urlscan.io logo urlscan.io
SecurityTrails logo

guess-the-lol.com Open in urlscan Pro
2606:4700:3036::ac43:97db  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://guess-the-lol.com/
Effective URL: https://guess-the-lol.com/
Submission: On December 05 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 16 IPs in 4 countries across 12 domains to perform 58 HTTP transactions. The main IP is 2606:4700:3036::ac43:97db, located in United States and belongs to CLOUDFLARENET, US. The main domain is guess-the-lol.com.
TLS certificate: Issued by E1 on October 19th 2023. Valid for: 3 months.
This is the only time guess-the-lol.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    2606:4700:3034::6815:112 (United States)

ASN13335 (CLOUDFLARENET, US)
guess-the-lol.com
16    2606:4700:3036::ac43:97db (United States)

ASN13335 (CLOUDFLARENET, US)
guess-the-lol.com
1    2606:4700::6810:3965 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
10    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
6    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:1450:4001:802::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    54.194.25.213 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-25-213.eu-west-1.compute.amazonaws.com
vitals.vercel-insights.com
8    2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
1    2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
2    2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
4    2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
fonts.gstatic.com
1    2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
2    142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net
www.googleadservices.com
Apex Domain
Subdomains		 Transfer
18 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 102
tpc.googlesyndication.com — Cisco Umbrella Rank: 148
454 KB
17 guess-the-lol.com
guess-the-lol.com
442 KB
7 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
stats.g.doubleclick.net — Cisco Umbrella Rank: 75
56 KB
4 gstatic.com
www.gstatic.com
fonts.gstatic.com
58 KB
4 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 2693
www.google.com — Cisco Umbrella Rank: 2
2 KB
2 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 138
2 vercel-insights.com
vitals.vercel-insights.com — Cisco Umbrella Rank: 10240
331 B
1 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 206
64 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
2 KB
1 google.de
www.google.de — Cisco Umbrella Rank: 6765
408 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 36
85 KB
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 864
7 KB
58 12
Domain Requested by
17 guess-the-lol.com 1 redirects guess-the-lol.com
static.cloudflareinsights.com
10 pagead2.googlesyndication.com guess-the-lol.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
www.googletagservices.com
8 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
6 googleads.g.doubleclick.net 1 redirects pagead2.googlesyndication.com
googleads.g.doubleclick.net
3 www.gstatic.com googleads.g.doubleclick.net
2 www.googleadservices.com
2 www.google.com 1 redirects tpc.googlesyndication.com
2 region1.analytics.google.com www.googletagmanager.com
2 vitals.vercel-insights.com guess-the-lol.com
1 fonts.gstatic.com fonts.googleapis.com
1 www.googletagservices.com googleads.g.doubleclick.net
1 fonts.googleapis.com googleads.g.doubleclick.net
1 www.google.de
1 stats.g.doubleclick.net www.googletagmanager.com
1 www.googletagmanager.com guess-the-lol.com
1 static.cloudflareinsights.com guess-the-lol.com
58 16

This site contains links to these domains. Also see Links.

Domain
twitter.com
Subject Issuer Validity Valid
guess-the-lol.com
E1		 2023-10-19 -
2024-01-17		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-04-10 -
2024-04-09		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
vercel-insights.com
Amazon RSA 2048 M03		 2023-08-23 -
2024-09-19		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
www.google.de
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh

This page contains 8 frames:

Primary Page: https://guess-the-lol.com/
Frame ID: 92B3E292BE489B8E77B5911B812D33C2
Requests: 34 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231130/r20190131/zrt_lookup_fy2021.html
Frame ID: 1301E9B0EACCB4BA533AC5EDE9C22831
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6852861924771081&output=html&adk=1812271804&adf=3025194257&lmt=1701735965&plaf=2%3A2%2C7%3A2&plat=3%3A128%2C4%3A128%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=140x945_l%7C140x945_r&format=0x0&url=https%3A%2F%2Fguess-the-lol.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701735965405&bpp=4&bdt=302&idt=272&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8399292638739&frm=20&pv=2&ga_vid=438226957.1701735966&ga_sid=1701735966&ga_hid=2121998892&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079438%2C31079865%2C44798934%2C44807763%2C44808149%2C44808284%2C44809072&oid=2&pvsid=2255436732255209&tmod=485430283&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=294
Frame ID: 87EF60A538B263A870607A93E69D53B0
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 39C6CF8B8E068E8943180261EFC8EBC7
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D95EA981CB1E5D8EDB00F0C02183C22C
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 014577D2F0170403CC77B008411C730B
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: D3F18BCC998E93CFCB88D5DAAA918D78
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js
Frame ID: 5296D0CC7157843D249E121724946D66
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Guess the LoL - League of Legends Guessing Game

Page URL History Show full URLs

  1. http://guess-the-lol.com/ HTTP 301
    https://guess-the-lol.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

58
Requests

95 %
HTTPS

88 %
IPv6

12
Domains

16
Subdomains

16
IPs

4
Countries

1168 kB
Transfer

3084 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://guess-the-lol.com/ HTTP 301
    https://guess-the-lol.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 52
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 54
  • https://googleads.g.doubleclick.net/pagead/adview?ai=Cx5foHW5uZceQLta89u8P3LCCOL3c9aN0zIeKldsR2dkeEAEg046rHmCVgoCAlAegAYW1ovsDyAEBqQIktNLdRC2yPqgDAcgDywSqBMoBT9DGdSEGBR2rA0VUEFmUtBOkvHHPd61E1beKpRRoYiobvvOx0PgChVU6CZATdlA6fd_ZZQQpAT41ZHngJrp5u5maWArGn1uez6Xpn-GEbYQy5QUgK0C2b5IY9qOQMvA-x5yF_nsHZicdevM2U_9dudI74H3XZLfVJ_-gVq-w7OoFPv-3q2ejQxy1Otp3CpgaLPwuLXInoQ-V1nFq4j8ciwDabM1au-7SRrlysljvrGhT0ygWrgX0-MgFPTEm8V1YS7OSjUEGl4eFPMAE9aiKo8QEiAWGxMy0TZIFBAgEGAGSBQQIBRgEgAfjyt0EqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwQQlNAr0ggfCIDhgBAQARgfMgKqAjoCgEBIvf3BOljQ-fW9hPeCA5oJKWh0dHBzOi8vd3d3LmpvYm1peGVyLmRlL2RlL2pvYnMvd3R3ZXZhcDAxgAoByAsBogwcKhoKGOS0sQLutbECtbixAqy6sQLktLEC7rWxAtgTCtAVAZgWAYAXAbIXHAoaCAASFHB1Yi02ODUyODYxOTI0NzcxMDgxGAA&sigh=Mf3Ez7dfTlQ&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTgDICaaNzlP--JvvIiB87C7FpdZzboYMpc0Ak3a1jGBMvumsQvaFZmdZoWctyFOiqdRJv8Y-7fpsXUcqmmXtlENh4XGPjq8qTAXDL_UmIBgB&template_id=5001&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2216513568036539960949%22,%22debug_reporting%22:true,%22destination%22:%22https://jobmixer.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221063819909%22],%224%22:[%2212-05%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%227100100793344577617%22}&andc=true

58 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
guess-the-lol.com/
Redirect Chain
  • http://guess-the-lol.com/
  • https://guess-the-lol.com/
76 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://guess-the-lol.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:97db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8dbf970418097b22c5dda0838208719df1cf2c99bcdb6bd9a064ddf779149fbc
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
age
647566
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=0, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
830827d57df40c15-AMS
content-disposition
inline
content-encoding
br
content-type
text/html; charset=utf-8
date
Tue, 05 Dec 2023 00:26:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U%2BKVmDJR7a0oSzBqvwTQXSf%2FwtVhlB3pEmjbyvV1To9sm%2B14ntTKcr3NgPQqHlYdQ48ob69FGMw4Yy%2FU%2FNfLFcywR7Pyv%2FTn86%2BnUVg0WVcNaU3qyRSOUX2OI6ndsny%2BV0UQWiMwwsxrS8xAHR4Icw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=63072000
x-matched-path
/en
x-vercel-cache
HIT
x-vercel-id
fra1::fxtxj-1701735965069-91d601012177

Redirect headers

CF-RAY
830827d489f62299-CDG
Cache-Control
max-age=3600
Connection
keep-alive
Date
Tue, 05 Dec 2023 00:26:04 GMT
Expires
Tue, 05 Dec 2023 01:26:04 GMT
Location
https://guess-the-lol.com/
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rFEKEYfXFdpwQK8YLjpuPOQw3KtPdLwaefW9cdWMDeB0yEkNtPzUkZL%2FICw7qDkb%2Fd5qAKkQgp1Ollp6%2Bkt%2BwKtVNK4QI8DpUggPm5BO7sKXLQnXY%2BaLq2BGOJCnR2cy%2BlzXz9OGNCn7Yfxb8g5Fvw%3D%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
alt-svc
h3=":443"; ma=86400
image
guess-the-lol.com/_next/ 		81 KB
82 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://guess-the-lol.com/_next/image?url=%2Fassets%2Fartworks%2Fhome-cover.webp&w=1920&q=75
Requested by
Host: guess-the-lol.com
URL: https://guess-the-lol.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:97db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c22339b67a33e531e410b992d8e67c39042550487e6b40d962582f1079448590
Security Headers
Name Value
Content-Security-Policy script-src 'none'; frame-src 'none'; sandbox;
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://guess-the-lol.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 00:26:05 GMT
content-security-policy
script-src 'none'; frame-src 'none'; sandbox;
strict-transport-security
max-age=63072000
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
912890
content-disposition
inline; filename="home-cover.webp"
alt-svc
h3=":443"; ma=86400
content-length
82948
last-modified
Fri, 24 Nov 2023 10:51:14 GMT
x-vercel-id
fra1::5bjv6-1701735965142-3dcaea570a50
server
cloudflare
x-matched-path
/assets/artworks/home-cover.webp
x-vercel-cache
HIT
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XOmCEwAJik7ahvxihKwUm%2BZoWjejOZ8vr5MoS9667oXCL3WjZ4ojeMUHlxNonzgQ0BTKEs01UfS5eVCmNPZ5a1EuD%2BrnyhSsDFaoH%2F6kSa20ZWYrLjrug1pUr1OpcSDGdtOUofR7Uu%2BqesHLOuq4Ow%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
accept-ranges
bytes
cf-ray
830827d61e1d0c15-AMS
truncated
/ 		42 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/gif
rocket-loader.min.js
guess-the-lol.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://guess-the-lol.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: guess-the-lol.com
URL: https://guess-the-lol.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:97db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://guess-the-lol.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 00:26:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 28 Nov 2023 16:06:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"65660ffd-302c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hAsqT7nKJcXLDTjiLHtnLd4If%2BhR%2FVveuVX2ec%2FbffxxPEqDTR5LqOggtp2a5OiSlbWAdS4PyBC8yBegxnUF833QIn%2BGCi%2Bv0yqnSdyNgVe2df8So9%2BL1Js3kqZoh2hozIL7XifJChdHM1pS%2FzNsQw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
830827d63e290c15-AMS
expires
Thu, 07 Dec 2023 00:26:05 GMT
Beaufort-Heavy.woff2
guess-the-lol.com/assets/fonts/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://guess-the-lol.com/assets/fonts/Beaufort-Heavy.woff2
Requested by
Host: guess-the-lol.com
URL: https://guess-the-lol.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:97db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b7178ce65d75937dda3cecf90ca9db8aab880d65c9657ecae9f6352341322421
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://guess-the-lol.com/
Origin
https://guess-the-lol.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 00:26:05 GMT
strict-transport-security
max-age=63072000
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-disposition
inline; filename="Beaufort-Heavy.woff2"
alt-svc
h3=":443"; ma=86400
content-length
14028
x-vercel-id
fra1::kntgq-1701735965192-18cfa7a79b0e
server
cloudflare
x-matched-path
/assets/fonts/Beaufort-Heavy.woff2
etag
"5e8d6bd1627b12da725fd1159f2833a3"
x-vercel-cache
HIT
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B8HOmA8T%2BI12K75K8KwsHLxnZssUtimYUV0KieMO57ZjvpEzVtUkyLZTSuPamxab5i7v6pmL48csLULKyP%2B8m2cTimYoZwVX6yiLFWGJtwpjLxEdv5hYW2ZXxmw1wDcIywyj%2Fe9gv306GF0avvlthg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
accept-ranges
bytes
cf-ray
830827d63e2a0c15-AMS
v84a3a4012de94ce1a686ba8c167c359c1696973893317
static.cloudflareinsights.com/beacon.min.js/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Requested by
Host: guess-the-lol.com
URL: https://guess-the-lol.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

Request headers

Referer
https://guess-the-lol.com/
Origin
https://guess-the-lol.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 00:26:05 GMT
content-encoding
gzip
last-modified
Tue, 10 Oct 2023 21:38:13 GMT
server
cloudflare
etag
W/"2023.10.0"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
830827d6e82165c4-FRA
_ssgManifest.js
guess-the-lol.com/_next/static/qPMi36UZp08KPl28a_XLC/ 		0
0
_buildManifest.js
guess-the-lol.com/_next/static/qPMi36UZp08KPl28a_XLC/ 		657 B
767 B 		Script
General
Check archive.org
Download Go to
Full URL
https://guess-the-lol.com/_next/static/qPMi36UZp08KPl28a_XLC/_buildManifest.js
Requested by
Host: guess-the-lol.com
URL: https://guess-the-lol.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:97db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
64654d3b23e3687d084a41682ea995ca80438cc54633ac598061e2b00c2d2938
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://guess-the-lol.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 00:26:05 GMT
strict-transport-security
max-age=63072000
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-disposition
inline; filename="_buildManifest.js"
alt-svc
h3=":443"; ma=86400
x-vercel-id
fra1::plm7f-1701735965241-9e395da990f8
server
cloudflare
x-matched-path
/_next/static/qPMi36UZp08KPl28a_XLC/_buildManifest.js
etag
W/"c11be2d101c390c4ca4457bb4aeaf8b3"
x-vercel-cache
HIT
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sQAwGcf3u817lQbW05U1XavL%2F4ghpRr85J1kFMsQ5wDkiQWIxGltkMlA1Ppnpjqp8seAUEmYwOsAbfFC4Dlnr9LKNGubJ89h%2Fw8%2B9s5kPnFzsWCkI0eFH19l6RJ3pEUTrzz1CffOk3zQ3pxGIepDdQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
cf-ray
830827d68e3d0c15-AMS
index-d5c9ec1e10a9c39e.js
guess-the-lol.com/_next/static/chunks/pages/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://guess-the-lol.com/_next/static/chunks/pages/index-d5c9ec1e10a9c39e.js
Requested by
Host: guess-the-lol.com
URL: https://guess-the-lol.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:97db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe609f710881dcff76e07dc9e48dc07fc0d82d4b900b9cbfb5fbbd0f2db841dc
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://guess-the-lol.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 00:26:05 GMT
strict-transport-security
max-age=63072000
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-disposition
inline; filename="index-d5c9ec1e10a9c39e.js"
alt-svc
h3=":443"; ma=86400
x-vercel-id
fra1::bqdx8-1701735965240-8be40c7e4a75
server
cloudflare
x-matched-path
/_next/static/chunks/pages/index-d5c9ec1e10a9c39e.js
etag
W/"88d0d28c1dcd85706f27011aedc83082"
x-vercel-cache
HIT
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iZc%2B2REAVPcgZH9XgQbkCYNZWdK%2B6MoH5d3oCJ0QUXsimyA6%2Bf%2Bhh%2FknwInj1j%2BVV27BW0ChxmaJbsHPTZ4xHV0cgdcOfPrX4uLQiHjfFLZT7CGgiRrCAH5f2%2BPGrAZ0gQkklOGspXH79qY6jsk7Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
cf-ray
830827d68e3e0c15-AMS
675-1a7be36f87fc5181.js
guess-the-lol.com/_next/static/chunks/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://guess-the-lol.com/_next/static/chunks/675-1a7be36f87fc5181.js
Requested by
Host: guess-the-lol.com
URL: https://guess-the-lol.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:97db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
80c5b86e3693007ffdf1b8ef7422bbe0cb4e936233e2a5ed4f90b34957f275a3
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://guess-the-lol.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 00:26:05 GMT
strict-transport-security
max-age=63072000
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-disposition
inline; filename="675-1a7be36f87fc5181.js"
alt-svc
h3=":443"; ma=86400
x-vercel-id
fra1::7vrm6-1701735965240-6ebaa3f94aa2
server
cloudflare
x-matched-path
/_next/static/chunks/675-1a7be36f87fc5181.js
etag
W/"598899758e4b78968c7d8e92ec5841b9"
x-vercel-cache
HIT
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oyOsBgtb90tZm%2FlzTi6yEtbcoUH%2FbyQppM3pTLIWSz0EyHk4jBxiveKtvtz0ZSX1Z2AnXoEtXYsKxMujUTYgRtBtgH0GL%2BX083Bqdg1DALgzzEX4Adzo2Gb9OSI6kppUE1Qzm%2BKfaevo%2F7r2Bhputg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
cf-ray
830827d68e3f0c15-AMS
_app-ef0e14e354be5507.js
guess-the-lol.com/_next/static/chunks/pages/ 		0
0
main-8929f0e94599f57d.js
guess-the-lol.com/_next/static/chunks/ 		106 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://guess-the-lol.com/_next/static/chunks/main-8929f0e94599f57d.js
Requested by
Host: guess-the-lol.com
URL: https://guess-the-lol.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:97db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
74808f0f9e4a606909c8b74805ed6be193598a29845ebeab20ec6485f779c6c3
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://guess-the-lol.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 00:26:05 GMT
strict-transport-security
max-age=63072000
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-disposition
inline; filename="main-8929f0e94599f57d.js"
alt-svc
h3=":443"; ma=86400
x-vercel-id
fra1::7vrm6-1701735965240-a0e6d5b76838
server
cloudflare
x-matched-path
/_next/static/chunks/main-8929f0e94599f57d.js
etag
W/"07e65287bbd251d88db249ac2cd520f4"
x-vercel-cache
HIT
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V1b9bLf4SKtizn6oWAhv%2BC0L7Vn8%2FCK7FRRJqDyi3Vl3kdS06hoo0%2BxYrX98xxtihBB2n2SrIHRJx2%2BvN0LtSdqb%2F6X%2BlrBATie4TcNtNLDrn86ROBI6ko9KB%2BdxdUm98weA4BoB4LmHe6VuLIGyuw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
cf-ray
830827d68e410c15-AMS
framework-9b5d6ec4444c80fa.js
guess-the-lol.com/_next/static/chunks/ 		138 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://guess-the-lol.com/_next/static/chunks/framework-9b5d6ec4444c80fa.js
Requested by
Host: guess-the-lol.com
URL: https://guess-the-lol.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:97db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1aee3a5f0c4b6735edff60d58f20a936ce11e5d4a36a5a76390aeda043ae4048
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://guess-the-lol.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 00:26:05 GMT
strict-transport-security
max-age=63072000
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-disposition
inline; filename="framework-9b5d6ec4444c80fa.js"
alt-svc
h3=":443"; ma=86400
x-vercel-id
fra1::vdtl2-1701735965238-528940c263fa
server
cloudflare
x-matched-path
/_next/static/chunks/framework-9b5d6ec4444c80fa.js
etag
W/"4f45f9a036208ef5b00302eaa0de99d4"
x-vercel-cache
HIT
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NeUSoK4k%2FYAei6%2BYo6K2B0Yc%2FdpbPTvTu3nVgvcny9ARCa7EbRjWbHL0tE9R85ZnlFnIvcTZimxSWQgV6QmRUDX2XnoWKoHoAMfuFbvmDN6eGUgNofCOGo8vZu3OeoDJfKT1XtaVpNUzAWMzEv6nkA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
cf-ray
830827d68e420c15-AMS
webpack-f208784e4862ca8c.js
guess-the-lol.com/_next/static/chunks/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://guess-the-lol.com/_next/static/chunks/webpack-f208784e4862ca8c.js
Requested by
Host: guess-the-lol.com
URL: https://guess-the-lol.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:97db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fafaf92d0fe4be09cbc24a7c3de87849cbe2309781463473ff4817e3cd321da0
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://guess-the-lol.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 00:26:05 GMT
strict-transport-security
max-age=63072000
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-disposition
inline; filename="webpack-f208784e4862ca8c.js"
alt-svc
h3=":443"; ma=86400
x-vercel-id
fra1::rx926-1701735965238-ba3c8feef000
server
cloudflare
x-matched-path
/_next/static/chunks/webpack-f208784e4862ca8c.js
etag
W/"fa998c1775bf123b344863e2d7cd5951"
x-vercel-cache
HIT
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iGbhbCJ70olcmQIwZ6cUOq9zyX25pX0onSpBxmtTh5gEtk6I2u3D78Ks4fpZPqqRFmnzyAdK5YeVHPTWWvdoieIfnOb3%2FZyJsYO4d8R4ugFrxYUyJasUnYd%2F1PyOO2zHgdFK2TS%2FGErGtV71JETRHg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
cf-ray
830827d68e430c15-AMS
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		147 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6852861924771081
Requested by
Host: guess-the-lol.com
URL: https://guess-the-lol.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2c8edc5331ca808471372dc089fd24ffd28522bc7cd1f7f8e7029f0631872807
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://guess-the-lol.com/
Origin
https://guess-the-lol.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 00:26:05 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51766
x-xss-protection
0
server
cafe
etag
696121155182739566
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 05 Dec 2023 00:26:05 GMT
_app-ef0e14e354be5507.js
guess-the-lol.com/_next/static/chunks/pages/ 		538 KB
171 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://guess-the-lol.com/_next/static/chunks/pages/_app-ef0e14e354be5507.js
Requested by
Host: guess-the-lol.com
URL: https://guess-the-lol.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:97db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
88f239f64ba102b1d706be41713c586ad29b61671d580283ef8ff0434ce9aafc
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://guess-the-lol.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 00:26:05 GMT
strict-transport-security
max-age=63072000
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
642623
content-disposition
inline; filename="_app-ef0e14e354be5507.js"
alt-svc
h3=":443"; ma=86400
x-vercel-id
fra1::zbkqb-1701093342293-a5e208494043
server
cloudflare
x-matched-path
/_next/static/chunks/pages/_app-ef0e14e354be5507.js
etag
W/"96bcbd6cf7b42dc51f49ed7c278e9dd6"
x-vercel-cache
HIT
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vPyGuCY5DjwQpaRCoQI2RiIFMzTlez%2FpoXNXlzBo6bRTyY78ChraS6iUZj44mpQ78rmY1Gg%2Ffe2IR5kNtLClHyxnbhJ5mi3WlwV4CDG7MElJEncIEO%2FhNx6Iw3nMw5TFCBRRi8KV2xNS1ARoNycPew%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
cf-ray
830827d78ab73602-FRA
priority
u=3,i=?0
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311300101/ 		398 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311300101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6852861924771081&plah=guess-the-lol.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6852861924771081
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d1293e81b86fd5a7798f487282be634803e4e8bafb1dd5daa85270fc9b1e07c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://guess-the-lol.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 00:26:05 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137574
x-xss-protection
0
server
cafe
etag
8434380688035930934
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 05 Dec 2023 00:26:05 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231130/r20190131/ Frame 1301 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231130/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6852861924771081
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9f6e245ec73203f99ecb888db309a2bdaf91f8696c1cebaa94e477a953fab30a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://guess-the-lol.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
80525
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4121
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 04 Dec 2023 02:04:00 GMT
etag
12051592065903069241
expires
Mon, 18 Dec 2023 02:04:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 87EF 		157 KB
47 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6852861924771081&output=html&adk=1812271804&adf=3025194257&lmt=1701735965&plaf=2%3A2%2C7%3A2&plat=3%3A128%2C4%3A128%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=140x945_l%7C140x945_r&format=0x0&url=https%3A%2F%2Fguess-the-lol.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701735965405&bpp=4&bdt=302&idt=272&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8399292638739&frm=20&pv=2&ga_vid=438226957.1701735966&ga_sid=1701735966&ga_hid=2121998892&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079438%2C31079865%2C44798934%2C44807763%2C44808149%2C44808284%2C44809072&oid=2&pvsid=2255436732255209&tmod=485430283&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=294
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311300101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6852861924771081&plah=guess-the-lol.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2c6873e5e52204c3696df90463e7addf3315b5d4522002c3f33287c420caf84a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://guess-the-lol.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
47788
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 05 Dec 2023 00:26:06 GMT
expires
Tue, 05 Dec 2023 00:26:06 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
js
www.googletagmanager.com/gtag/ 		245 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-LX55K3JLRQ
Requested by
Host: guess-the-lol.com
URL: https://guess-the-lol.com/_next/static/chunks/main-8929f0e94599f57d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f2e462a749912099521793b5cb77fb170459c1dc586d045981386369428fa7e5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://guess-the-lol.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 00:26:05 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
86238
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 05 Dec 2023 00:26:05 GMT
script.js
guess-the-lol.com/va/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://guess-the-lol.com/va/script.js
Requested by
Host: guess-the-lol.com
URL: https://guess-the-lol.com/_next/static/chunks/pages/_app-ef0e14e354be5507.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:97db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6dda910a194774dd2cdde20e20b0519c9116e6712bdf02c05838fe5bc92d128
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://guess-the-lol.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 00:26:05 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
br
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
content-disposition
inline; filename="script.js"
alt-svc
h3=":443"; ma=86400
x-vercel-id
fra1:fra1:fra1::fmrbx-1698952252072-a8c28c0c0a5d
server
cloudflare
etag
W/"a574ea47f86676c5c2fdc001cf40806e"
x-vercel-cache
HIT
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lXGvVpTLq9GENxZImEaE2MIrOs4X4bs3ZEuSPXYB%2B6hwx6SO4tNP7FL%2Fmc3RD7LcbSSwxftts1A6V%2BshHzgunEL1DCsd%2Fd5kgqv7SC7A5HnQUc21tOIo%2B8gacQBtH8EHkBq%2BHSg9B6Dj1dV2BmCKHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=14400
cf-ray
830827da6c963602-FRA
priority
u=3,i=?0
vitals
vitals.vercel-insights.com/v1/ 		2 B
165 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://vitals.vercel-insights.com/v1/vitals
Requested by
Host: guess-the-lol.com
URL: https://guess-the-lol.com/_next/static/chunks/main-8929f0e94599f57d.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.25.213 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-25-213.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer
https://guess-the-lol.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 05 Dec 2023 00:26:05 GMT
x-ratelimit-reset
60
x-ratelimit-limit
1000
cross-origin-resource-policy
cross-origin
content-length
2
x-ratelimit-remaining
999
content-type
text/plain; charset=utf-8
_ssgManifest.js
guess-the-lol.com/_next/static/qPMi36UZp08KPl28a_XLC/ 		135 B
752 B 		Script
General
Check archive.org
Download Go to
Full URL
https://guess-the-lol.com/_next/static/qPMi36UZp08KPl28a_XLC/_ssgManifest.js
Requested by
Host: guess-the-lol.com
URL: https://guess-the-lol.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:97db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5ffd9d9bd87847d0c463a92af5ef70ed17c653ab49c697210851b5f5d0041ee0
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://guess-the-lol.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 00:26:05 GMT
strict-transport-security
max-age=63072000
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
120577
content-disposition
inline; filename="_ssgManifest.js"
alt-svc
h3=":443"; ma=86400
x-vercel-id
fra1::s68fr-1701615388437-48debc5264c2
server
cloudflare
x-matched-path
/_next/static/qPMi36UZp08KPl28a_XLC/_ssgManifest.js
etag
W/"e5de111699ebf52cbf6296417ee6e4ae"
x-vercel-cache
HIT
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QLsec2w05ji1n76foIDP0R7nJI6oeW7fmwyc4ZZN4cN0TriEv1vXTaArlYGUNaB2pl63LiwkC8L2NjvMArBK90FVA%2B8jGiW9qQeSCnktYN%2FVGZLY0Ox64XBspSheUMx%2F6L%2BavXEbfgaUADJl1GHKrQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
cf-ray
830827da9cb23602-FRA
priority
u=3,i=?0
image
guess-the-lol.com/_next/ 		62 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://guess-the-lol.com/_next/image?url=%2Fassets%2Fartworks%2Fabilities-square.webp&w=1920&q=75
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:97db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f3193ccd1168d2638f675a56e441109f593f58a983de2b90f798c1ca687aeb7
Security Headers
Name Value
Content-Security-Policy script-src 'none'; frame-src 'none'; sandbox;
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://guess-the-lol.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 00:26:05 GMT
content-security-policy
script-src 'none'; frame-src 'none'; sandbox;
strict-transport-security
max-age=63072000
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1215373
content-disposition
inline; filename="abilities-square.webp"
alt-svc
h3=":443"; ma=86400
content-length
63904
last-modified
Mon, 20 Nov 2023 22:49:52 GMT
x-vercel-id
fra1::qrhv7-1701735965889-c1cc2d4408fa
server
cloudflare
x-matched-path
/assets/artworks/abilities-square.webp
x-vercel-cache
HIT
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c1ragRToVG8Xydcd2MwG8NYrDKNhQcKGH01j5rPZWbYP08LLzOuke7gA6dFwo%2BwQX%2F5RXHRVIU17q4eCGoxBJDwcdxcdeNFJvuFEa71UgBJe5QzDKx%2BKiqa8cjQGi6pACb7PDXHZ00eSPXkjvu8Rtg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
accept-ranges
bytes
cf-ray
830827daacd43602-FRA
priority
u=3,i
view
guess-the-lol.com/va/ 		2 B
607 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://guess-the-lol.com/va/view
Requested by
Host: guess-the-lol.com
URL: https://guess-the-lol.com/va/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:97db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://guess-the-lol.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 05 Dec 2023 00:26:06 GMT
strict-transport-security
max-age=63072000
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
2
x-vercel-id
fra1::hndsd-1701735965911-330db8d02729
server
cloudflare
x-ratelimit-remaining
999
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mTDu6XIuUXxWTyon5ZtVkK1Q%2BSLW%2BZreTKR5gCOd6Kq5%2F0m0fFNxrWj4s%2FQg%2FeqZCPt9BOMx9LTys0V%2BRtUYfs4tIizXmmAgVQczA%2BjOUdmbSocPyPJqPoOVn7p31eP9v9LCTbgD2aBe8sfwor21Yw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=utf-8
cache-control
public, max-age=0, must-revalidate
x-ratelimit-reset
60
x-ratelimit-limit
1000
cf-ray
830827dadcfa3602-FRA
priority
u=1,i
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231130&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311300101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6852861924771081&plah=guess-the-lol.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
530e1f436f635790034f4bc4d7a20dfd87c3c263d1300114bc3614a819f3446e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://guess-the-lol.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 00:26:05 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12347
x-xss-protection
0
rum
guess-the-lol.com/cdn-cgi/ 		0
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://guess-the-lol.com/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:97db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://guess-the-lol.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
application/json

Response headers

date
Tue, 05 Dec 2023 00:26:05 GMT
x-content-type-options
nosniff
server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://guess-the-lol.com
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
830827dadd013602-FRA
vitals
vitals.vercel-insights.com/v1/ 		2 B
166 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://vitals.vercel-insights.com/v1/vitals
Requested by
Host: guess-the-lol.com
URL: https://guess-the-lol.com/_next/static/chunks/main-8929f0e94599f57d.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.25.213 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-25-213.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer
https://guess-the-lol.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 05 Dec 2023 00:26:05 GMT
x-ratelimit-reset
60
x-ratelimit-limit
1000
cross-origin-resource-policy
cross-origin
content-length
2
x-ratelimit-remaining
999
content-type
text/plain; charset=utf-8
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311300101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6852861924771081&plah=guess-the-lol.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://guess-the-lol.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 00:26:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 05 Dec 2023 00:26:06 GMT
collect
region1.analytics.google.com/g/ 		0
255 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-LX55K3JLRQ&gtm=45je3bt0v892380023&_p=1701735965797&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=438226957.1701735966&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&dp=%2F&sid=1701735966&sct=1&seg=0&dl=https%3A%2F%2Fguess-the-lol.com%2F&dt=Guess%20the%20LoL%20-%20League%20of%20Legends%20Guessing%20Game&en=page_view&_fv=1&_ss=1&_ee=1&tfd=1330
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LX55K3JLRQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://guess-the-lol.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 00:26:06 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://guess-the-lol.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
255 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-LX55K3JLRQ&cid=438226957.1701735966&gtm=45je3bt0v892380023&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LX55K3JLRQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://guess-the-lol.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 00:26:06 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://guess-the-lol.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-LX55K3JLRQ&cid=438226957.1701735966&gtm=45je3bt0v892380023&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=881822709
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://guess-the-lol.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 00:26:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 39C6 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://guess-the-lol.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
8737
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 04 Dec 2023 22:00:29 GMT
expires
Tue, 03 Dec 2024 22:00:29 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame D95E 		829 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
108693150f8e7363f515893dd04d5a5377b6263fb49668f4cdf52b62a7611e82
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-fXnfqNkKx4LmQ7BP6eZIWQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://guess-the-lol.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-fXnfqNkKx4LmQ7BP6eZIWQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 05 Dec 2023 00:26:06 GMT
expires
Tue, 05 Dec 2023 00:26:06 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 39C6 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 21:09:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
11774
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 03 Dec 2024 21:09:52 GMT
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311300101/ 		160 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311300101/reactive_library_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311300101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6852861924771081&plah=guess-the-lol.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f56c992220809803659fac17b031df76868dc17731007bd737347e63a3b09fc9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://guess-the-lol.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 00:26:06 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
55944
x-xss-protection
0
server
cafe
etag
11986719648617664176
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Tue, 05 Dec 2023 00:26:06 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame D95E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231130&jk=2255436732255209&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 39C6 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?_sHXQw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 00:26:06 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311300101/ 		398 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311300101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6852861924771081&plah=guess-the-lol.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6852861924771081
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cfbc34baf938dcaedb18f51ea89fc6ce414ca73fc87fcfa74bab5c6ae19b11cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://guess-the-lol.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 00:26:06 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137568
x-xss-protection
0
server
cafe
etag
15569560436112474724
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 05 Dec 2023 00:26:06 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/ Frame 0145 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/zrt_lookup_fy2021.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311300101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6852861924771081&plah=guess-the-lol.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9f6e245ec73203f99ecb888db309a2bdaf91f8696c1cebaa94e477a953fab30a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://guess-the-lol.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
4493
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4121
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 04 Dec 2023 23:11:13 GMT
etag
12051592065903069241
expires
Mon, 18 Dec 2023 23:11:13 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
b1fdc9f83bbec90a172a8086cc6d7abe.js
www.gstatic.com/mysidia/ Frame 0145 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/b1fdc9f83bbec90a172a8086cc6d7abe.js?tag=client_fast_engine_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bbde0fd637840b04806e70ee7610047e1cfe5568854929dc58c310a861d93ca6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 22:37:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
179300
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4047
x-xss-protection
0
last-modified
Wed, 29 Nov 2023 19:10:57 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Fri, 01 Mar 2024 22:37:46 GMT
280465d6b51993ac6d052e033b440ef2.js
www.gstatic.com/mysidia/ Frame 0145 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/280465d6b51993ac6d052e033b440ef2.js?tag=text/vanilla_highlight_ms
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d3e4cdbb12defe352221c7446f538206d487f314187f7883e6f261d9246ab3af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 00:39:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
431204
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4756
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:39:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 28 Feb 2024 00:39:22 GMT
css
fonts.googleapis.com/ Frame 0145 		14 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 05 Dec 2023 00:26:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 04 Dec 2023 23:53:48 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 05 Dec 2023 00:26:06 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231130/r20110914/client/ Frame 0145 		2 KB
822 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231130/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 19:01:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
19500
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 18 Dec 2023 19:01:06 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231130/r20110914/ Frame 0145 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231130/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
50a7b1c8d19c1d74836d2aaaaaf1fb2bde2a42708f6d4bb4c9168d7609503fbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 18:59:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
19597
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9313
x-xss-protection
0
server
cafe
etag
8709779397046830652
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 18 Dec 2023 18:59:29 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231130/r20110914/client/ Frame 0145 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231130/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 22:00:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
8739
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 18 Dec 2023 22:00:27 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231130/r20110914/client/ Frame 0145 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231130/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
240ed2cf95df9fa682cc2a820a6681e8faa474dcd678ffbe844351ccbda9bb6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 19:01:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
19470
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8549
x-xss-protection
0
server
cafe
etag
755982428571291914
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 18 Dec 2023 19:01:36 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 0145 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4dce4158779dce6da3ede11337029f817a03f45c9559b1f91d8a7c5ac130f38c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 00:26:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65147
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1701694399686299"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 05 Dec 2023 00:26:06 GMT
7a8419aef3683f04c437bd15cecf843d.js
www.gstatic.com/mysidia/ Frame 0145 		37 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/7a8419aef3683f04c437bd15cecf843d.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
949b3cde1a46caf4f55bb496f58a44af641a4b9fed64f95057bb5eeff142170b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 22:31:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
179672
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15452
x-xss-protection
0
last-modified
Wed, 29 Nov 2023 19:10:57 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Fri, 01 Mar 2024 22:31:34 GMT
14763004658117789537
tpc.googlesyndication.com/simgad/307931015633001042/ Frame 0145 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/307931015633001042/14763004658117789537?w=100&h=100&tw=1&q=75
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
101c4befcc8b1647e087efc0f8f1028fba45fff0bb004defae89c30b8c3f2a8d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 03:23:56 GMT
x-content-type-options
nosniff
age
334930
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1602
x-xss-protection
0
last-modified
Wed, 14 Sep 2022 08:45:54 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 30 Nov 2024 03:23:56 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame D3F1 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
3273
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 04 Dec 2023 23:31:33 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 0145 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef27b43d69c1f162a74edd776d0a0241355bdb3b8a707b03b1b54dc16e0736a1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/png
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 0145 		33 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 22:45:01 GMT
x-content-type-options
nosniff
age
6066
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34108
x-xss-protection
0
last-modified
Tue, 23 May 2023 16:35:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 03 Dec 2024 22:45:01 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame D3F1
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 05 Dec 2023 00:26:07 GMT
expires
Tue, 05 Dec 2023 00:26:07 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 05 Dec 2023 00:26:07 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231130&jk=2255436732255209&bg=!enmleTbNAAY3kmNgF5I7ADQBe5WfOHQ3hSisG2_-pbqAEHeE4OrdvhBVrHM2AoF4iIqh3xt1bp4IZYdpBsicP1goTGRgAgAAAJlSAAAABmgBB5kCwBZmc9rpbz6N3A6nXCAXYKQr9T7QnvPvBR5OdErPKM9ppJ3xj0Az3l2aEbNWy4r6TIfKO5eZhJZVYRtkinnzeuTy3ubQcdSPzy5BFWJ3lw-jVRUN0kpVF_VjgX-80_y58Hi-qdZQTuHdYzt6TQzv1zFrFvsSfn6y3dk29mtQTlCBxz-7mmELdrYp0Msq_p0jj6QSpC5fhFBhqwxtW0n6u4eA5orTxq6Ahv2TZNdMDOL0JSlfPPqPogMX5InR5tjkUOIAxP4fmjm0s6_ufwB0_Fqcd9ffxKQAKgwtZFM9s4hOzl0yCjWz5F_Pr8PZSUJDCZE_EKwQXXLqNmtVXUI7uzVnZflPfMvsxPlRTOua2FW3IGtlZc-b7OgKdEVrYhpWW1GHRoiBQER55smWk2CimHBx-J3RRGT7q1LIn4SA1nPhP4ovT-7mBJGo8KqZN6q2120YahFubAHWzDmxv5JoSeyA-I_-GbNWD4l9qvSib7ft3am7PfJpPbwtWXl3KATJ8X1nwgyyPjlCk4yubqoBsh_YUPr9fd13x6C_QQsnN5YccySf8iD6fOdZdw-cjE6q_zeh8S-85pebUqHmZF-XuW9R14Lesjgzawi5rYOtX6XsBcXuqQP324A1mXat8kBZyMnFlEisx89d-38AMfCCpXteElaVYc47FeqjvlqKikSEPu_Btgo1yTO9EeHRb7eGSwldpw-Six_7uqk8v0vcgT7bwoCP0YJstkCIdTml5uIDsk3PomC4KKju9iUGDurr5H70yjUVS1mal5zBHYpZRBV71U_L4pFHjv_PGAvt7rWFEjeKaf1OTND9VuJCxp6oE4pOCZ0I2OO73NSQaBXGZ_oIKd-hjrdyRdJCdo9lmZVXgx68h5AITv2bUJ2RGiC6IHu3h5cRA9peE1kZEUHTVmHd099gUUJE_nLDUKSeY7z2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://guess-the-lol.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers
/
www.googleadservices.com/pagead/ar-adview/ Frame 0145
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=Cx5foHW5uZceQLta89u8P3LCCOL3c9aN0zIeKldsR2dkeEAEg046rHmCVgoCAlAegAYW1ovsDyAEBqQIktNLdRC2yPqgDAcgDywSqBMoBT9DGdSEGBR2rA0VUEFmUtBOkvHHPd61E1beKpRR...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2216513568036539960949%22,%22debug_reporting%22:true,%22destination%22:%22https://jobmixer.de%22,%22event_report_window%22:%...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2216513568036539960949%22,%22debug_reporting%22:true,%22destination%22:%22https://jobmixer.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221063819909%22],%224%22:[%2212-05%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%227100100793344577617%22}&andc=true
Protocol
H3
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 00:26:10 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"debug_key":"16513568036539960949","debug_reporting":true,"destination":"https://jobmixer.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1063819909"],"4":["12-05"],"6":["true"]},"priority":"500","source_event_id":"7100100793344577617"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 05 Dec 2023 00:26:10 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 05 Dec 2023 00:26:09 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"16513568036539960949","debug_reporting":true,"destination":"https://jobmixer.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1063819909"],"4":["12-05"],"6":["true"]},"priority":"500","source_event_id":"7100100793344577617"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js
pagead2.googlesyndication.com/bg/ Frame 5296 		51 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1151ef049d22f85e76d0cd7c6e431c60811fcb5935937e899d98af508328baab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 13:35:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
39038
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19864
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 03 Dec 2024 13:35:31 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2216513568036539960949%22,%22debug_reporting%22:true,%22destination%22:%22https://jobmixer.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221063819909%22],%224%22:[%2212-05%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%227100100793344577617%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Tue, 05 Dec 2023 00:26:10 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 0145 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsveuB7e_GaZYnIVl8hr7cG_1XfxIwQwNRTDQ2eQc4ktajwPhjduePZLj6g-rkGurMoYh4JnIM991-VRWUyl9oQA-dIfqo_q_9IWUy4ewiQjY_-MBtuP3Cs_PAMXOx07eyit_59eLPJNn97A&sai=AMfl-YT4oHgJtaXX4-eaEqFtjGz0NueHBS1fTQPrqAOKvzbchgCd2A9tAtS-PCSwQRMj2AOdG8QYGRsKRLNya76WKAb4JHRpCgz7TPxt6ctY4Ofi21ltIUEoi1YXStEXSo91aGBkMQd9luU4hcn-QINSTaqAmzn8rGzTDWk&sig=Cg0ArKJSzK6Kr7uDA4vuEAE&cid=CAQSTgDICaaNzlP--JvvIiB87C7FpdZzboYMpc0Ak3a1jGBMvumsQvaFZmdZoWctyFOiqdRJv8Y-7fpsXUcqmmXtlENh4XGPjq8qTAXDL_UmIBgB&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231204&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1701735966616&rpt=3148&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 00:26:10 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-LX55K3JLRQ&gtm=45je3bt0v892380023&_p=1701735965797&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=438226957.1701735966&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&dp=%2F&sid=1701735966&sct=1&seg=0&dl=https%3A%2F%2Fguess-the-lol.com%2F&dt=Guess%20the%20LoL%20-%20League%20of%20Legends%20Guessing%20Game&_s=2&tfd=6360
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LX55K3JLRQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://guess-the-lol.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 05 Dec 2023 00:26:11 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://guess-the-lol.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
guess-the-lol.com
URL
https://guess-the-lol.com/_next/static/qPMi36UZp08KPl28a_XLC/_ssgManifest.js
Domain
guess-the-lol.com
URL
https://guess-the-lol.com/_next/static/chunks/pages/_app-ef0e14e354be5507.js

Verdicts & Comments Add Verdict or Comment

54 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| documentPictureInPicture object| __cfQR object| __cfBeacon boolean| __cfRLUnblockHandlers object| webpackChunk_N_E object| regeneratorRuntime function| __next_require__ object| next object| __NEXT_DATA__ function| __SSG_MANIFEST_CB object| __NEXT_P object| _N_E object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle function| google_process_slots object| google_ama_state function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint undefined| __MIDDLEWARE_MANIFEST number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages function| gtag object| dataLayer function| va object| __BUILD_MANIFEST boolean| vai object| __SSG_MANIFEST object| GoogleGcLKhOms object| google_tag_manager function| onYouTubeIframeAPIReady object| google_llp object| google_sa_queue function| google_sa_impl object| googletag object| google_image_requests

7 Cookies

Domain/Path Name / Value
.guess-the-lol.com/ Name: _ga
Value: GA1.1.438226957.1701735966
.guess-the-lol.com/ Name: _ga_LX55K3JLRQ
Value: GS1.1.1701735966.1.0.1701735966.60.0.0
.guess-the-lol.com/ Name: __gads
Value: ID=56f0a5a387c47c85:T=1701735965:RT=1701735965:S=ALNI_MYyT6hUEQ9b2sjumj_y5nviV0Ps6Q
.guess-the-lol.com/ Name: __gpi
Value: UID=00000d0aeeaf0ff2:T=1701735965:RT=1701735965:S=ALNI_MaOJlo5PgP-wyx4bUfcrFgHnwX4Dw
.doubleclick.net/ Name: DSID
Value: NO_DATA
.doubleclick.net/ Name: IDE
Value: AHWqTUkLpU_El5_WPSAyt-PDjxBH94spWjlsC52n-WIquWkBIHk91bI2On5qU0yiCx8
.googleadservices.com/ Name: ar_debug
Value: 1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
guess-the-lol.com
pagead2.googlesyndication.com
region1.analytics.google.com
static.cloudflareinsights.com
stats.g.doubleclick.net
tpc.googlesyndication.com
vitals.vercel-insights.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
guess-the-lol.com
142.250.184.194
2001:4860:4802:34::36
2606:4700:3034::6815:112
2606:4700:3036::ac43:97db
2606:4700::6810:3965
2a00:1450:4001:802::2008
2a00:1450:4001:808::2002
2a00:1450:4001:808::2003
2a00:1450:4001:812::2003
2a00:1450:4001:828::200a
2a00:1450:4001:82b::2004
2a00:1450:4001:82f::2001
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2002
2a00:1450:400c:c00::9c
54.194.25.213
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
101c4befcc8b1647e087efc0f8f1028fba45fff0bb004defae89c30b8c3f2a8d
108693150f8e7363f515893dd04d5a5377b6263fb49668f4cdf52b62a7611e82
1151ef049d22f85e76d0cd7c6e431c60811fcb5935937e899d98af508328baab
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1aee3a5f0c4b6735edff60d58f20a936ce11e5d4a36a5a76390aeda043ae4048
240ed2cf95df9fa682cc2a820a6681e8faa474dcd678ffbe844351ccbda9bb6e
2c6873e5e52204c3696df90463e7addf3315b5d4522002c3f33287c420caf84a
2c8edc5331ca808471372dc089fd24ffd28522bc7cd1f7f8e7029f0631872807
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
4dce4158779dce6da3ede11337029f817a03f45c9559b1f91d8a7c5ac130f38c
4f3193ccd1168d2638f675a56e441109f593f58a983de2b90f798c1ca687aeb7
50a7b1c8d19c1d74836d2aaaaaf1fb2bde2a42708f6d4bb4c9168d7609503fbc
530e1f436f635790034f4bc4d7a20dfd87c3c263d1300114bc3614a819f3446e
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5ffd9d9bd87847d0c463a92af5ef70ed17c653ab49c697210851b5f5d0041ee0
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
64654d3b23e3687d084a41682ea995ca80438cc54633ac598061e2b00c2d2938
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
74808f0f9e4a606909c8b74805ed6be193598a29845ebeab20ec6485f779c6c3
80c5b86e3693007ffdf1b8ef7422bbe0cb4e936233e2a5ed4f90b34957f275a3
88f239f64ba102b1d706be41713c586ad29b61671d580283ef8ff0434ce9aafc
8dbf970418097b22c5dda0838208719df1cf2c99bcdb6bd9a064ddf779149fbc
949b3cde1a46caf4f55bb496f58a44af641a4b9fed64f95057bb5eeff142170b
9f6e245ec73203f99ecb888db309a2bdaf91f8696c1cebaa94e477a953fab30a
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
b7178ce65d75937dda3cecf90ca9db8aab880d65c9657ecae9f6352341322421
bbde0fd637840b04806e70ee7610047e1cfe5568854929dc58c310a861d93ca6
c22339b67a33e531e410b992d8e67c39042550487e6b40d962582f1079448590
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cfbc34baf938dcaedb18f51ea89fc6ce414ca73fc87fcfa74bab5c6ae19b11cb
d1293e81b86fd5a7798f487282be634803e4e8bafb1dd5daa85270fc9b1e07c3
d3e4cdbb12defe352221c7446f538206d487f314187f7883e6f261d9246ab3af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6dda910a194774dd2cdde20e20b0519c9116e6712bdf02c05838fe5bc92d128
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef27b43d69c1f162a74edd776d0a0241355bdb3b8a707b03b1b54dc16e0736a1
f2e462a749912099521793b5cb77fb170459c1dc586d045981386369428fa7e5
f56c992220809803659fac17b031df76868dc17731007bd737347e63a3b09fc9
fafaf92d0fe4be09cbc24a7c3de87849cbe2309781463473ff4817e3cd321da0
fe609f710881dcff76e07dc9e48dc07fc0d82d4b900b9cbfb5fbbd0f2db841dc