dece4f-69f8"
x-cache: Hit from cloudfront
content-type: image/gif
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 27128
x-amz-cf-id: MN6cQ0IkR3Rs7hZQquxG-xsGkK8pHQ4y2GzmIEgYC8jnvZjoRotfhw==

GET
H2 200 core-game-site.css
turbo.freevideogames.org/includes/css/ 2 KB
1 KB 133ms
40ms Stylesheet
text/css 143.204.215.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://turbo.freevideogames.org/includes/css/core-game-site.css
Requested by: Host: freeinvaders.org
URL: https://freeinvaders.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-105.fra53.r.cloudfront.net
Software: nginx /
Resource Hash: 826a7756a221800c8fd01a0020f6d30fa55094508824e5ae2655607da9ac11c8

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freeinvaders.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 09:49:06 GMT
content-encoding: gzip
via: 1.1 78c402b74e65ae12b398b6b957ab229e.cloudfront.net (CloudFront)
last-modified: Thu, 09 Feb 2023 08:06:17 GMT
server: nginx
x-amz-cf-pop: FRA53-C1
age: 38633
etag: W/"63e4a979-930"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
cache-control: max-age=86400, public
x-amz-cf-id: IX-d2bJ3OyamFSf0WNoFOdbGzzLqWutvEcoPQx9mI-hrY5wpduvEMA==

GET
H2 200 side-navigation.css
turbo.freevideogames.org/includes/css/ 5 KB
2 KB 116ms
23ms Stylesheet
text/css 143.204.215.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://turbo.freevideogames.org/includes/css/side-navigation.css
Requested by: Host: freeinvaders.org
URL: https://freeinvaders.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-105.fra53.r.cloudfront.net
Software: nginx /
Resource Hash: 379d8ccba85a4bcb915732fc38f0ebad3dffee33bd491ca3ccd596e2b409fa96

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freeinvaders.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 08:00:23 GMT
content-encoding: br
via: 1.1 78c402b74e65ae12b398b6b957ab229e.cloudfront.net (CloudFront)
last-modified: Thu, 09 Feb 2023 08:09:23 GMT
server: nginx
x-amz-cf-pop: FRA53-C1
age: 45137
etag: W/"63e4aa33-147d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
cache-control: max-age=86400, public
x-amz-cf-id: fCX3b5MWz942huvD6QL_CtKQqiR4gXqFK93n9qr3MBawOrNEDE2Z5A==

GET
H2 200 space-invaders.css
turbo.freevideogames.org/includes/css/ 921 B
793 B 116ms
24ms Stylesheet
text/css 143.204.215.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://turbo.freevideogames.org/includes/css/space-invaders.css
Requested by: Host: freeinvaders.org
URL: https://freeinvaders.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-105.fra53.r.cloudfront.net
Software: nginx /
Resource Hash: 666b884f4fb206c53ff09d031aa01ceaa7f93aa9771829f805a52141c7231946

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freeinvaders.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 10:04:09 GMT
content-encoding: gzip
via: 1.1 78c402b74e65ae12b398b6b957ab229e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 37684
x-cache: Hit from cloudfront
content-length: 397
last-modified: Thu, 09 Feb 2023 08:10:06 GMT
server: nginx
x-accel-version: 0.01
etag: "399-5f43fe89f0acf-gzip"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=86400, public
accept-ranges: bytes
x-amz-cf-id: zcbqYe-eC9C7dPRb9Te6VGOLp1XiCsJfE4Y9q3RQLPq6WHeyn0yuMQ==

GET
H2 200 css2
fonts.googleapis.com/ 3 KB
1 KB 82ms
29ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Open+Sans&display=swap

Requested by

Host: freeinvaders.org
URL: https://freeinvaders.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fa1af1cbf201b91b7b02cc4531ded17078f035ca5daec87e9767ca7edb4b3328

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freeinvaders.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 20 Nov 2023 20:32:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 20 Nov 2023 20:31:05 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 20 Nov 2023 20:32:13 GMT

GET
H2 200 core-game-site.js Show response
turbo.freevideogames.org/includes/js/ 2 KB
942 B 117ms
27ms Script
application/javascript 143.204.215.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://turbo.freevideogames.org/includes/js/core-game-site.js
Requested by: Host: freeinvaders.org
URL: https://freeinvaders.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-105.fra53.r.cloudfront.net
Software: nginx /
Resource Hash: 649c094eb6461a9878a8b3829feab05b79ed377cb1b013d78821f73137bb1032

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freeinvaders.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 08:17:46 GMT
content-encoding: br
via: 1.1 78c402b74e65ae12b398b6b957ab229e.cloudfront.net (CloudFront)
last-modified: Sat, 04 Feb 2023 21:30:11 GMT
server: nginx
x-amz-cf-pop: FRA53-C1
age: 44070
etag: W/"63dece63-6de"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400, public
x-amz-cf-id: DGMjirShn1PUbil_bQ-VHyl_V-Vph8DvMnIYyOmU9YsDbwhDLK8llA==

GET
H2 200 screenfull.min.js Show response
turbo.freevideogames.org/includes/js/ 2 KB
1 KB 117ms
28ms Script
application/javascript 143.204.215.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://turbo.freevideogames.org/includes/js/screenfull.min.js
Requested by: Host: freeinvaders.org
URL: https://freeinvaders.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-105.fra53.r.cloudfront.net
Software: nginx /
Resource Hash: 6e437f29404be18f3b897841069656b93d962cb0f8834a2127a0d7d6c34e8801

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freeinvaders.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 08:00:23 GMT
content-encoding: br
via: 1.1 78c402b74e65ae12b398b6b957ab229e.cloudfront.net (CloudFront)
last-modified: Sat, 04 Feb 2023 21:30:21 GMT
server: nginx
x-amz-cf-pop: FRA53-C1
age: 45137
etag: W/"63dece6d-8ac"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400, public
x-amz-cf-id: RGGgKpqhSSC-fu2JTgM0DD3MlhJpf04em0R-oSNMuVS3D7kv2vqgXA==

GET
H2 200 script.js Show response
plausible.io/js/ 1 KB
1 KB 397ms
35ms Script
application/javascript 169.150.247.37
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://plausible.io/js/script.js

Requested by

Host: freeinvaders.org
URL: https://freeinvaders.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

169.150.247.37 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

169-150-247-37.bunnyinfra.net

Software

BunnyCDN-DE1-1080 /

Resource Hash

021f0fd27042b279a49e982215c6dc3c3ab84e95b35553a119dfdbd50af6be94

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freeinvaders.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 20:32:14 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 1081
cdn-cachedat: 11/20/2023 13:41:14
cdn-pullzone: 682664
cross-origin-resource-policy: cross-origin
application: 10.0.0.3
alt-svc: h3=":443"; ma=2592000
server: BunnyCDN-DE1-1080
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 153cb5b1-399a-48ef-b5bf-098c03770254
cache-control: public, must-revalidate, max-age=86400
permissions-policy: interest-cohort=()
cdn-requestid: b98496b1b8e9b3bd84c1a6b126f286cc
cdn-requestcountrycode: NL
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 full-screen-game-icon-40.png
turbo.freevideogames.org/core-images/ 2 KB
3 KB 24ms
23ms Image
image/png 143.204.215.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://turbo.freevideogames.org/core-images/full-screen-game-icon-40.png
Requested by: Host: freeinvaders.org
URL: https://freeinvaders.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-105.fra53.r.cloudfront.net
Software: nginx /
Resource Hash: f7bed3cfc538630a135869b12023a6f52035ce9cabc53e7c11c4f5214db4c24b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freeinvaders.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 07:14:43 GMT
via: 1.1 78c402b74e65ae12b398b6b957ab229e.cloudfront.net (CloudFront)
last-modified: Sat, 04 Feb 2023 21:29:40 GMT
server: nginx
x-amz-cf-pop: FRA53-C1
age: 220650
etag: "63dece44-9e9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 2537
x-amz-cf-id: lRYJeqmnMdIrZ4JKrlMw7jZoqUcxo8YLIZjAaeNVXvbtNRo7SjuBjg==

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 150 KB
52 KB 255ms
73ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7437598866529614

Requested by

Host: freeinvaders.org
URL: https://freeinvaders.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e5c7f71548bd918ef86f55f44cc4f6c5a8aa67e26934f525c41975b8391194a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://freeinvaders.org/
Origin: https://freeinvaders.org
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 20:32:14 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52719
x-xss-protection: 0
server: cafe
etag: 10396683162899020404
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 20 Nov 2023 20:32:14 GMT

GET
H2 200 quant.js Show response
secure.quantserve.com/ 21 KB
9 KB 751ms
49ms Script
application/javascript 2620:116:800d:21:e365:4988:e8a7:3270
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: freeinvaders.org
URL: https://freeinvaders.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:e365:4988:e8a7:3270 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 77daa4388c965a3e23b5a6c800727d8025ab108f89cf5679e79136986d5b4561

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freeinvaders.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 20:32:14 GMT
content-encoding: gzip
etag: "e23JaXq4HVtlOmThpFhluQ=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Mon, 27 Nov 2023 20:32:14 GMT

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v36/ 18 KB
19 KB 532ms
317ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v36/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

441e23601fe7525a142857c98cbb2784997579d51a17f736d7964dceee609709

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://freeinvaders.org
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 01:43:43 GMT
x-content-type-options: nosniff
age: 240511
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18664
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 01:36:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 17 Nov 2024 01:43:43 GMT

GET
H2 200 pacman-game-logo-180.png
turbo.freevideogames.org/core-images/menu/ 17 KB
17 KB 28ms
25ms Image
image/png 143.204.215.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://turbo.freevideogames.org/core-images/menu/pacman-game-logo-180.png
Requested by: Host: freeinvaders.org
URL: https://freeinvaders.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-105.fra53.r.cloudfront.net
Software: nginx /
Resource Hash: a2e0a32677080d6ca33ca1507c1a778c6bf10603789dd38c7c6ff3e411c1ed65

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freeinvaders.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 14:16:18 GMT
via: 1.1 78c402b74e65ae12b398b6b957ab229e.cloudfront.net (CloudFront)
last-modified: Sat, 04 Feb 2023 21:29:46 GMT
server: nginx
x-amz-cf-pop: FRA53-C1
age: 475476
etag: "63dece4a-43d5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 17365
x-amz-cf-id: 3F2n9P9JzeKkVMIXfnmSfeARWpYcgFtVvSqNj0JPpsOn8NBFtYyV9w==

GET
H2 200 frogger-game-logo-180.png
turbo.freevideogames.org/core-images/menu/ 13 KB
13 KB 30ms
28ms Image
image/png 143.204.215.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://turbo.freevideogames.org/core-images/menu/frogger-game-logo-180.png
Requested by: Host: freeinvaders.org
URL: https://freeinvaders.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-105.fra53.r.cloudfront.net
Software: nginx /
Resource Hash: b8a8fc20889cb16f01ba57c6f6e95b21dd73823ca2a6b960541cd9ca414d4481

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freeinvaders.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 04:26:09 GMT
via: 1.1 78c402b74e65ae12b398b6b957ab229e.cloudfront.net (CloudFront)
last-modified: Sat, 04 Feb 2023 21:29:42 GMT
server: nginx
x-amz-cf-pop: FRA53-C1
age: 144447
etag: "63dece46-32b5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 12981
x-amz-cf-id: WcfE_64OjCkmTxfGccnuLfCmU2kC8zZ04Wium2R0547Y-EBsdNN3AA==

GET
H2 200 pong-game-logo-180.png
turbo.freevideogames.org/core-images/menu/ 9 KB
9 KB 32ms
31ms Image
image/png 143.204.215.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://turbo.freevideogames.org/core-images/menu/pong-game-logo-180.png
Requested by: Host: freeinvaders.org
URL: https://freeinvaders.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-105.fra53.r.cloudfront.net
Software: nginx /
Resource Hash: 7e7aef2060d698f0a2901b57ab78d2cd6c40d14c43c27a74944b564a10e7b915

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freeinvaders.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 04:17:57 GMT
via: 1.1 78c402b74e65ae12b398b6b957ab229e.cloudfront.net (CloudFront)
last-modified: Sat, 04 Feb 2023 21:29:46 GMT
server: nginx
x-amz-cf-pop: FRA53-C1
age: 144999
etag: "63dece4a-23d9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 9177
x-amz-cf-id: gNHOC5V-3v-srNvS1-Qra99sopnAFPBMExsX6sYgYsW1pNleHWk0Dw==

GET
H2 200 asteroids-game-logo-180.png
turbo.freevideogames.org/core-images/menu/ 13 KB
14 KB 35ms
33ms Image
image/png 143.204.215.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://turbo.freevideogames.org/core-images/menu/asteroids-game-logo-180.png
Requested by: Host: freeinvaders.org
URL: https://freeinvaders.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-105.fra53.r.cloudfront.net
Software: nginx /
Resource Hash: b9fcd8385754d1e77f9056225393eeff588c13ebb1d029512be01ab2691f79db

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freeinvaders.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 15:33:08 GMT
via: 1.1 78c402b74e65ae12b398b6b957ab229e.cloudfront.net (CloudFront)
last-modified: Sat, 04 Feb 2023 21:29:42 GMT
server: nginx
x-amz-cf-pop: FRA53-C1
age: 536346
etag: "63dece46-3597"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 13719
x-amz-cf-id: EF3HArGfW1B2uzAN1ilmY8_VrCyGLID8708H7pNf3xdC0NRM30hFwg==

GET
H2 200 jetpac-game-logo-180.png
turbo.freevideogames.org/core-images/menu/ 18 KB
18 KB 38ms
37ms Image
image/png 143.204.215.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://turbo.freevideogames.org/core-images/menu/jetpac-game-logo-180.png
Requested by: Host: freeinvaders.org
URL: https://freeinvaders.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-105.fra53.r.cloudfront.net
Software: nginx /
Resource Hash: 57b026f050c06b692a8ace1022d5fcba16e334909ee8505479463e6845e63dfd

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freeinvaders.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 07:59:55 GMT
via: 1.1 78c402b74e65ae12b398b6b957ab229e.cloudfront.net (CloudFront)
last-modified: Sat, 04 Feb 2023 21:29:44 GMT
server: nginx
x-amz-cf-pop: FRA53-C1
age: 131716
etag: "63dece48-47f4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 18420
x-amz-cf-id: NfDz6-iM6fTwmwfNhfKoo4PE1IbmtyAW3jpAiLUDAn59JLDem25NaA==

GET
H2 200 donkey-kong-game-logo-180.png
turbo.freevideogames.org/core-images/menu/ 24 KB
24 KB 42ms
41ms Image
image/png 143.204.215.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://turbo.freevideogames.org/core-images/menu/donkey-kong-game-logo-180.png
Requested by: Host: freeinvaders.org
URL: https://freeinvaders.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-105.fra53.r.cloudfront.net
Software: nginx /
Resource Hash: bb1b26d0f69989cd4e4be36debf168dbba3235fe46d2bbac58530cd2f46f676c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freeinvaders.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 10:53:04 GMT
via: 1.1 78c402b74e65ae12b398b6b957ab229e.cloudfront.net (CloudFront)
last-modified: Sat, 04 Feb 2023 21:29:42 GMT
server: nginx
x-amz-cf-pop: FRA53-C1
age: 207550
etag: "63dece46-5fa0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 24480
x-amz-cf-id: Q_Jxuk5bjkrY9ym2NQG0HUBxXbXfVOED_H-F99W8FxXE-pRnNr1k5Q==

GET
H2 200 flappy-bird-game-logo-180.png
turbo.freevideogames.org/core-images/menu/ 19 KB
19 KB 66ms
65ms Image
image/png 143.204.215.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://turbo.freevideogames.org/core-images/menu/flappy-bird-game-logo-180.png
Requested by: Host: freeinvaders.org
URL: https://freeinvaders.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-105.fra53.r.cloudfront.net
Software: nginx /
Resource Hash: 1c3cffef6d2de3a2a6563cd1507dda400a80ac4e12559f7d8d9ac3efd454ddb9

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freeinvaders.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 09:04:58 GMT
via: 1.1 78c402b74e65ae12b398b6b957ab229e.cloudfront.net (CloudFront)
last-modified: Sat, 04 Feb 2023 21:29:42 GMT
server: nginx
x-amz-cf-pop: FRA53-C1
age: 214036
etag: "63dece46-4a4e"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 19022
x-amz-cf-id: dlT7Q67SQt_7Z5y9DeD5PfW63ADE4MMErnsdPLMug8_u1xR-rn64tA==

GET
H2 200 fishy-game-logo-180.png
turbo.freevideogames.org/core-images/menu/ 5 KB
6 KB 66ms
66ms Image
image/png 143.204.215.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://turbo.freevideogames.org/core-images/menu/fishy-game-logo-180.png
Requested by: Host: freeinvaders.org
URL: https://freeinvaders.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-105.fra53.r.cloudfront.net
Software: nginx /
Resource Hash: 1fb8b060d7990d2753821dec588ee908183914bf5ea3a5d75f79bc0f4273f28e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freeinvaders.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 14:13:47 GMT
via: 1.1 78c402b74e65ae12b398b6b957ab229e.cloudfront.net (CloudFront)
last-modified: Sat, 04 Feb 2023 21:29:42 GMT
server: nginx
x-amz-cf-pop: FRA53-C1
age: 281907
etag: "63dece46-1570"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 5488
x-amz-cf-id: C1swpkq-Xm8UW96rLEI_9MJcKO3edHb5vhebIWBeoU55HsnsZ2gRaQ==

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/ 400 KB
135 KB 131ms
87ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7437598866529614&plah=freeinvaders.org

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7437598866529614

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8bf29153d5726d30829d9015e2809584d27357271d06eec6d7d6f50b30b1630a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freeinvaders.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 20:32:14 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138526
x-xss-protection: 0
server: cafe
etag: 8286798992872563215
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 20 Nov 2023 20:32:14 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/ Frame 6542 9 KB
4 KB 367ms
22ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7437598866529614

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://freeinvaders.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 81294
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4118
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 19 Nov 2023 21:57:20 GMT
etag: 16674218716276178799
expires: Sun, 03 Dec 2023 21:57:20 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 202 event Show response
plausible.io/api/ 2 B
500 B 180ms
83ms XHR
text/plain 2400:52e0:1e00::1082:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://plausible.io/api/event
Requested by: Host: plausible.io
URL: https://plausible.io/js/script.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1082:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1082 /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://freeinvaders.org/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 20 Nov 2023 20:32:14 GMT
cdn-edgestorageid: 1082
cdn-cachedat: 11/20/2023 20:32:14
cdn-pullzone: 682664
application: 10.0.1.5
alt-svc: h3=":443"; ma=2592000
content-length: 2
x-request-id: F5lu9WG7tInoeeQbmdAC
server: BunnyCDN-DE1-1082
cdn-proxyver: 1.04
cdn-requestpullcode: 202
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cdn-uid: 153cb5b1-399a-48ef-b5bf-098c03770254
cache-control: must-revalidate, max-age=0, private
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
cdn-requestid: a160731f0d9c820f6192e1e16355ae95
cdn-requestcountrycode: NL
cdn-requestpullsuccess: True

GET
H2 200 ruffle.js Show response
turbo.freevideogames.org/includes/js/flash-emulator/ Frame 6542 66 KB
19 KB 25ms
25ms Script
application/javascript 143.204.215.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://turbo.freevideogames.org/includes/js/flash-emulator/ruffle.js
Requested by: Host: turbo.freevideogames.org
URL: https://turbo.freevideogames.org/includes/js/flash-emulator/ruffle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-105.fra53.r.cloudfront.net
Software: nginx /
Resource Hash: b8eb8a4b05307e44f4c0dd10e2f2d380dcd36ebf59dbe9e320ae3a9a67b6d0f8

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 09:11:18 GMT
content-encoding: br
via: 1.1 78c402b74e65ae12b398b6b957ab229e.cloudfront.net (CloudFront)
last-modified: Sat, 04 Feb 2023 21:30:18 GMT
server: nginx
x-amz-cf-pop: FRA53-C1
age: 40885
etag: W/"63dece6a-10829"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400, public
x-amz-cf-id: bVBwXGzSW-t6EvCNURrTAxxpuyM-6urRj60DDrJJ54QCgzC0h0oPaQ==

GET
H2 200 rules-p-dcDW296DRz9Bc.js Show response
rules.quantcount.com/ 160 B
641 B 114ms
22ms Script
application/javascript 2600:9000:223c:c00:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-dcDW296DRz9Bc.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:c00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9edb8a16c38ee2bbd3dbdbdfef2db96af6ea95fba3669c5ca6e5740ef0efdaf2

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freeinvaders.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 20:04:57 GMT
via: 1.1 b9d2ce196c8a711fb15d92175d58476e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 1736
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 160
last-modified: Fri, 14 Oct 2022 00:21:04 GMT
server: AmazonS3
etag: "bc33be8c08e7f651d56cf30735a00c7c"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: _J1ovl0_ljOsq90QTY1ckZzc4ptyQH6CZTmsJHsIOaFHs5GELm8uhQ==

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 566B 189 KB
52 KB 876ms
875ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7437598866529614&output=html&adk=1812271804&adf=3025194257&lmt=1700512334&plat=1%3A16777216%2C2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Ffreeinvaders.org%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700512334357&bpp=2&bdt=524&idt=426&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1935581822378&frm=20&pv=2&ga_vid=1558642952.1700512335&ga_sid=1700512335&ga_hid=911902459&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079629%2C31078301%2C44807764%2C44808149%2C44808285%2C44809053&oid=2&pvsid=1751689554796356&tmod=962098543&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=445

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7437598866529614&plah=freeinvaders.org

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0d02fa8af36993e180e467f2170738c4f6f4daae8d3aa6b793db0e80fb71c24b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://freeinvaders.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 53218
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 20 Nov 2023 20:32:15 GMT
expires: Mon, 20 Nov 2023 20:32:15 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 64ms
64ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&id=full-page-container&ign=false&pw=1600&ph=1200&x=0&y=1060.8

Requested by

Host: freeinvaders.org
URL: https://freeinvaders.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freeinvaders.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Nov 2023 20:32:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 63ms
62ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&id=side-navigation&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: freeinvaders.org
URL: https://freeinvaders.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freeinvaders.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Nov 2023 20:32:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A0C2 93 KB
43 KB 1338ms
1338ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7437598866529614&output=html&h=600&slotname=8642003316&adk=2244860935&adf=2783646740&pi=t.ma~as.8642003316&w=300&fwrn=4&fwrnh=100&lmt=1700512334&rafmt=1&format=300x600&url=https%3A%2F%2Ffreeinvaders.org%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700512334359&bpp=2&bdt=526&idt=455&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1935581822378&frm=20&pv=1&ga_vid=1558642952.1700512335&ga_sid=1700512335&ga_hid=911902459&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=5&ady=300&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079629%2C31078301%2C44807764%2C44808149%2C44808285%2C44809053&oid=2&pvsid=1751689554796356&tmod=962098543&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfoE%7C&abl=CF&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=459

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4b862d058ccd28c2d10b6696f6bceb8682ddace5d9f129681bc3e355fb4c77db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://freeinvaders.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 43567
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 20 Nov 2023 20:32:16 GMT
expires: Mon, 20 Nov 2023 20:32:16 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0F05 93 KB
43 KB 1492ms
1492ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7437598866529614&output=html&h=600&slotname=6441724690&adk=3795804311&adf=3224686418&pi=t.ma~as.6441724690&w=300&fwrn=4&fwrnh=100&lmt=1700512334&rafmt=1&format=300x600&url=https%3A%2F%2Ffreeinvaders.org%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700512334361&bpp=1&bdt=528&idt=465&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600&nras=1&correlator=1935581822378&frm=20&pv=1&ga_vid=1558642952.1700512335&ga_sid=1700512335&ga_hid=911902459&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1295&ady=300&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079629%2C31078301%2C44807764%2C44808149%2C44808285%2C44809053&oid=2&pvsid=1751689554796356&tmod=962098543&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfoE%7C&abl=CF&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=467

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4ebd2847b4a8130f4955fbbcb921a9b97981dc6f574bf2d64e6626f5061f3e39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://freeinvaders.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 43529
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 20 Nov 2023 20:32:16 GMT
expires: Mon, 20 Nov 2023 20:32:16 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pixel;r=1496233567;rf=0;a=p-dcDW296DRz9Bc;url=https%3A%2F%2Ffreeinvaders.org%2F;uht=2;fpan=1;fpa=P0-1535856597-1700512334775;pbc=;ns=0;ce=1;qjs=1;qv=6076e8c2-20231114150359;cm=;gdpr=0;ref=;d=freein...
pixel.quantserve.com/ 35 B
371 B 271ms
253ms Image
image/gif 2620:116:800d:21:e365:4988:e8a7:3270
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=1496233567;rf=0;a=p-dcDW296DRz9Bc;url=https%3A%2F%2Ffreeinvaders.org%2F;uht=2;fpan=1;fpa=P0-1535856597-1700512334775;pbc=;ns=0;ce=1;qjs=1;qv=6076e8c2-20231114150359;cm=;gdpr=0;ref=;d=freeinvaders.org;dst=1;et=1700512334893;tzo=-60;ogl=type.website%2Curl.https%3A%2F%2Ffreeinvaders%252Eorg%2Csite_name.FreeInvaders%252Eorg%2Ctitle.Free%20Invaders%2Cdescription.Play%20the%20classic%20Space%20Invaders%20game%20online%252E%20No%20fuss%252E%20100%25%20free%252E%2Cimage.https%3A%2F%2Ffreeinvaders%252Eorg%2Fimages%2Fspace-invaders-game-card%252Epng;ses=c0e2b5d5-c56a-4469-9185-f5288d76b2ca;mdl=

Requested by

Host: freeinvaders.org
URL: https://freeinvaders.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:e365:4988:e8a7:3270 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freeinvaders.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Nov 2023 20:32:14 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 ruffle.js Show response
turbo.freevideogames.org/includes/js/flash-emulator/ Frame 566B 66 KB
19 KB 23ms
22ms Script
application/javascript 143.204.215.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://turbo.freevideogames.org/includes/js/flash-emulator/ruffle.js
Requested by: Host: turbo.freevideogames.org
URL: https://turbo.freevideogames.org/includes/js/flash-emulator/ruffle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-105.fra53.r.cloudfront.net
Software: nginx /
Resource Hash: b8eb8a4b05307e44f4c0dd10e2f2d380dcd36ebf59dbe9e320ae3a9a67b6d0f8

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 09:11:18 GMT
content-encoding: br
via: 1.1 78c402b74e65ae12b398b6b957ab229e.cloudfront.net (CloudFront)
last-modified: Sat, 04 Feb 2023 21:30:18 GMT
server: nginx
x-amz-cf-pop: FRA53-C1
age: 40885
etag: W/"63dece6a-10829"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400, public
x-amz-cf-id: XgXBUYYRABmQF_t7J1qGAA1tJvqr6EWVwLnJQkhVklZ2bubsWJFv-Q==

GET
H2 200 ruffle.js Show response
turbo.freevideogames.org/includes/js/flash-emulator/ Frame A0C2 66 KB
19 KB 23ms
23ms Script
application/javascript 143.204.215.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://turbo.freevideogames.org/includes/js/flash-emulator/ruffle.js
Requested by: Host: turbo.freevideogames.org
URL: https://turbo.freevideogames.org/includes/js/flash-emulator/ruffle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-105.fra53.r.cloudfront.net
Software: nginx /
Resource Hash: b8eb8a4b05307e44f4c0dd10e2f2d380dcd36ebf59dbe9e320ae3a9a67b6d0f8

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 09:11:18 GMT
content-encoding: br
via: 1.1 78c402b74e65ae12b398b6b957ab229e.cloudfront.net (CloudFront)
last-modified: Sat, 04 Feb 2023 21:30:18 GMT
server: nginx
x-amz-cf-pop: FRA53-C1
age: 40885
etag: W/"63dece6a-10829"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400, public
x-amz-cf-id: mVzdET2b5pJL0lJlJ-6oa04jCUxK5HmP4BUa3JHqvnBB1BbAWnQAnQ==

GET
H2 200 ruffle.js Show response
turbo.freevideogames.org/includes/js/flash-emulator/ Frame 0F05 66 KB
19 KB 23ms
22ms Script
application/javascript 143.204.215.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://turbo.freevideogames.org/includes/js/flash-emulator/ruffle.js
Requested by: Host: turbo.freevideogames.org
URL: https://turbo.freevideogames.org/includes/js/flash-emulator/ruffle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-105.fra53.r.cloudfront.net
Software: nginx /
Resource Hash: b8eb8a4b05307e44f4c0dd10e2f2d380dcd36ebf59dbe9e320ae3a9a67b6d0f8

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 09:11:18 GMT
content-encoding: br
via: 1.1 78c402b74e65ae12b398b6b957ab229e.cloudfront.net (CloudFront)
last-modified: Sat, 04 Feb 2023 21:30:18 GMT
server: nginx
x-amz-cf-pop: FRA53-C1
age: 40885
etag: W/"63dece6a-10829"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400, public
x-amz-cf-id: ZZG6Iu7hptWwmhXQqXubiva_GhEGNg1yOQ5CUQN3wsxRHn_pIrt7Cw==

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/ 160 KB
55 KB 109ms
108ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f11d0c3495824f12218ddabf0f7465d2b8a71a30acdae8194d57b349a314025

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freeinvaders.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 20:32:16 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55796
x-xss-protection: 0
server: cafe
etag: 4569409320693822617
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 20 Nov 2023 20:32:16 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame A0C2 42 B
63 B 60ms
59ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DdSPGOpV4xDkJ8zanleAh4xb-RluSYOwxTVtlytlLIcfAER7r9OSfDQXpPJ9Oz9h3IIu-Xt9Aisqp-_yaS_yM7uDm2w6HzIDgFob_m5LkpexSdOWA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7437598866529614&output=html&h=600&slotname=8642003316&adk=2244860935&adf=2783646740&pi=t.ma~as.8642003316&w=300&fwrn=4&fwrnh=100&lmt=1700512334&rafmt=1&format=300x600&url=https%3A%2F%2Ffreeinvaders.org%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700512334359&bpp=2&bdt=526&idt=455&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1935581822378&frm=20&pv=1&ga_vid=1558642952.1700512335&ga_sid=1700512335&ga_hid=911902459&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=5&ady=300&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079629%2C31078301%2C44807764%2C44808149%2C44808285%2C44809053&oid=2&pvsid=1751689554796356&tmod=962098543&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfoE%7C&abl=CF&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=459

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Nov 2023 20:32:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame A610 624 B
246 B 64ms
63ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CMGuFBCz0J0CGIamv-YBMAE&v=APEucNVElNb2JefbaSEcai8KRKChu8o7hSDloNii5DmCKa2mpBkU4RCZE09ufvyGJFpp-XGh0QBvjKmOW-2gp214ywJbGBr7hvZyIe4P_wN-Ab_VY-2FBep8nJaoSbk07GeSdrT47eA9qFkrXeT6Hh1aGDDnY0uV_7fkGJdXYsLoiBPD4YLRz9I

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7437598866529614&output=html&h=600&slotname=8642003316&adk=2244860935&adf=2783646740&pi=t.ma~as.8642003316&w=300&fwrn=4&fwrnh=100&lmt=1700512334&rafmt=1&format=300x600&url=https%3A%2F%2Ffreeinvaders.org%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700512334359&bpp=2&bdt=526&idt=455&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1935581822378&frm=20&pv=1&ga_vid=1558642952.1700512335&ga_sid=1700512335&ga_hid=911902459&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=5&ady=300&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079629%2C31078301%2C44807764%2C44808149%2C44808285%2C44809053&oid=2&pvsid=1751689554796356&tmod=962098543&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfoE%7C&abl=CF&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=459
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 20 Nov 2023 20:32:16 GMT
expires: Mon, 20 Nov 2023 20:32:16 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame A610
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ2IzohltH78Oz8CZFP5NqA&google_cver=1

43 B
771 B

48ms
48ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ2IzohltH78Oz8CZFP5NqA&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMGuFBCz0J0CGIamv-YBMAE&v=APEucNVElNb2JefbaSEcai8KRKChu8o7hSDloNii5DmCKa2mpBkU4RCZE09ufvyGJFpp-XGh0QBvjKmOW-2gp214ywJbGBr7hvZyIe4P_wN-Ab_VY-2FBep8nJaoSbk07GeSdrT47eA9qFkrXeT6Hh1aGDDnY0uV_7fkGJdXYsLoiBPD4YLRz9I
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Nov 2023 20:32:16 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7Lc0NTeT%2F3rVnN7H%2BMGeJJ0Z3AIkbJsyMQzIayDSDxBQP5uui67e8gh1k%2BW5ODRnH2eI530B0jAd%2FL8Wp%2Bj%2FO8HRAgOso6d1NoyDeBYrSK3meIG9AFKYfwErP1JzoD6HdR9admMKiHeewA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 82937616cc770bab-AMS
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 20 Nov 2023 20:32:16 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ2IzohltH78Oz8CZFP5NqA&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame A610
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZVvCUK7kgzlAQie3NGtuJAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ2IzohltH78Oz8CZFP5NqA&google_cver=1

43 B
734 B

77ms
76ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ2IzohltH78Oz8CZFP5NqA&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMGuFBCz0J0CGIamv-YBMAE&v=APEucNVElNb2JefbaSEcai8KRKChu8o7hSDloNii5DmCKa2mpBkU4RCZE09ufvyGJFpp-XGh0QBvjKmOW-2gp214ywJbGBr7hvZyIe4P_wN-Ab_VY-2FBep8nJaoSbk07GeSdrT47eA9qFkrXeT6Hh1aGDDnY0uV_7fkGJdXYsLoiBPD4YLRz9I
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Nov 2023 20:32:16 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r%2FvK3mB3UNco9NaNcEjQ%2FkrgXZKM%2FXqth%2BRicW5P9IdpbHlwJyfhojW5Ca7ATbOQvr3I3KEvxm8S2TGJZPuC6d71wuiS7pEEcjdB2KQU2ztogmrjoJiKF3cMAXWcd4D2Y23e%2FRK1xLAVUA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 82937616fcc30bab-AMS
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 20 Nov 2023 20:32:16 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ2IzohltH78Oz8CZFP5NqA&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame A610
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEFmQYCpvjb0Tgk-geBsVIFA&google_cver=1

43 B
836 B

47ms
47ms

Image
image/gif

37.252.171.149
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEFmQYCpvjb0Tgk-geBsVIFA&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMGuFBCz0J0CGIamv-YBMAE&v=APEucNVElNb2JefbaSEcai8KRKChu8o7hSDloNii5DmCKa2mpBkU4RCZE09ufvyGJFpp-XGh0QBvjKmOW-2gp214ywJbGBr7hvZyIe4P_wN-Ab_VY-2FBep8nJaoSbk07GeSdrT47eA9qFkrXeT6Hh1aGDDnY0uV_7fkGJdXYsLoiBPD4YLRz9I

Protocol

Server

37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Nov 2023 20:32:16 GMT
an-x-request-uuid: 8ef44ba0-6197-4a81-8ee7-947c7650061a
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 95.211.95.232; 95.211.95.232; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 20 Nov 2023 20:32:16 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEFmQYCpvjb0Tgk-geBsVIFA&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame A610
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODMxODkxMzYzNjc5MDU1MDIz

170 B
243 B

39ms
39ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODMxODkxMzYzNjc5MDU1MDIz

Requested by

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Nov 2023 20:32:16 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 20 Nov 2023 20:32:16 GMT
an-x-request-uuid: c157ce4c-ad5a-4617-8e33-79694053a4e8
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODMxODkxMzYzNjc5MDU1MDIz
x-proxy-origin: 95.211.95.232; 95.211.95.232; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame A0C2 23 KB
9 KB 52ms
51ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 20:50:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85318
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9282
x-xss-protection: 0
server: cafe
etag: 14645652906762492339
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 03 Dec 2023 20:50:18 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame A0C2 7 KB
3 KB 52ms
51ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/omrhp_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 16:55:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12978
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3071
x-xss-protection: 0
server: cafe
etag: 10674441169935035545
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Dec 2023 16:55:58 GMT

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame A0C2 0
0 158ms
70ms Fetch
image/gif 142.250.186.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjsuAtVC1_fql3CXGSt74fWb_ALn5S3Q_kVz6aoj02bS_THDi3VhSZtvpW0AUCJVDikPD3fTE7af28-wDnwwwT4-Tiq36qoolcxc8mWiNKruk2NMvffjhZ0di6kXLBQvdvomJJGNWPKDJURYC5iexIthgRIo78EWc3ZMpRPT3-siSv3IDl2q595OLOhUzvkaAF2XxDjBPmyVrKBvDSKK7mTpqoF4ncwbJ4qhv5otgPLu9wwRic63QC5JqDkPG37W-VU8AwXUlbZNfCZ8iilAmdaMCd-ToDFIq1HFQIwADcbhxUxyi-e81xpNrf1whm239SHkJfnNNfJXnTqOe8k_GZv3NmNfStTirdISMYJpHrgguiIW03ZqXInBtrfUGlmQvPJbUCrHp7R1Xr7hV05sbnhGVYWL_V2KzLPc3kbKX_bZyYDseBw0FEgaS_v4G9kU7j3jSsUyKNCTYo8BfexPrRu8bSQmuSOdP_D_eqkw6ZmgcCVK3EQ_iRIgmnWsO8vRNud_XoEZspr3rEB9NTsXApFSyZz0hbrEtdZM7WS17WIn376N5VHHxFvWCS7rdUpR0A4J-f_uIwm8sBEWxrWrh8o45AeQ7j_dU9kZRdV8BV79eRRyrrmvyEiGH-uffgEBGB8CAEofYGxR_tIbv4YG42j61u4-9vs1CXUEOjMJMrYeo4DAdKZvr0cqVu0_7-y6-W_AYtiM_CkUB4YuuzFh4p1H_KMUIFoG-cCsxqLNk8rDwzM9CmQ3QHlwBkaqbrP1w2CDElSAzzDFpMF49Z2pmTJHb0T2ApJWkuSMwKfW22gmkQdZmYk1wtLcgkUGFP-XDFwSoUnDbIRMCMz8uIFRWXO_a_S5kg7nNAuGGFxKcHF0qqugFafjGaiVN1KFtiRQzQe0Mc4zO89RJLkdqyRfzSA31BOYB1y7qDou-kcUjjM9zADFPNzsy45JC3_Q1z0Dg237wzE551Rq3bOXaO9e92rMyDOrv6ZKa8L3Q5vXgTtPIolcKinIW2vopvgVllmPdbJVyn2Z7qI8GKr8fDzs2ebqBdOvIEnUeza-Y9hXuwj-BO_FU5FDKzNig3G5WIYPJpis4VcGDj5se_wW7dVkLgA9JYpNxgLYCogbRvhU8lAWGz9OybJk2e-dbOW_UYxcnG9caz9K_CoLWayU-SIsnXbA7tliDNAGE4vOt9CCwWwbbpL0ZTHM3qKDU-S5H0hfL7yvEfJy3MtVC-NpBYZ2DYnEp627-HyRPGufrC7bFb2MFnHXO6NE3UAjpcjt9z269d-w1cmovjzmEb9w&sai=AMfl-YT6MjdBAMvGHT7eOxX98awGRelInFCDP_PpkU2tPgxLPbpW3NTC1dxGBHeikXw6x7OCcwzs3dTvlZALUWO9qPqntpypOc3wdPGsW0s9We1sehiAUwzMm8T1WCXOlQu2poB8dEDI5jszCU2a5r4rJJI_dYbfaNTCq7aGJpTLx4PAtzDer4UStH0Rxivk639rZ-xUx3oaN3kNLsokEYwjBlf9_YXjHjilJYLrS2zLg1ekK730pemReFnzWsYuOLynyDlbr5gB4CCnRsVCDFMR9cdkEHjS1F98_t-zABjxUSX27UsSyaZY5tGAOpIQ4uw7GDAhrQIoNQREvx--UmrLQF_i5_bhkU4vyygjmMGTUHT_7ynVkImXyjMa9dDURAlj-3JWVwEd1Q2rTdvyyiXmRwQOF3vYNByVN3ysHz3CTLfw4sPFiBuJi69FiFiSMDZBjrExTdZCRbcabPRcZcJJem2b08vQm5svM1Cxi-VzjtAn4YK0pTTTExP0aXBgTocACZ6kbGzsjq5Z&sig=Cg0ArKJSzF3cs1HGZUm6EAE&uach_m=[UACH]&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9jYm9lLmNvbQ&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=3&cbvp=1&cstd=0&cisv=r20231109.00032&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 20 Nov 2023 20:32:16 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame A0C2 41 KB
14 KB 505ms
199ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 22:54:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 250686
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 16 Nov 2024 22:54:10 GMT

GET
H2 200 1774839274844005435
s0.2mdn.net/simgad/ Frame A0C2 23 KB
24 KB 370ms
23ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/1774839274844005435

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e6736490fb123228d794753afcb29a63ceeb824a40c11218f1465ef08b897e39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 07:24:50 GMT
x-content-type-options: nosniff
age: 47246
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23634
x-xss-protection: 0
last-modified: Thu, 20 Apr 2023 20:50:01 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 19 Nov 2024 07:24:50 GMT

GET
H2 200 beacon
tag.researchnow.com/t/ Frame A0C2 42 B
433 B 105ms
23ms Image
image/gif 18.66.147.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tag.researchnow.com/t/beacon?pr=288231&adn=3&ca=29702965&si=3554638&pl=364450340&cr=190488259&did=ADID&ord=3667466293&gdpr=&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7437598866529614&output=html&h=600&slotname=8642003316&adk=2244860935&adf=2783646740&pi=t.ma~as.8642003316&w=300&fwrn=4&fwrnh=100&lmt=1700512334&rafmt=1&format=300x600&url=https%3A%2F%2Ffreeinvaders.org%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700512334359&bpp=2&bdt=526&idt=455&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1935581822378&frm=20&pv=1&ga_vid=1558642952.1700512335&ga_sid=1700512335&ga_hid=911902459&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=5&ady=300&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079629%2C31078301%2C44807764%2C44808149%2C44808285%2C44809053&oid=2&pvsid=1751689554796356&tmod=962098543&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfoE%7C&abl=CF&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=459
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-91.fra60.r.cloudfront.net
Software: Apache/2.4.57 () / PHP/7.2.34
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Nov 2023 20:31:43 GMT
via: 1.1 21369bf2bfeb79adaa5bef1cb96f8540.cloudfront.net (CloudFront)
server: Apache/2.4.57 ()
x-amz-cf-pop: FRA60-P4
age: 33
x-powered-by: PHP/7.2.34
x-cache: Hit from cloudfront
content-type: image/gif
p3p: CP='NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM'
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
content-length: 42
x-amz-cf-id: tEP01aYcCXGcIOnRQQ6OqsO10KlHbo7AFQ_LvlSXaeo3hhQ4dFAoaA==
expires: 0

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0F05 42 B
63 B 71ms
70ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AaUoJRsnB3LBHeAk4tYOkFlpyZ53pLPyZssgArfLsN-_HWYMH-aHbgXqW-Iu-ALD8kRVYQf6SGMZVtWiV1BEyFRyoPEsI8aKAhhlrLY7KS-djWonU

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7437598866529614&output=html&h=600&slotname=6441724690&adk=3795804311&adf=3224686418&pi=t.ma~as.6441724690&w=300&fwrn=4&fwrnh=100&lmt=1700512334&rafmt=1&format=300x600&url=https%3A%2F%2Ffreeinvaders.org%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700512334361&bpp=1&bdt=528&idt=465&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600&nras=1&correlator=1935581822378&frm=20&pv=1&ga_vid=1558642952.1700512335&ga_sid=1700512335&ga_hid=911902459&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1295&ady=300&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079629%2C31078301%2C44807764%2C44808149%2C44808285%2C44809053&oid=2&pvsid=1751689554796356&tmod=962098543&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfoE%7C&abl=CF&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=467

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Nov 2023 20:32:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame A0C2 3 KB
1 KB 527ms
239ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 18:49:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6192
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Dec 2023 18:49:04 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame A0C2 20 KB
8 KB 529ms
241ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 09:24:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40048
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Dec 2023 09:24:48 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame A0C2 202 KB
64 KB 542ms
34ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 20:32:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 20 Nov 2023 20:32:16 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame DC49 624 B
245 B 99ms
98ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CMGuFBCz0J0CGIamv-YBMAE&v=APEucNXUXAHudpLHsCv_m3RDa9LBJf4A-FH2whgreOPO2ph48VC-NafAIzP6KNLHGbtcuViSFqxj_P09SABH73o78_mwdPXQtsKKP3TQMdzDSD8tE2ROohzsHp6rKEpWnX2apbvXn3WEee3KkcXk49VOMqB-moGldStwuavoIFMo7o0eeqK1Brw

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7437598866529614&output=html&h=600&slotname=6441724690&adk=3795804311&adf=3224686418&pi=t.ma~as.6441724690&w=300&fwrn=4&fwrnh=100&lmt=1700512334&rafmt=1&format=300x600&url=https%3A%2F%2Ffreeinvaders.org%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700512334361&bpp=1&bdt=528&idt=465&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600&nras=1&correlator=1935581822378&frm=20&pv=1&ga_vid=1558642952.1700512335&ga_sid=1700512335&ga_hid=911902459&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1295&ady=300&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079629%2C31078301%2C44807764%2C44808149%2C44808285%2C44809053&oid=2&pvsid=1751689554796356&tmod=962098543&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfoE%7C&abl=CF&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=467
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 20 Nov 2023 20:32:16 GMT
expires: Mon, 20 Nov 2023 20:32:16 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/ Frame 81BC 9 KB
4 KB 24ms
24ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://freeinvaders.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 85319
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4118
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 19 Nov 2023 20:50:17 GMT
etag: 16674218716276178799
expires: Sun, 03 Dec 2023 20:50:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame 81BC 4 KB
767 B 732ms
732ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 20 Nov 2023 20:32:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 20 Nov 2023 19:49:16 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 20 Nov 2023 20:32:16 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 81BC 205 B
296 B 373ms
24ms Image
image/png 172.217.18.3
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f3.1e100.net

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 08:09:01 GMT
x-content-type-options: nosniff
age: 217395
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 17 Nov 2024 08:09:01 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 81BC 604 B
1 KB 372ms
23ms Image
image/png 172.217.18.3
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f3.1e100.net

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 11:28:27 GMT
x-content-type-options: nosniff
age: 205429
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 17 Nov 2024 11:28:27 GMT

GET
H2 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame 81BC 15 KB
7 KB 307ms
77ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2881d8eadc298102d2462e8d32e40792adce37b6cd89d99045f574eb3ecbb748

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 19:42:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2986
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6702
x-xss-protection: 0
server: cafe
etag: 11213825687312121238
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Dec 2023 19:42:30 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame 81BC 21 KB
9 KB 427ms
198ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

25b1b4e9934aa4cb8e8bdf5fd7911f6ec67acde6b6b39f1561aec2244f7826af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 17:53:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9548
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8781
x-xss-protection: 0
server: cafe
etag: 9666818975682992898
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Dec 2023 17:53:08 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame DC49
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ2IzohltH78Oz8CZFP5NqA&google_cver=1

43 B
734 B

48ms
47ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ2IzohltH78Oz8CZFP5NqA&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMGuFBCz0J0CGIamv-YBMAE&v=APEucNXUXAHudpLHsCv_m3RDa9LBJf4A-FH2whgreOPO2ph48VC-NafAIzP6KNLHGbtcuViSFqxj_P09SABH73o78_mwdPXQtsKKP3TQMdzDSD8tE2ROohzsHp6rKEpWnX2apbvXn3WEee3KkcXk49VOMqB-moGldStwuavoIFMo7o0eeqK1Brw
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Nov 2023 20:32:16 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ha2Z1QYII6AdMXhBp1vbhZOS4%2BTi9czd1JMMa9SMdaav7aXrH1%2BlxdvUPNPjLy6UJdPbA4vs05vndUrLMyXVZqp1vRRRvJq6RXZPIuDmv%2FIHK8xVA4GCrQY1IO6K9pVFTxeztnEj9NHkxA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 829376172d0f0bab-AMS
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 20 Nov 2023 20:32:16 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ2IzohltH78Oz8CZFP5NqA&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame DC49
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZVvCUK7kgzlAQie3NGtuJAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ2IzohltH78Oz8CZFP5NqA&google_cver=1

43 B
731 B

42ms
42ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ2IzohltH78Oz8CZFP5NqA&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMGuFBCz0J0CGIamv-YBMAE&v=APEucNXUXAHudpLHsCv_m3RDa9LBJf4A-FH2whgreOPO2ph48VC-NafAIzP6KNLHGbtcuViSFqxj_P09SABH73o78_mwdPXQtsKKP3TQMdzDSD8tE2ROohzsHp6rKEpWnX2apbvXn3WEee3KkcXk49VOMqB-moGldStwuavoIFMo7o0eeqK1Brw
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Nov 2023 20:32:16 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hfxt1yCid04lvjjfNOtFVxRTJo5mOzPMNkLbXCFHIQfOXsLA8rwUa3AOmwZbptqbNM6Tcm1bevw68xh8XPId86O70o2aR%2BaYlq8HhRtHwlCZKy2UfN3tM8T%2F8G7r2saPq9ISOq%2F84x4Ycw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 829376177d790bab-AMS
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 20 Nov 2023 20:32:16 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ2IzohltH78Oz8CZFP5NqA&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame DC49
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEFmQYCpvjb0Tgk-geBsVIFA&google_cver=1

43 B
837 B

29ms
28ms

Image
image/gif

37.252.171.149
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEFmQYCpvjb0Tgk-geBsVIFA&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMGuFBCz0J0CGIamv-YBMAE&v=APEucNXUXAHudpLHsCv_m3RDa9LBJf4A-FH2whgreOPO2ph48VC-NafAIzP6KNLHGbtcuViSFqxj_P09SABH73o78_mwdPXQtsKKP3TQMdzDSD8tE2ROohzsHp6rKEpWnX2apbvXn3WEee3KkcXk49VOMqB-moGldStwuavoIFMo7o0eeqK1Brw

Protocol

Server

37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Nov 2023 20:32:16 GMT
an-x-request-uuid: c8c789d2-96c7-4b80-9d83-63537b97d577
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 95.211.95.232; 95.211.95.232; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 20 Nov 2023 20:32:16 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEFmQYCpvjb0Tgk-geBsVIFA&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame DC49
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODMxODkxMzYzNjc5MDU1MDIz

170 B
232 B

40ms
40ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODMxODkxMzYzNjc5MDU1MDIz

Requested by

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Nov 2023 20:32:16 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 20 Nov 2023 20:32:16 GMT
an-x-request-uuid: 73af5c42-c67e-4329-af64-35dc58bd3e3f
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODMxODkxMzYzNjc5MDU1MDIz
x-proxy-origin: 95.211.95.232; 95.211.95.232; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 1774839274844005435
s0.2mdn.net/simgad/ Frame 0F05 23 KB
23 KB 261ms
196ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/1774839274844005435

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e6736490fb123228d794753afcb29a63ceeb824a40c11218f1465ef08b897e39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 07:24:50 GMT
x-content-type-options: nosniff
age: 47246
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23634
x-xss-protection: 0
last-modified: Thu, 20 Apr 2023 20:50:01 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 19 Nov 2024 07:24:50 GMT

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame 0F05 23 KB
9 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 20:50:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85318
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9282
x-xss-protection: 0
server: cafe
etag: 14645652906762492339
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 03 Dec 2023 20:50:18 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame 0F05 7 KB
3 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/omrhp_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 16:55:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12978
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3071
x-xss-protection: 0
server: cafe
etag: 10674441169935035545
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Dec 2023 16:55:58 GMT

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame 0F05 0
0 74ms
72ms Fetch
image/gif 142.250.186.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjstm_fEqE8vkTm1ppmsw7PmnxsBcfpSFqnICe4qHwWGrkkMIB5QUb2gVAJ9uYgVoZt--R-ASHgEcOxN8R2vremy072FN-0lgTzhFFfT8JCvmONJ5eE6ZwYtDkjmTC5c6Hb_nIvXseS4qZyI9M6FyZ6Fj85MOJ13nvcPpxfdUEJFUHgJ693bXjB3tbl4Q8XjvqGts0n67-vu-b6Vzlr9IYxA75SURukCrxORJ087nNl76idFWcy9fV90-VUR41SJGXX23yNFhhkcxS2meYgXAzkergl3ly2Do8AbcA3bTkFWH4vYRwZgasWeuB19iOQ9Min_ReHCXXsBuQzYkLm1dfu5SKTXSq2H8O13ocf4Il30PVNcWDpgZBWu6SbCK1BATlfycoRrQv_rovjX59YDK3zV0lXHG5pxH7T3CUIkygNGwDQt3FvljXvd6xj60ptwacPP0gKwzXNZ7d_8qH29eFt1uwvgq3ePw7w9Rkw2Y1sP7K4ID5meLdwuar9RIHR6WWClleT2PkxtwLAflZvMZ88rW-5V3cgXX4ROCIaY_9MepZxkKAVZXG7RmCltBB9c_dwJiZnvz48VDd-CbKSI_-HeAWw8RmXInU54rmE55A_AkXSdC_c4YwF8DOmgvZXPwZVRU8NAXzdSJOXlu1w38KR2fW6ANlRccuuOaP-RfvdjT3NYPAX_Xe_g5TszgknURm7VF2WWPh35tFLKF2Olm2jlY9po_tITrxKrjwrQ8tMEKRpwFw2mLrvbjAYWsVqukvrTFwB4y-Me9FxdvpBbJxTJG2qFOEzSgz7Q3g1GdmLd3P5AyocJKdFuWvyVW_7Zr_tEdej7h6jvAoVPJdwH_aa0aAhOx1WIZQGlSYyPTXyQckV__Svvwx61QxeflxgifiNno1h4A3UjNqNlOxh5CI7FyrjAmqZKhltxZyDwjY0QoGQggEXavOokAORjLq7o4yvH6-fsf8fEJwfwdd8drkk0m55EB2ChZfY7Dhr6wo1f92nlRJ_NDQ9yHN2HZpAQbz7Jhw5MrICXGLd6J2qedKJRLvuOqopxB39Z2bJcHbX-jGHdoGUlWXsP-HRz2gLdkU4MO8M5ldXBdw4GdqXk4PsTYTmfgNuwAk-_BTC9WSs0RB9o5IgoPU8ysk94lCWoUceqGQL0aggKt_r350I7_lCdpyi2FsNa4PSyF1H0THPnWmXMUxOM3Pcg837S8rUWdPYt5DNZDhWSxJV6PQjYkqurcTv8s5uoUZdjhIdnLAg7nLc3j8qXN-lLBywMbcTLEU4EJlXDF8rEekAo&sai=AMfl-YRpJ3pkN2Lg6yrc5Uw0WJTuCXZa9Vilo8AdVvURPOkLJyKSTwuUChCCABqkcEKmCcBd-LTPudt9cSt5cUS1Tyg6o77S8PlFx4mmADHdHddq3ZrwkaSWFNgd5zlThZMEUFeU-TOU5-vmWa7DoUl0rlT4YjvcQtMxVGfnE-EoAoCPGu_bYpLqyxWQgCqVlg2ddG0UXCl_VYaPf3jjuYJ0sWFvg2FlsdxIAn8MhRS-M3ksb1T1IMSUul70eor9IuvkyD7-SOEfvSlO-nE8MEJqYblRzSiHP4y1sg9y-LiFfmNH3c96FyL4tNl3bODPQfDSig2dvfM5HheqnJqNuBwTfUvzq_tNCUGmWXZcaHpO-gXBQaKZc-AJ8u59BkosJuehaRc6TRyakh9J4rBORzYPMMSp9rwNDWDw7PmBIKrvBOIMzlxWKXcTnKa4IZc4Zml9AI72saaGZTBz7S2YIg9po80mu8k-VpfwnbzoF0YEXb6KRGb95wEF5D177oVJmYdmXIO0Hw&sig=Cg0ArKJSzOJZrJles8KrEAE&uach_m=[UACH]&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9jYm9lLmNvbQ&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=0&cisv=r20231109.38049&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 20 Nov 2023 20:32:16 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 0F05 41 KB
14 KB 257ms
240ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 22:54:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 250686
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 16 Nov 2024 22:54:10 GMT

GET
H2 200 beacon
tag.researchnow.com/t/ Frame 0F05 42 B
433 B 27ms
27ms Image
image/gif 18.66.147.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tag.researchnow.com/t/beacon?pr=288231&adn=3&ca=29702965&si=3554638&pl=364450340&cr=190488259&did=ADID&ord=2279187574&gdpr=&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7437598866529614&output=html&h=600&slotname=6441724690&adk=3795804311&adf=3224686418&pi=t.ma~as.6441724690&w=300&fwrn=4&fwrnh=100&lmt=1700512334&rafmt=1&format=300x600&url=https%3A%2F%2Ffreeinvaders.org%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700512334361&bpp=1&bdt=528&idt=465&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600&nras=1&correlator=1935581822378&frm=20&pv=1&ga_vid=1558642952.1700512335&ga_sid=1700512335&ga_hid=911902459&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1295&ady=300&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079629%2C31078301%2C44807764%2C44808149%2C44808285%2C44809053&oid=2&pvsid=1751689554796356&tmod=962098543&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfoE%7C&abl=CF&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=467
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-91.fra60.r.cloudfront.net
Software: Apache/2.4.57 () / PHP/7.2.34
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Nov 2023 20:31:43 GMT
via: 1.1 21369bf2bfeb79adaa5bef1cb96f8540.cloudfront.net (CloudFront)
server: Apache/2.4.57 ()
x-amz-cf-pop: FRA60-P4
age: 33
x-powered-by: PHP/7.2.34
x-cache: Hit from cloudfront
content-type: image/gif
p3p: CP='NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM'
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
content-length: 42
x-amz-cf-id: U7IaZCKuVtPjcIFGnw-AzMtwe18P7JuFCyQycPo-U0gdAmud83RlVA==
expires: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 0F05 3 KB
1 KB 253ms
240ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 18:49:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6192
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Dec 2023 18:49:04 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 0F05 20 KB
8 KB 255ms
242ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 09:24:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40048
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Dec 2023 09:24:48 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0F05 202 KB
64 KB 493ms
259ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 20:32:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 20 Nov 2023 20:32:16 GMT

GET
H3 200 view
ad.doubleclick.net/pcs/ Frame A0C2 0
0 66ms
64ms Fetch
image/gif 142.250.186.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjsuAtVC1_fql3CXGSt74fWb_ALn5S3Q_kVz6aoj02bS_THDi3VhSZtvpW0AUCJVDikPD3fTE7af28-wDnwwwT4-Tiq36qoolcxc8mWiNKruk2NMvffjhZ0di6kXLBQvdvomJJGNWPKDJURYC5iexIthgRIo78EWc3ZMpRPT3-siSv3IDl2q595OLOhUzvkaAF2XxDjBPmyVrKBvDSKK7mTpqoF4ncwbJ4qhv5otgPLu9wwRic63QC5JqDkPG37W-VU8AwXUlbZNfCZ8iilAmdaMCd-ToDFIq1HFQIwADcbhxUxyi-e81xpNrf1whm239SHkJfnNNfJXnTqOe8k_GZv3NmNfStTirdISMYJpHrgguiIW03ZqXInBtrfUGlmQvPJbUCrHp7R1Xr7hV05sbnhGVYWL_V2KzLPc3kbKX_bZyYDseBw0FEgaS_v4G9kU7j3jSsUyKNCTYo8BfexPrRu8bSQmuSOdP_D_eqkw6ZmgcCVK3EQ_iRIgmnWsO8vRNud_XoEZspr3rEB9NTsXApFSyZz0hbrEtdZM7WS17WIn376N5VHHxFvWCS7rdUpR0A4J-f_uIwm8sBEWxrWrh8o45AeQ7j_dU9kZRdV8BV79eRRyrrmvyEiGH-uffgEBGB8CAEofYGxR_tIbv4YG42j61u4-9vs1CXUEOjMJMrYeo4DAdKZvr0cqVu0_7-y6-W_AYtiM_CkUB4YuuzFh4p1H_KMUIFoG-cCsxqLNk8rDwzM9CmQ3QHlwBkaqbrP1w2CDElSAzzDFpMF49Z2pmTJHb0T2ApJWkuSMwKfW22gmkQdZmYk1wtLcgkUGFP-XDFwSoUnDbIRMCMz8uIFRWXO_a_S5kg7nNAuGGFxKcHF0qqugFafjGaiVN1KFtiRQzQe0Mc4zO89RJLkdqyRfzSA31BOYB1y7qDou-kcUjjM9zADFPNzsy45JC3_Q1z0Dg237wzE551Rq3bOXaO9e92rMyDOrv6ZKa8L3Q5vXgTtPIolcKinIW2vopvgVllmPdbJVyn2Z7qI8GKr8fDzs2ebqBdOvIEnUeza-Y9hXuwj-BO_FU5FDKzNig3G5WIYPJpis4VcGDj5se_wW7dVkLgA9JYpNxgLYCogbRvhU8lAWGz9OybJk2e-dbOW_UYxcnG9caz9K_CoLWayU-SIsnXbA7tliDNAGE4vOt9CCwWwbbpL0ZTHM3qKDU-S5H0hfL7yvEfJy3MtVC-NpBYZ2DYnEp627-HyRPGufrC7bFb2MFnHXO6NE3UAjpcjt9z269d-w1cmovjzmEb9w&sai=AMfl-YT6MjdBAMvGHT7eOxX98awGRelInFCDP_PpkU2tPgxLPbpW3NTC1dxGBHeikXw6x7OCcwzs3dTvlZALUWO9qPqntpypOc3wdPGsW0s9We1sehiAUwzMm8T1WCXOlQu2poB8dEDI5jszCU2a5r4rJJI_dYbfaNTCq7aGJpTLx4PAtzDer4UStH0Rxivk639rZ-xUx3oaN3kNLsokEYwjBlf9_YXjHjilJYLrS2zLg1ekK730pemReFnzWsYuOLynyDlbr5gB4CCnRsVCDFMR9cdkEHjS1F98_t-zABjxUSX27UsSyaZY5tGAOpIQ4uw7GDAhrQIoNQREvx--UmrLQF_i5_bhkU4vyygjmMGTUHT_7ynVkImXyjMa9dDURAlj-3JWVwEd1Q2rTdvyyiXmRwQOF3vYNByVN3ysHz3CTLfw4sPFiBuJi69FiFiSMDZBjrExTdZCRbcabPRcZcJJem2b08vQm5svM1Cxi-VzjtAn4YK0pTTTExP0aXBgTocACZ6kbGzsjq5Z&sig=Cg0ArKJSzF3cs1HGZUm6EAE&uach_m=[UACH]&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9jYm9lLmNvbQ&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=551&vt=11&dtpt=548&dett=2&cstd=0&cisv=r20231109.00032&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 20:32:16 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 21FF 38 KB
13 KB 32ms
31ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 366451
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 16 Nov 2023 14:44:45 GMT
expires: Fri, 15 Nov 2024 14:44:45 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 view
ad.doubleclick.net/pcs/ Frame 0F05 0
0 61ms
60ms Fetch
image/gif 142.250.186.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjstm_fEqE8vkTm1ppmsw7PmnxsBcfpSFqnICe4qHwWGrkkMIB5QUb2gVAJ9uYgVoZt--R-ASHgEcOxN8R2vremy072FN-0lgTzhFFfT8JCvmONJ5eE6ZwYtDkjmTC5c6Hb_nIvXseS4qZyI9M6FyZ6Fj85MOJ13nvcPpxfdUEJFUHgJ693bXjB3tbl4Q8XjvqGts0n67-vu-b6Vzlr9IYxA75SURukCrxORJ087nNl76idFWcy9fV90-VUR41SJGXX23yNFhhkcxS2meYgXAzkergl3ly2Do8AbcA3bTkFWH4vYRwZgasWeuB19iOQ9Min_ReHCXXsBuQzYkLm1dfu5SKTXSq2H8O13ocf4Il30PVNcWDpgZBWu6SbCK1BATlfycoRrQv_rovjX59YDK3zV0lXHG5pxH7T3CUIkygNGwDQt3FvljXvd6xj60ptwacPP0gKwzXNZ7d_8qH29eFt1uwvgq3ePw7w9Rkw2Y1sP7K4ID5meLdwuar9RIHR6WWClleT2PkxtwLAflZvMZ88rW-5V3cgXX4ROCIaY_9MepZxkKAVZXG7RmCltBB9c_dwJiZnvz48VDd-CbKSI_-HeAWw8RmXInU54rmE55A_AkXSdC_c4YwF8DOmgvZXPwZVRU8NAXzdSJOXlu1w38KR2fW6ANlRccuuOaP-RfvdjT3NYPAX_Xe_g5TszgknURm7VF2WWPh35tFLKF2Olm2jlY9po_tITrxKrjwrQ8tMEKRpwFw2mLrvbjAYWsVqukvrTFwB4y-Me9FxdvpBbJxTJG2qFOEzSgz7Q3g1GdmLd3P5AyocJKdFuWvyVW_7Zr_tEdej7h6jvAoVPJdwH_aa0aAhOx1WIZQGlSYyPTXyQckV__Svvwx61QxeflxgifiNno1h4A3UjNqNlOxh5CI7FyrjAmqZKhltxZyDwjY0QoGQggEXavOokAORjLq7o4yvH6-fsf8fEJwfwdd8drkk0m55EB2ChZfY7Dhr6wo1f92nlRJ_NDQ9yHN2HZpAQbz7Jhw5MrICXGLd6J2qedKJRLvuOqopxB39Z2bJcHbX-jGHdoGUlWXsP-HRz2gLdkU4MO8M5ldXBdw4GdqXk4PsTYTmfgNuwAk-_BTC9WSs0RB9o5IgoPU8ysk94lCWoUceqGQL0aggKt_r350I7_lCdpyi2FsNa4PSyF1H0THPnWmXMUxOM3Pcg837S8rUWdPYt5DNZDhWSxJV6PQjYkqurcTv8s5uoUZdjhIdnLAg7nLc3j8qXN-lLBywMbcTLEU4EJlXDF8rEekAo&sai=AMfl-YRpJ3pkN2Lg6yrc5Uw0WJTuCXZa9Vilo8AdVvURPOkLJyKSTwuUChCCABqkcEKmCcBd-LTPudt9cSt5cUS1Tyg6o77S8PlFx4mmADHdHddq3ZrwkaSWFNgd5zlThZMEUFeU-TOU5-vmWa7DoUl0rlT4YjvcQtMxVGfnE-EoAoCPGu_bYpLqyxWQgCqVlg2ddG0UXCl_VYaPf3jjuYJ0sWFvg2FlsdxIAn8MhRS-M3ksb1T1IMSUul70eor9IuvkyD7-SOEfvSlO-nE8MEJqYblRzSiHP4y1sg9y-LiFfmNH3c96FyL4tNl3bODPQfDSig2dvfM5HheqnJqNuBwTfUvzq_tNCUGmWXZcaHpO-gXBQaKZc-AJ8u59BkosJuehaRc6TRyakh9J4rBORzYPMMSp9rwNDWDw7PmBIKrvBOIMzlxWKXcTnKa4IZc4Zml9AI72saaGZTBz7S2YIg9po80mu8k-VpfwnbzoF0YEXb6KRGb95wEF5D177oVJmYdmXIO0Hw&sig=Cg0ArKJSzOJZrJles8KrEAE&uach_m=[UACH]&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9jYm9lLmNvbQ&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=269&vt=11&dtpt=267&dett=2&cstd=0&cisv=r20231109.38049&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 20:32:16 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame E4A8 38 KB
13 KB 207ms
207ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 366451
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 16 Nov 2023 14:44:45 GMT
expires: Fri, 15 Nov 2024 14:44:45 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame A0C2 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b903f832b2054164689752163d413cda0f587dec913bf3af7b79310e75c6c5bb

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 0F05 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b624443a8c0313b2262f10b462a238da1f113576f583d32a51086d7b6c1a0e78

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame 21FF 39 KB
15 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 14:51:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20468
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 19 Nov 2024 14:51:09 GMT

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame E4A8 39 KB
15 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 14:51:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20468
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 19 Nov 2024 14:51:09 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame E474 14 KB
1 KB 34ms
33ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 20 Nov 2023 20:32:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 20 Nov 2023 19:11:49 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 20 Nov 2023 20:32:17 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame E474 2 KB
822 B 164ms
164ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 09:24:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40048
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Dec 2023 09:24:49 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame E474 23 KB
9 KB 160ms
158ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 09:24:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40048
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9282
x-xss-protection: 0
server: cafe
etag: 14645652906762492339
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Dec 2023 09:24:49 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame E474 3 KB
1 KB 161ms
159ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 18:49:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6193
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Dec 2023 18:49:04 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame E474 20 KB
8 KB 223ms
221ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 09:24:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40049
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Dec 2023 09:24:48 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame E474 202 KB
64 KB 205ms
203ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 20:32:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 20 Nov 2023 20:32:17 GMT

GET
H2 200 a6de5423b7c632060e8f86136bd5d27a.js Show response
www.gstatic.com/mysidia/ Frame E474 37 KB
15 KB 23ms
21ms Script
text/javascript 172.217.18.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a6de5423b7c632060e8f86136bd5d27a.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f3.1e100.net

Software

sffe /

Resource Hash

0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 07:21:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 220260
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15478
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 14:10:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 16 Feb 2024 07:21:17 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 21FF 0
20 B 61ms
60ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BiQXqTsJbZbrNNOrK1fAP4c2xuAoAAAAAOAHgBAI&bg=!hIelh8jNAAZxrfrxUa07ADQBe5WfOCRzCDxVFkbjWrKhTIiXy5R9lE3dFaGuc1d1TXdnMkDDBL6PFugkpyroVuvsTT3MAgAAAE1SAAAAA2gBBwoACBGbZ31TOy6cmQLXb79ZTB8lxHLOo9nF4UXDqkUnjlYp8dNKsLD2k9OfgAHfG37G34RiyT_2YW5JfcmqMsqmvNX4FEIeLAepGQXIUxqYVKgm08hHz3L-voMG0eSLcOhACiVJLUWMiwYeUj2zhg5ALvcgrM997uw1t5Ip_-57RMZzasTNoRVxthp-egTKn9B7vH-gNnJgjW-osHs9oV9xRhul37h5ehbwz1BR0nw_efmCHhQx4GRWpNYUwZO4Jic0KAZZb6K8pmyVo45_JmLq14_y0d3uvWuxDWC2LwXB0nZM6Muwb4cnNgmOK_N6K5DSyYk5UdRLkHZM_wlJzbYos24J-7XtsrHSgLw3YMEti4Y7cXyaRY9SDlDS-4JCtUeRbYP0ir5BZ1aN9-gBwHQAbi0gatqRK1GrACvBZS_KNU75K-f-FWMscG5OPnSy_gw9QtAkC5Nz8NckXAD8QcXUuerfPkZRoZva2bAa7MkKJn8AAyIWIYjj4IZ1UT3hjO4706afDu_yBlBUPh61tFHdmUW-rpiO3V0fTH_LmDzkUpHedmLSj9hiC3WscAYUsp1O39IWsT-0T4wSvreyWdkIYt5ZrpszZQIncOIxYFzFaPTe54_fQrGLCfUKKLBsSzXxgt5KaWrHKZfyC8nM8D8At-ceZYpjfo0nUYVS-XBzGcBLY-ypiTWxelw5vhf5rJytAa7NrCYRmTvxUVjflEw_7Bc42oB1roaSDhPmBqQEsS6z377XmGDtD8JiwASH2Vm5N1CQPI5nNva6OBr5man0e_5hNf5DWKLUAk5K8qwiuJOwZcyogW9W1YXH7LIwoRSLGYrzqrYIsN__u-KHprECW50VIjVNFr4UeulbKlDClNEJ3fdOh3JVV65a5LkfnAoISU1DddHna9LwEVrbeFr6UdpCywIDjjRvCbSkfw-DLe-k8Z65idPjEFM4KBTSSALhAVm8EJ7Zrhc_6i-_JJIDCrB_ig

Requested by

Host: freeinvaders.org
URL: https://freeinvaders.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Nov 2023 20:32:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E4A8 0
20 B 63ms
63ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BqQqYTsJbZa7gNIKb1fAPj6qxoA4AAAAAOAHgBAI&bg=!8_Cl8L_NAAZxrfrxUa07ADQBe5WfONlaJfUCc_6uRhxvaBzOaCHWJnGGhfEMX3lYsjt-9O-0uGXJgHt_TbcRsLbruHq6AgAAAFFSAAAAAmgBBwoAgb7KZgdShC58Tjm0Zal_B5Dmx9KpZfWi-McK_hxZzRsopWjzAvUNu4cEFwj-gEzPWfPbXWlhOnproSswIFsjgBt0x0ulNsPTT9LkQkrVUwF7VyDVp2_T-Qar2tbO0R04aewLafdoGepJweRokmYl9G_FRXduG6IY4ruMU58DbNwPQpkC4N9sk05n1c4h0JG17A36ktbQiVuZcDtjcrUDHkF2zO2VCq2MkaZ_mf85miwM6zC63h-m_ranZyYURUPCiGO9OTaKed85j4z10vBijcX3CZXbkGdv1VHOQIluHnT2f71uoJtilm_fBK-jFD4haElQbGbiXg85FEjjHzqqF2sBFrLrPlYlLoXF2JAtc9lVU19F1DPAGNjjWXaJ5lSz-RSXYG_jUoQZUspjwi-6lJuZrm-pktujmmTeGOOG30A5Y0Glq4ZnphWj7ShIZhtYc-o53ext_z1VZN77fB6P3YToE2sWgM1Z94oVNMXSjfq-oFu7IFI-OjX5eMGabulKdlst7T1s3eps8DQpRfT0P4mW1bZ8UbONPHwcDRQEo3DNmeL95_roGvTpqkKqPAEvUWWyh692NJ2HjVxIlRs7x3asxIQ7fgrFywHXNA7974O-asWC68eXH6aKS4P1meExnPEmgU3yPtVjtXMlFXwwk2SN0R_VDgk25JsUHW1Q_eRYUG-ic8XJE_YixBHDW1QhRAPepGFOGrL1R7xi1ZTb1BZjEYrYGL5cCk4FxydE3SOgMWgFe6ElyYRVVsSot35z9iQyKH0vmZkl8CnwaQBINnMIJAViwYXvm7m8RiiNsLfA0M6B_7-Gvr8pUtNboVM7bhTzGPy9fE_MyUOfZaPzu6SBxILnd5YgJkrp0X7vY8ccp5rVs3PM3tPc7LQRqBPsD_mTH7wGPsCoFiZiAipQgyEAKkD4ujn-3mSeYHbETLStmQj-FKsIOZjNKBYEp04RGH3leIV5lpW9QlTa5HyU29cAeTgg2p2U2N-6kk3OzrNJiSc8exRgynHqJb0etEeQUBYhHKvSj6WqR09vz61z5QfDt6pwV4ZMz2evuHUdIRO8VirIJ1Kie8QUEihjuSrekyCn_gx33wtcRqmgCXsbQ5KttTi1reBGLQNFraBQ1_EoEt9fQsIPedxreBMNUrz6LClLq3o

Requested by

Host: freeinvaders.org
URL: https://freeinvaders.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Nov 2023 20:32:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 73ms
72ms XHR
application/json 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231109&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c2fc3fe125afa1fa4d8ed8c6945a5f479d4e76fd20a019611760b88a85b0d954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freeinvaders.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 20:32:17 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12047
x-xss-protection: 0

GET
H3 200 Yf5BzeG23wDzTlqXlXQekm6IYbjoDTlv95nUi6zaUwA.js Show response
pagead2.googlesyndication.com/bg/ Frame 3519 38 KB
15 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Yf5BzeG23wDzTlqXlXQekm6IYbjoDTlv95nUi6zaUwA.js

Requested by

Host: freeinvaders.org
URL: https://freeinvaders.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61fe41cde1b6df00f34e5a9795741e926e8861b8e80d396ff799d48bacda5300

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 17:34:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 269846
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14900
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 16 Nov 2024 17:34:51 GMT

GET
H2 200 space-invaders.swf Show response
freeinvaders.org/ 17 KB
18 KB 53ms
52ms Fetch
application/x-shockwave-flash 62.212.95.32
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://freeinvaders.org/space-invaders.swf
Requested by: Host: turbo.freevideogames.org
URL: https://turbo.freevideogames.org/includes/js/flash-emulator/core.ruffle.5e850f90e6e2fab0bb54.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 62.212.95.32 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: host.eugamesvps.com
Software: nginx /
Resource Hash: 1e1b355077a5c47650a4155d9c2e6f27cba6eec6c0da6f968ab6d1f73a246c6a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freeinvaders.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 20:32:18 GMT
last-modified: Thu, 23 Mar 2023 00:33:50 GMT
server: nginx
etag: "641b9e6e-45b9"
content-type: application/x-shockwave-flash
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 17849

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame A0C2 42 B
64 B 62ms
61ms Fetch
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu_rpFt0jFcXDM4t15s-eqYSQerOYdw7tL3XB_uQvyPrr8fV8WdpG1tpvWmqSEfjHw15RPR2XLmQLgoiGAr5vUv1di0CP84bQeQl_8pOdHTTK8us6dRyL_Aw4rkcnFLkj8Uw4OPaLtGQclL&sai=AMfl-YQGC3gIeR7_G-3mS1GTfD1urwy0jpum5uqmMX_i73JaBgZ_92Vq153_Fikh_snALkPOHX6sNEwX0ck79Dl6-oAiQGePE6sysIN4UImYJz-CpXgXUowuuEBLk-yDVfP_eJhygzgwmnAPEyk8wuz1Cw&sig=Cg0ArKJSzHZx0UNgWGhaEAE&cid=CAQSTwDICaaNYdysL0AJCH17m3eXQoMMWlRsVcpUG60o-dBXnVCk9EJRoeWqCyEMIh3Xi3lGQxvceKD_0mphqdiOLR0adXb62ArjudKGR1muVHIYAQ&id=lidar2&mcvt=1000&p=0,0,600,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231116&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2244860935&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1700512334819&rpt=2342&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Nov 2023 20:32:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 233ms
232ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://freeinvaders.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 20:32:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 20 Nov 2023 20:32:18 GMT

GET
DATA 200
OK truncated
/ 521 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cc9aa9da44fbbf17e1bdb8c2ed1944c5aed0dfe922e8128145cdd97fe416c794

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 0F05 42 B
64 B 65ms
65ms Fetch
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstst36Jw2O_JjoCOw0E1sC1iiVyf_rtbGtow47lQAM1b72ODDKgT2VP-Hhs4aKGOm4ConmO8ybTGIEs3mNYho2ZfjnJI7ZVnEjyGmWtvyG-iQv0RKH4IsIS_w4M-Rgdle4_i0CbslQzshwg&sai=AMfl-YQWWk-jiyTkWCDtgzzYs7zqgeaMlHYWVU2Hp6LI1fyw_3kIoAsIX0IVfhqMaLVHFhMaGERRVcFFeU2lcKzVtwBca5SwJzCGY29QBNl65k-S7MQAxesp2mCemd1hBC2WEkrPLcFFCNgc2l5f5syb&sig=Cg0ArKJSzNXr1XO7cgABEAE&cid=CAQSTgDICaaNGVNo_anbdXND87hI_IypgMJuHVWNTESf2ulr-WnR-4Ukc1gMiadnrj45mZxeNixOZO3wtoh4ttcRDsVU10gTRIexO7v1FqgsZRgB&id=lidar2&mcvt=1062&p=0,0,600,300&mtos=1062,1062,1062,1062,1062&tos=1062,0,0,0,0&v=20231116&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3795804311&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1700512334830&rpt=2599&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=8&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Nov 2023 20:32:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 0534 13 KB
5 KB 42ms
41ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://freeinvaders.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 6179
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 20 Nov 2023 18:49:19 GMT
expires: Tue, 19 Nov 2024 18:49:19 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 0156 829 B
1 KB 565ms
69ms Document
text/html 2a00:1450:4001:801::2004

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2004 -, , ASN (),

Reverse DNS

Software

GSE /

Resource Hash

c9d43500bfd6c2dc07b9fbabae4979d8f07eb3de97b0ef6facf72b2931987baa

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-HdQCfH6VnsyIhY70D5aJcw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://freeinvaders.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-HdQCfH6VnsyIhY70D5aJcw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 20 Nov 2023 20:32:19 GMT
expires: Mon, 20 Nov 2023 20:32:19 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 ruffle.js Show response
turbo.freevideogames.org/includes/js/flash-emulator/ Frame 0156 66 KB
19 KB 27ms
27ms Script
application/javascript 143.204.215.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://turbo.freevideogames.org/includes/js/flash-emulator/ruffle.js
Requested by: Host: turbo.freevideogames.org
URL: https://turbo.freevideogames.org/includes/js/flash-emulator/ruffle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-105.fra53.r.cloudfront.net
Software: nginx /
Resource Hash: b8eb8a4b05307e44f4c0dd10e2f2d380dcd36ebf59dbe9e320ae3a9a67b6d0f8

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 09:11:18 GMT
content-encoding: br
via: 1.1 78c402b74e65ae12b398b6b957ab229e.cloudfront.net (CloudFront)
last-modified: Sat, 04 Feb 2023 21:30:18 GMT
server: nginx
x-amz-cf-pop: FRA53-C1
age: 40889
etag: W/"63dece6a-10829"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400, public
x-amz-cf-id: L-SVn74a7PTtnjxYt-L9rialUplsn3u1pETU-o9Jv3Uu6M0ygZdJOA==

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame 0534 39 KB
15 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 14:51:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20469
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 19 Nov 2024 14:51:09 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 0156 0
0 65ms
64ms Image
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231109&jk=1751689554796356&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 0534 0
0 34ms
31ms Image
text/plain 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?EnpE4Q
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 20:32:19 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

Verdicts & Comments Add Verdict or Comment

49 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.quantserve.com/	1970-01-21 01:52:06	Name: mc Value: 655bc24e-e1c92-7813f-5be3f
.freeinvaders.org/	1970-01-21 01:46:21	Name: __qca Value: P0-1535856597-1700512334775
.doubleclick.net/	1970-01-21 01:43:28	Name: IDE Value: AHWqTUlqAnab1MWC0gQTVcdWMgW7Sjk_dGjdUUVxMAL3Rl_DJpnMuM4NlN6XrMJe
.adnxs.com/	1970-01-20 18:31:28	Name: uuid2 Value: 831891363679055023
.casalemedia.com/	1970-01-21 01:07:28	Name: CMID Value: ZVvCUK7kgzlAQie3NGtuJAAA
.casalemedia.com/	1970-01-20 18:31:28	Name: CMPS Value: 5235
.casalemedia.com/	1970-01-20 18:31:28	Name: CMPRO Value: 5235
.adnxs.com/	1970-01-20 18:31:28	Name: anj Value: dTM7k!M41.D>6NRF']wIg2GU]tE6Ml!@wnfH8K6pQK`!5=E<L5?%K55de`oXMdZ<.A)-W5f/bo69bow??fifvh1KJ%nugO%v4VB%nnC90di!
.freeinvaders.org/	1970-01-21 01:43:28	Name: __gads Value: ID=f17ca2d6c350763e:T=1700512334:RT=1700512334:S=ALNI_MZAf1PecUphm8Fc1SOY8vzQoz1BHw
.freeinvaders.org/	1970-01-21 01:43:28	Name: __gpi Value: UID=00000cdf89c0216e:T=1700512334:RT=1700512334:S=ALNI_MYXoijF8LtlcqNiOqvGAcCWE6KQOw

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://turbo.freevideogames.org/includes/js/flash-emulator/core.ruffle.5e850f90e6e2fab0bb54.js Message: The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu
other	warning	URL: https://turbo.freevideogames.org/includes/js/flash-emulator/core.ruffle.5e850f90e6e2fab0bb54.js Message: The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
cm.g.doubleclick.net
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
freeinvaders.org
googleads.g.doubleclick.net
ib.adnxs.com
pagead2.googlesyndication.com
pixel.quantserve.com
plausible.io
rules.quantcount.com
s0.2mdn.net
secure.quantserve.com
tag.researchnow.com
tpc.googlesyndication.com
turbo.freevideogames.org
www.google.com
www.googletagservices.com
www.gstatic.com
142.250.185.66
142.250.186.38
143.204.215.105
169.150.247.37
172.217.18.3
172.64.151.101
18.66.147.91
2400:52e0:1e00::1082:1
2600:9000:223c:c00:6:44e3:f8c0:93a1
2620:116:800d:21:e365:4988:e8a7:3270
2a00:1450:4001:801::2004
2a00:1450:4001:806::2002
2a00:1450:4001:808::2001
2a00:1450:4001:808::2002
2a00:1450:4001:813::2003
2a00:1450:4001:827::2002
2a00:1450:4001:827::200a
2a00:1450:4001:828::2006
37.252.171.149
62.212.95.32
021f0fd27042b279a49e982215c6dc3c3ab84e95b35553a119dfdbd50af6be94
0825718379f6291527eecb7e537b77731565ef22a7d765ccab6b5f3b84f1aefe
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e
0d02fa8af36993e180e467f2170738c4f6f4daae8d3aa6b793db0e80fb71c24b
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
1a9cb7e4e6b3622fb41a158d4b05d21744c8ddf3cb63e34ba53d352879867530
1c3cffef6d2de3a2a6563cd1507dda400a80ac4e12559f7d8d9ac3efd454ddb9
1e1b355077a5c47650a4155d9c2e6f27cba6eec6c0da6f968ab6d1f73a246c6a
1fb8b060d7990d2753821dec588ee908183914bf5ea3a5d75f79bc0f4273f28e
25b1b4e9934aa4cb8e8bdf5fd7911f6ec67acde6b6b39f1561aec2244f7826af
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2881d8eadc298102d2462e8d32e40792adce37b6cd89d99045f574eb3ecbb748
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
379d8ccba85a4bcb915732fc38f0ebad3dffee33bd491ca3ccd596e2b409fa96
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
441e23601fe7525a142857c98cbb2784997579d51a17f736d7964dceee609709
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b862d058ccd28c2d10b6696f6bceb8682ddace5d9f129681bc3e355fb4c77db
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4ebd2847b4a8130f4955fbbcb921a9b97981dc6f574bf2d64e6626f5061f3e39
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57b026f050c06b692a8ace1022d5fcba16e334909ee8505479463e6845e63dfd
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61fe41cde1b6df00f34e5a9795741e926e8861b8e80d396ff799d48bacda5300
623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016
649c094eb6461a9878a8b3829feab05b79ed377cb1b013d78821f73137bb1032
666b884f4fb206c53ff09d031aa01ceaa7f93aa9771829f805a52141c7231946
6e437f29404be18f3b897841069656b93d962cb0f8834a2127a0d7d6c34e8801
70aaea7036c0d39c74857c634efddb40a053986fb164448d1408ace800e5db56
77daa4388c965a3e23b5a6c800727d8025ab108f89cf5679e79136986d5b4561
7e7aef2060d698f0a2901b57ab78d2cd6c40d14c43c27a74944b564a10e7b915
826a7756a221800c8fd01a0020f6d30fa55094508824e5ae2655607da9ac11c8
8bf29153d5726d30829d9015e2809584d27357271d06eec6d7d6f50b30b1630a
8f11d0c3495824f12218ddabf0f7465d2b8a71a30acdae8194d57b349a314025
8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9edb8a16c38ee2bbd3dbdbdfef2db96af6ea95fba3669c5ca6e5740ef0efdaf2
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a2e0a32677080d6ca33ca1507c1a778c6bf10603789dd38c7c6ff3e411c1ed65
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b624443a8c0313b2262f10b462a238da1f113576f583d32a51086d7b6c1a0e78
b8a8fc20889cb16f01ba57c6f6e95b21dd73823ca2a6b960541cd9ca414d4481
b8eb8a4b05307e44f4c0dd10e2f2d380dcd36ebf59dbe9e320ae3a9a67b6d0f8
b903f832b2054164689752163d413cda0f587dec913bf3af7b79310e75c6c5bb
b9fcd8385754d1e77f9056225393eeff588c13ebb1d029512be01ab2691f79db
bb1b26d0f69989cd4e4be36debf168dbba3235fe46d2bbac58530cd2f46f676c
c2fc3fe125afa1fa4d8ed8c6945a5f479d4e76fd20a019611760b88a85b0d954
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
c9d43500bfd6c2dc07b9fbabae4979d8f07eb3de97b0ef6facf72b2931987baa
cb3e4e7620280612e296993311f7ca65618a6a05ad9e28c56192cfc3d5e0e18e
cc9aa9da44fbbf17e1bdb8c2ed1944c5aed0dfe922e8128145cdd97fe416c794
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5c7f71548bd918ef86f55f44cc4f6c5a8aa67e26934f525c41975b8391194a2
e6736490fb123228d794753afcb29a63ceeb824a40c11218f1465ef08b897e39
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f7bed3cfc538630a135869b12023a6f52035ce9cabc53e7c11c4f5214db4c24b
fa1af1cbf201b91b7b02cc4531ded17078f035ca5daec87e9767ca7edb4b3328

freeinvaders.org Open in urlscan Pro 62.212.95.32 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

102 Requests

92 %HTTPS

55 %IPv6

15 Domains

20 Subdomains

21 IPs

3 Countries

2315 kBTransfer

6941 kBSize

10 Cookies

21 Outgoing links

Page URL History

Redirected requests

102 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

freeinvaders.org Open in urlscan Pro
62.212.95.32 Public Scan

Screenshot
Live screenshot

Full Image

102
Requests

92 %
HTTPS

55 %
IPv6

15
Domains

20
Subdomains

21
IPs

3
Countries

2315 kB
Transfer

6941 kB
Size

10
Cookies

102 HTTP transactions
3 data transactions