www.ttt4.com Open in urlscan Pro
2606:4700:20::681a:fb3 Public Scan

URL:
https://www.ttt4.com/
Submission: On February 23 via api (February 23rd 2021, 2:43:13 pm UTC) from US

Summary HTTP 103 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 20 IPs in 2 countries across 15 domains to perform 103 HTTP transactions. The main IP is 2606:4700:20::681a:fb3, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.ttt4.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on October 25th 2020. Valid for: a year.

This is the only time www.ttt4.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
44	2606:4700:20:... 2606:4700:20::681a:fb3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:801::2008	15169 (GOOGLE) (GOOGLE)
2	151.139.242.3 151.139.242.3	33438 (HIGHWINDS2) (HIGHWINDS2)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
2	192.207.255.147 192.207.255.147	62821 (AS-MNX) (AS-MNX)
3	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
1	184.31.84.150 184.31.84.150	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
21	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
2 2	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
103	20

44 2606:4700:20::681a:fb3 (United States)

ASN13335 (CLOUDFLARENET, US)

www.ttt4.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.ttt4.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.139.242.3 (United States)

ASN33438 (HIGHWINDS2, US)

cdn.ad4game.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.207.255.147 (United States)

ASN62821 (AS-MNX, US)
PTR: haproxy2.ad4game.com

ads.ad4game.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.31.84.150 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a184-31-84-150.deploy.static.akamaitechnologies.com

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f11c:8183:face:b00c:0:25de (United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

e3617ebdde843a35541cfc0b060d855b.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
44	ttt4.com www.ttt4.com cdn.ttt4.com	452 KB
25	googlesyndication.com pagead2.googlesyndication.com e3617ebdde843a35541cfc0b060d855b.safeframe.googlesyndication.com tpc.googlesyndication.com	275 KB
7	doubleclick.net securepubads.g.doubleclick.net googleads.g.doubleclick.net	134 KB
5	ampproject.org cdn.ampproject.org	99 KB
4	google.com 2 redirects adservice.google.com www.google.com	1 KB
4	facebook.com www.facebook.com	137 KB
4	ad4game.com cdn.ad4game.com ads.ad4game.com	103 KB
3	googletagservices.com www.googletagservices.com	80 KB
2	google-analytics.com www.google-analytics.com	19 KB
2	facebook.net connect.facebook.net	60 KB
1	gstatic.com fonts.gstatic.com	9 KB
1	googleapis.com fonts.googleapis.com	740 B
1	google.de adservice.google.de	803 B
1	casalemedia.com htlb.casalemedia.com	369 B
1	googletagmanager.com www.googletagmanager.com	38 KB
103	15

	Domain	Requested by
41	cdn.ttt4.com	www.ttt4.com
16	tpc.googlesyndication.com	securepubads.g.doubleclick.net www.ttt4.com e3617ebdde843a35541cfc0b060d855b.safeframe.googlesyndication.com tpc.googlesyndication.com
7	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
5	cdn.ampproject.org	securepubads.g.doubleclick.net
4	www.facebook.com	connect.facebook.net www.facebook.com
4	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net www.ttt4.com
3	www.google.com	2 redirects e3617ebdde843a35541cfc0b060d855b.safeframe.googlesyndication.com
3	googleads.g.doubleclick.net	e3617ebdde843a35541cfc0b060d855b.safeframe.googlesyndication.com www.ttt4.com
3	www.googletagservices.com	ads.ad4game.com securepubads.g.doubleclick.net e3617ebdde843a35541cfc0b060d855b.safeframe.googlesyndication.com
3	www.ttt4.com	www.ttt4.com
2	e3617ebdde843a35541cfc0b060d855b.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	ads.ad4game.com	cdn.ad4game.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	connect.facebook.net	www.ttt4.com connect.facebook.net
2	cdn.ad4game.com	www.ttt4.com cdn.ad4game.com
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	tpc.googlesyndication.com
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	htlb.casalemedia.com	cdn.ad4game.com
1	www.googletagmanager.com	www.ttt4.com
103	21

This site contains links to these domains. Also see Links.

Domain
www.facebook.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-10-25` - `2021-10-24`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.ad4game.com Go Daddy Secure Certificate Authority - G2	`2019-11-17` - `2022-01-16`	2 years	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-02-10` - `2021-05-10`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2020-03-02` - `2021-04-01`	a year	crt.sh
*.google.de GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.googleusercontent.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
misc-sni.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
www.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh

This page contains 7 frames:

Primary Page: https://www.ttt4.com/
Frame ID: CE11D3A58701086BD946E6FDEE44F018
Requests: 67 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df44c36f9e3e904%26domain%3Dwww.ttt4.com%26origin%3Dhttps%253A%252F%252Fwww.ttt4.com%252Ff2716fa8a806b9%26relation%3Dparent.parent&container_width=600&href=https%3A%2F%2Fwww.facebook.com%2Fpages%2F%25D8%25A7%25D9%2584%25D8%25B9%25D8%25A7%25D8%25A8-%25D9%2585%25D8%25A7%25D9%2587%25D8%25B1%2F150424148383278&layout=button_count&locale=en_US&sdk=joey&send=false&show_faces=false&width=100
Frame ID: 2AD8E137B0AF46D25C94184213ABC63F
Requests: 4 HTTP requests in this frame

Frame: https://e3617ebdde843a35541cfc0b060d855b.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: 5A66B35FCE53C7EF6CC8843FE3518D32
Requests: 8 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/032101070013000/amp4ads-v0.mjs
Frame ID: E4B710F06298F0A73BF8CD5ADC51F7C7
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2522908643960029184/index.html
Frame ID: 1FF61D647E75C9E7F8F1B6AE922FA371
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 28E5EEC0FC27F607454BB2F10269CE6C
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: 8AFC0F31DEC9B1963E91CDDB08D40D15
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /\/prebid\.js/i

Page Statistics

103
Requests

100 %
HTTPS

80 %
IPv6

15
Domains

21
Subdomains

20
IPs

2
Countries

1408 kB
Transfer

2997 kB
Size

4
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/ttt4games/
Title: تابعونا على فيس بوك

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 87

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 93

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

103 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.ttt4.com/ 28 KB
5 KB 85ms
60ms Document
text/html 2606:4700:20::681a:fb3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ttt4.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:fb3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.4.11

Resource Hash

189f1ba8660bd1bef48b94f8fb448042e2fc9250a7a9be4c89d2702e56a3d044

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.ttt4.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 14:42:52 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d73d5e73b6f676380d3315bf0206fb8841614091372; expires=Thu, 25-Mar-21 14:42:52 GMT; path=/; domain=.ttt4.com; HttpOnly; SameSite=Lax
vary: Accept-Encoding
x-powered-by: PHP/7.4.11
expires: Tue, 23 Feb 2021 15:25:29 GMT
pragma: public
cache-control: max-age=2557, public, must-revalidate
last-modified: Tue, 23 Feb 2021 14:25:29 GMT
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
cf-request-id: 0870f0dfaa0000074676976000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=KbDy6IekrDUg%2BZT8yVHzcV29b3OCNX4nB0I3kO%2BxArzFfgooHr1rfLL97UqCVSACWUwbeRdFKyMX%2FWQ3%2BFTyo%2F3oTciaS%2BXe4P1FJY6W141U77BVMjACtxU%3D"}],"max_age":604800,"group":"cf-nel"}
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
cf-ray: 6261b745da0c0746-FRA
content-encoding: br

GET
H2 200 style-orginal.css
www.ttt4.com/ 13 KB
3 KB 23ms
22ms Stylesheet
text/css 2606:4700:20::681a:fb3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ttt4.com/style-orginal.css?v=2.4
Requested by: Host: www.ttt4.com
URL: https://www.ttt4.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:fb3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3ff36a95569320af0b7f1c4b21ee5324cdabb55b85acf629ec7dfd5ba2972f3e

Request headers

Referer: https://www.ttt4.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 14:42:52 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 253185
cf-request-id: 0870f0dfee0000074686170000000001
last-modified: Sat, 20 Feb 2021 16:21:12 GMT
server: cloudflare
etag: W/"603136f8-3526"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=KN0mTfWdaKFjisGMUWWOBt7isyvSd24JM4gqB48rUXZRPlDoLOQOKF6r8bzYESo%2BbMPLBqSJBtrgf%2BM0azRTUOMl%2FRCOdJS7nMdntAlgXgY06glSYEL4udk%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: text/css
cache-control: max-age=2592000
cf-ray: 6261b7464b0c0746-FRA
expires: Mon, 22 Mar 2021 16:23:07 GMT

GET
H2 200 js.js Show response
www.ttt4.com/js/ 19 KB
6 KB 20ms
17ms Script
application/javascript 2606:4700:20::681a:fb3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ttt4.com/js/js.js?v=2.8
Requested by: Host: www.ttt4.com
URL: https://www.ttt4.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:fb3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 49b8e5171e1ecf3fc308900a6225713f0fe36d16a40e683faaad1c85f3c673fb

Request headers

Referer: https://www.ttt4.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 14:42:52 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 334512
cf-request-id: 0870f0dff200000746581a1000000001
last-modified: Sun, 10 Jan 2021 08:58:05 GMT
server: cloudflare
etag: W/"5ffac19d-4bd6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=uhJeFgR97AW22QVFVFhPJGV2xPxsNNbsOEYatO2v%2BpqpOJwA6f0Uy1bcWVIZWS83jM6%2FWi1prCnu84XpJEkYL%2FhrFGXqd2%2FPs1OlaMrlff2c8v4vBDgcq%2FI%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000
cf-ray: 6261b7464b220746-FRA
expires: Sun, 21 Mar 2021 17:47:40 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 98 KB
38 KB 27ms
26ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-245504-3

Requested by

Host: www.ttt4.com
URL: https://www.ttt4.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d794a7e3a152f335f88b572a5ff5dbf6b7560b7ba223c4ffe050ce8d58de4354

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.ttt4.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 14:42:52 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39234
x-xss-protection: 0
last-modified: Tue, 23 Feb 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 23 Feb 2021 14:42:52 GMT

GET
H2 200 logo-2.gif
cdn.ttt4.com/maher/images/ 11 KB
12 KB 22ms
17ms Image
image/gif 2606:4700:20::681a:fb3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ttt4.com/maher/images/logo-2.gif
Requested by: Host: www.ttt4.com
URL: https://www.ttt4.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:fb3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e9e374eeedee4a6e820c88ebf463c8df3d41e0713201b0c3a679b8be1e7d479

Request headers

Referer: https://www.ttt4.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 14:42:52 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 334526
content-length: 11601
cf-request-id: 0870f0e01100000746663ab000000001
last-modified: Tue, 15 Apr 2014 11:27:15 GMT
server: cloudflare
etag: "534d1793-2d51"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=90UH4OKdMz6jGhpXA94WUHXaPz7tBaIEi5%2Fmhhd9LgoOnLcDPXHZV1%2BL4PY6ecNDTwECeOHyYpPreXLFJcbBJC2%2FyGS1ldVCbajgtCxFUE%2B2NNk7TPJkP7k%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6261b7467b830746-FRA
expires: Sun, 21 Mar 2021 17:47:26 GMT

GET
H2 200 clear.gif
cdn.ttt4.com/maher/images/ 43 B
483 B 21ms
16ms Image
image/gif 2606:4700:20::681a:fb3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ttt4.com/maher/images/clear.gif
Requested by: Host: www.ttt4.com
URL: https://www.ttt4.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:fb3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Request headers

Referer: https://www.ttt4.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 14:42:52 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 334526
content-length: 43
cf-request-id: 0870f0e011000007467f36c000000001
last-modified: Thu, 28 Apr 2011 04:30:25 GMT
server: cloudflare
etag: "4db8ed61-2b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=p6ZArkcnfL8tWtwfcyX3qlO3JRqn7eVzxPaXdHakwZDe%2FIMxucd%2BkKyrG177gE7LS4B3fUeSH8M0PVNl1mkZRYKjcWQ9JjXZ6uqiVUfVs3R9LRm5kVu%2FIp8%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6261b7467b800746-FRA
expires: Sun, 21 Mar 2021 17:47:26 GMT

GET
H2 200 lazyload.js Show response
cdn.ttt4.com/maher/js/ 5 KB
2 KB 25ms
15ms Script
application/javascript 2606:4700:20::681a:fb3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ttt4.com/maher/js/lazyload.js
Requested by: Host: www.ttt4.com
URL: https://www.ttt4.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:fb3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed37b417602c624034bbc47eeabf39101595b6b7f7b6d043b12d76ca96e5e93e

Request headers

Referer: https://www.ttt4.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 14:42:52 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 334526
cf-request-id: 0870f0e01000000746a935b000000001
last-modified: Thu, 26 Sep 2019 20:25:02 GMT
server: cloudflare
etag: W/"5d8d1e9e-15d1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=QHocBiPEN5BcEVY9%2FRTy2ySqiKUY%2F4v4%2Fc5zkvfkqq%2Fx2LA67vsV4m6K68r7Yvz0hIBtsaHFxjPSZ9Fgup7Rsf2CpBJX8%2FLLXtnWwPrUXRjJuptQzZI49RA%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000
cf-ray: 6261b7467b7d0746-FRA
expires: Sun, 21 Mar 2021 17:47:26 GMT

GET
H2 200 page_st6.gif
cdn.ttt4.com/maher/images/ 24 KB
24 KB 18ms
16ms Image
image/gif 2606:4700:20::681a:fb3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ttt4.com/maher/images/page_st6.gif
Requested by: Host: www.ttt4.com
URL: https://www.ttt4.com/style-orginal.css?v=2.4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:fb3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7609dfadb65296fbcca457ff5c6bba851b43943307f2834ccc9f31be4479c224

Request headers

Referer: https://www.ttt4.com/style-orginal.css?v=2.4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 14:42:52 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 334510
content-length: 24309
cf-request-id: 0870f0e0120000074641398000000001
last-modified: Fri, 11 Apr 2014 10:44:07 GMT
server: cloudflare
etag: "5347c777-5ef5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=eZShF2LdFdAws463vN%2B78JLRedYPKcphZ7DzWLE6J2Xbh8PPHaAfZ%2FBamgSzT%2BeOu%2BXB2xlbKTjfObWGMEgOzdtkMuKai0Tv6H0hbBVBjewyxzzHYpCW1oQ%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6261b7467b890746-FRA
expires: Sun, 21 Mar 2021 17:47:42 GMT

GET
H2 200 page_st5.gif
cdn.ttt4.com/maher/images/ 4 KB
5 KB 14ms
13ms Image
image/gif 2606:4700:20::681a:fb3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ttt4.com/maher/images/page_st5.gif
Requested by: Host: www.ttt4.com
URL: https://www.ttt4.com/style-orginal.css?v=2.4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:fb3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3885bebadfd29d3a6912a014ea7a3e2c391c1b42b79cb5d35d9e8820e8286eb8

Request headers

Referer: https://www.ttt4.com/style-orginal.css?v=2.4
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 14:42:52 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 456357
content-length: 4340
cf-request-id: 0870f0e012000007468e002000000001
last-modified: Tue, 29 Nov 2011 23:49:28 GMT
server: cloudflare
etag: "4ed56f88-10f4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=MNNsktFFQRCPPw2hqMza33GA%2BjOygVOcjNHeZIjJN8W8o3VZu1Y%2FfoSx5fi6i76URKLJ7wb2G9a79d2dYPkWsg3mA1xohx9vx9Kd9uFn7EB8%2BEDJ2d7BSyA%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6261b7467b870746-FRA
expires: Sat, 20 Mar 2021 07:56:55 GMT

GET
H2 200 async-ajs.min.js Show response
cdn.ad4game.com/ 3 KB
2 KB 63ms
15ms Script
application/javascript 151.139.242.3
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ad4game.com/async-ajs.min.js
Requested by: Host: www.ttt4.com
URL: https://www.ttt4.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.242.3 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx /
Resource Hash: dc9f7cdaabb3201fd2ead8c0cfd974710305362d0ea77c96069cb189796d6238

Request headers

Referer: https://www.ttt4.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-servername: ads.ad4game.com\ 80\ 81
date: Tue, 23 Feb 2021 14:42:52 GMT
content-encoding: gzip
referrer-policy: no-referrer
last-modified: Tue, 09 Feb 2021 13:40:37 GMT
server: nginx
x-serveraddr: 10.100.0.151
etag: W/"602290d5-ca8"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
x-host: ads.ad4game.com
accept-ranges: bytes
content-length: 1451

GET
DATA 200
OK truncated
/ 109 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6dea962ded6b7bb1803e1d10fe3bde8e9b71ad87606e7b4388dfe9d27cea640e

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 all.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js

Requested by

Host: www.ttt4.com
URL: https://www.ttt4.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

fc061da13dcea60089bfd2a9ed45106fb54a1817a8562e6270343366e0327699

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.ttt4.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: zryLTwFFiOYRfilpAEFZsQ==
cross-origin-resource-policy: cross-origin
expires: Tue, 23 Feb 2021 14:47:42 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1781
x-fb-rlafr: 0
x-fb-debug: 44ys6/fWJ1lxJJheXQUvY34Eu3V7NZZY4Q/U7cxa8iYfDEGJk8QESHHw1JPEEXFUZ+lvZTFfoPPUeVTrxN/Avg==
x-fb-trip-id: 686109401
x-fb-content-md5: f14e4295a1bcba895f715f26060cb05b
date: Tue, 23 Feb 2021 14:42:52 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "e9253897323e8249f12faaa9872a5a83"
timing-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 all.js Show response
connect.facebook.net/en_US/ 191 KB
58 KB 25ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js?hash=53d13b8caaa82b6299968198799d0903&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e8bac59fdfccebb6510422d5598de565aefe6bd1cdf2bc05f3e704e61e2cf9fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://www.ttt4.com
Referer: https://www.ttt4.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: Zm0CGVxI8ZewLNw0xMb03w==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 58517
x-fb-rlafr: 0
x-fb-debug: T05/5TZQnxn7Umhj2DQApXxV9pE0o/pDhuHCGzvpComoRdTgvgDQXK5JCsFMlvCyTdIyW+6rkNik1x1E2zsb7w==
x-fb-trip-id: 686109401
x-fb-content-md5: 17899ab80abcc7a5cb51aaee8acd507f
x-frame-options: DENY
date: Tue, 23 Feb 2021 14:42:52 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "a4e0e7b811f5bf0257bce480a3e9989c"
timing-allow-origin: *
expires: Wed, 23 Feb 2022 13:44:24 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
19 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-245504-3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ttt4.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 2416
date: Tue, 23 Feb 2021 14:02:36 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18980
expires: Tue, 23 Feb 2021 16:02:36 GMT

GET
H2 200 prebid.js Show response
cdn.ad4game.com/ 258 KB
97 KB 20ms
20ms Script
application/javascript 151.139.242.3
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ad4game.com/prebid.js
Requested by: Host: cdn.ad4game.com
URL: https://cdn.ad4game.com/async-ajs.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.242.3 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx /
Resource Hash: 8cd1cc7558309ce0839d31c56f33d5274b8b53e2472ec3deda3be24fcd3fe40c

Request headers

Referer: https://www.ttt4.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-servername: ads.ad4game.com\ 80\ 81
date: Tue, 23 Feb 2021 14:42:52 GMT
content-encoding: gzip
referrer-policy: no-referrer
last-modified: Thu, 11 Feb 2021 04:29:39 GMT
server: nginx
x-serveraddr: 10.100.0.151
etag: W/"6024b2b3-408c3"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
x-host: ads.ad4game.com
accept-ranges: bytes
content-length: 98968

GET
H/1.1 200
OK async-ajs.php Show response
ads.ad4game.com/www/delivery/ 6 KB
2 KB 440ms
118ms Script
text/javascript 192.207.255.147
AS-MNX

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.ad4game.com/www/delivery/async-ajs.php?v=1&cb=a4g8664926&h=0&siteurl=https%3A%2F%2Fwww.ttt4.com%2F&c=UTF-8&z=63010,41771&b=3&x=3
Requested by: Host: cdn.ad4game.com
URL: https://cdn.ad4game.com/async-ajs.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.207.255.147 , United States, ASN62821 (AS-MNX, US),
Reverse DNS: haproxy2.ad4game.com
Software: nginx /
Resource Hash: a0b12e6711153a5e2ad45bb982943eedc21d39395da6cc972e8b68987ccbec75

Request headers

Referer: https://www.ttt4.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-servername: ads.ad4game.com\ 80\ 81
Pragma: no-cache
Date: Tue, 23 Feb 2021 14:42:53 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
P3P: CP="CUR ADM OUR NOR STA NID"
X-serveraddr: 10.100.0.151
Cache-Control: no-cache, no-store, must-revalidate
X-host: ads.ad4game.com
Connection: close
Content-Type: text/javascript; charset=UTF-8
Expires: 0

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 1 B
63 B 13ms
13ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j88&a=1468248694&t=pageview&_s=1&dl=https%3A%2F%2Fwww.ttt4.com%2F&ul=en-us&de=UTF-8&dt=%D8%A7%D9%84%D8%B9%D8%A7%D8%A8%20%D9%85%D8%A7%D9%87%D8%B1%20Maher%20Games&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUABAAAAAC~&jid=1865178250&gjid=2091361927&cid=523490765.1614091373&tid=UA-245504-3&_gid=1942572732.1614091373&_r=1&gtm=2ou2a1&z=326686586

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ttt4.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 23 Feb 2021 14:42:52 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.ttt4.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cyber-cars-punk-racing.jpg
cdn.ttt4.com/maher/images/thumbnail/ 10 KB
11 KB 23ms
23ms Image
image/jpeg 2606:4700:20::681a:fb3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ttt4.com/maher/images/thumbnail/cyber-cars-punk-racing.jpg
Requested by: Host: www.ttt4.com
URL: https://www.ttt4.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:fb3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9a71ff2d6a12cd63eada38c3473972227cababd2cac1abcb4afb672fb8d46342

Request headers

Referer: https://www.ttt4.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 14:42:52 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 738024
cf-bgj: h2pri
content-length: 10741
cf-request-id: 0870f0e19e000007467f389000000001
last-modified: Mon, 15 Feb 2021 00:27:02 GMT
server: cloudflare
etag: "6029bfd6-29f5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=5Yn2b82QpbujsiCe7dvPJDw3ArctWXvLYTSZnMJ25KLUsZr8FyA8KQyPBvPeLETApzGOzKFwEm4Y3ZHln6Ixjv5ReMieaS7r96fAV7v784X4YgU2kAiHtks%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6261b748f8340746-FRA
expires: Wed, 17 Mar 2021 01:42:28 GMT

GET
H2 200 temple-run-2.jpg
cdn.ttt4.com/maher/images/thumbnail/ 8 KB
9 KB 10ms
10ms Image
image/jpeg 2606:4700:20::681a:fb3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ttt4.com/maher/images/thumbnail/temple-run-2.jpg
Requested by: Host: www.ttt4.com
URL: https://www.ttt4.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:fb3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 61ff312f213ee4e5a553417b0e376863eec8eb9bd62eefb5d6818ae5ba49ccef

Request headers

Referer: https://www.ttt4.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 14:42:52 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 823154
cf-bgj: h2pri
content-length: 8417
cf-request-id: 0870f0e19e000007463d28d000000001
last-modified: Sun, 14 Feb 2021 01:47:49 GMT
server: cloudflare
etag: "60288145-20e1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=lxcfdAGRN7FOZ2iU2aGKVtQRnb9vnBk6ByygT4VK3ftkThA8Jr0N9mN93tOAc0xjvH2TnbMwEjmV15P%2FVI8LMHRCILQpXyRlLHpIp3%2BfctAHWaLf1c572EY%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6261b748f8370746-FRA
expires: Tue, 16 Mar 2021 02:03:38 GMT

GET
H2 200 adam-and-eve-go.jpg
cdn.ttt4.com/maher/images/thumbnail/ 10 KB
10 KB 13ms
10ms Image
image/jpeg 2606:4700:20::681a:fb3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ttt4.com/maher/images/thumbnail/adam-and-eve-go.jpg
Requested by: Host: www.ttt4.com
URL: https://www.ttt4.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:fb3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 616472ecf104659e2788bd543077eb5f2f4294480302cfbd47b9eef27d76750a

Request headers

Referer: https://www.ttt4.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 14:42:52 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1102912
cf-bgj: h2pri
content-length: 10291
cf-request-id: 0870f0e1a1000007465ea0f000000001
last-modified: Tue, 09 Feb 2021 16:42:05 GMT
server: cloudflare
etag: "6022bb5d-2833"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=K4xzvaqTWuV30MzKkWzIQrPg0qm0yJiFe30k4N0lBeTdSPFiLmIXD0A0MidyYp2Otj7j45AUIL65aByXcu0d3aaBOwSZT%2B7DdSPsBH2Zl1mUW1DtPGAfJ14%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6261b749083b0746-FRA
expires: Fri, 12 Mar 2021 20:21:00 GMT

GET
H2 200 adam-and-eve-8.jpg
cdn.ttt4.com/maher/images/thumbnail/ 7 KB
7 KB 17ms
14ms Image
image/jpeg 2606:4700:20::681a:fb3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ttt4.com/maher/images/thumbnail/adam-and-eve-8.jpg
Requested by: Host: www.ttt4.com
URL: https://www.ttt4.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:fb3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c99d39b81d55c6657045677a7ea31d1786ab4dbddc1a4ce32acbacd4aed6234

Request headers

Referer: https://www.ttt4.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 14:42:52 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1104286
cf-bgj: h2pri
content-length: 6772
cf-request-id: 0870f0e1a200000746909bb000000001
last-modified: Tue, 09 Feb 2021 14:46:15 GMT
server: cloudflare
etag: "6022a037-1a74"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=uSzRiavEBHZ6Kqd%2Bc%2FI%2B4xNKbx0qR81%2F6Q65dmx63Z1NkPdkNmHPOIHQi19Zt5YkdNRhh3PbMPyCIxNnDGwnYBXF%2FPe6E1r5f8DSodExVxNdLP2qIxxKIGI%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6261b74908410746-FRA
expires: Fri, 12 Mar 2021 19:58:06 GMT

GET
H2 200 funny-rescue-zookeeper.jpg
cdn.ttt4.com/maher/images/thumbnail/ 12 KB
13 KB 16ms
13ms Image
image/jpeg 2606:4700:20::681a:fb3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ttt4.com/maher/images/thumbnail/funny-rescue-zookeeper.jpg
Requested by: Host: www.ttt4.com
URL: https://www.ttt4.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:fb3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 020c2557de3ec69a07664513c219fced0ec626f0b6033f1b26593539658659ba

Request headers

Referer: https://www.ttt4.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 14:42:52 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1123168
cf-bgj: h2pri
content-length: 12542
cf-request-id: 0870f0e1a20000074662019000000001
last-modified: Wed, 10 Feb 2021 14:26:21 GMT
server: cloudflare
etag: "6023ed0d-30fe"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=BWOT2f2hzwYdiyKSabEkH%2Fm5DjuDeMUyjZRWi65rITWmyIuIQfoUSdLAgXEg%2FXUQSHqcLsxKjDeTquzSUtalk1RcNl6KeZYuMct2a3bg%2FzgyA1rUplE55QU%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6261b74908440746-FRA
expires: Fri, 12 Mar 2021 14:43:24 GMT

GET
H2 200 red-ball-6.jpg
cdn.ttt4.com/maher/images/thumbnail/ 11 KB
11 KB 15ms
12ms Image
image/jpeg 2606:4700:20::681a:fb3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ttt4.com/maher/images/thumbnail/red-ball-6.jpg
Requested by: Host: www.ttt4.com
URL: https://www.ttt4.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:fb3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5956c56a1babeffee7857dcde43858cc94760eaf73cd9182f79b5479b90255d5

Request headers

Referer: https://www.ttt4.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 14:42:52 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1124986
cf-bgj: h2pri
content-length: 10917
cf-request-id: 0870f0e1a3000007465fa15000000001
last-modified: Wed, 10 Feb 2021 13:50:46 GMT
server: cloudflare
etag: "6023e4b6-2aa5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ab9Mc44VNcImOFkLjdAQuL7o5U8imiu%2BnZuyZH8rjHqH7jolsLzmIEP9oFdMaFN%2F%2F307j%2F9M4We6CbV65XY3tcMrllVCKWiocINHylpgZ0fbboXlPMX2Prk%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6261b74908480746-FRA
expires: Fri, 12 Mar 2021 14:13:06 GMT

GET
H2 200 zombie-derby.jpg
cdn.ttt4.com/maher/images/thumbnail/ 8 KB
8 KB 13ms
12ms Image
image/jpeg 2606:4700:20::681a:fb3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ttt4.com/maher/images/thumbnail/zombie-derby.jpg
Requested by: Host: www.ttt4.com
URL: https://www.ttt4.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:fb3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31c1db4cf32818d1898e8d29aef48936020fb06237582219e0e335dd3777931c

Request headers

Referer: https://www.ttt4.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 14:42:52 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1184784
cf-bgj: h2pri
content-length: 7802
cf-request-id: 0870f0e1aa000007468ab96000000001
last-modified: Tue, 09 Feb 2021 21:17:20 GMT
server: cloudflare
etag: "6022fbe0-1e7a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=E0dDIP0Q1e8Hzc5VkR9Hf83A4%2FL6RdttfchT7nGnkossNhalPwhtI7%2BzU3Fn3rX0kAzdpCkg%2FT1OkIp5Eaaxc4Cl5MLtdLPIOFmw1qnB%2BJphMa5LS28EgSk%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6261b74908640746-FRA
expires: Thu, 11 Mar 2021 21:36:28 GMT

GET
H2 200 be-king.jpg
cdn.ttt4.com/maher/images/thumbnail/ 12 KB
12 KB 11ms
11ms Image
image/jpeg 2606:4700:20::681a:fb3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ttt4.com/maher/images/thumbnail/be-king.jpg
Requested by: Host: www.ttt4.com
URL: https://www.ttt4.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:fb3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 425cb0d82cfdd99bfafcbc0ca9e8a0990b18b1aaf16c596b3906549eadc22ed1

Request headers

Referer: https://www.ttt4.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 14:42:52 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1310172
cf-bgj: h2pri
content-length: 12096
cf-request-id: 0870f0e1ad00000746443f7000000001
last-modified: Thu, 10 Dec 2020 14:59:24 GMT
server: cloudflare
etag: "5fd237cc-2f40"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=w6rj8teRMYFdbfIIXIEpv4WNRWoKiWlvAQIiWBzaYfH33bjGAka134jRa0seBZF7ssypdRuIphXZ3BixnbA6mqTqTkJAnAIinm%2FU4emba%2FwdAorwNzCzX3U%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6261b74918770746-FRA
expires: Wed, 10 Mar 2021 10:46:40 GMT

GET
H2 200 funny-nose-surgery.jpg
cdn.ttt4.com/maher/images/thumbnail/ 13 KB
13 KB 12ms
11ms Image
image/jpeg 2606:4700:20::681a:fb3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ttt4.com/maher/images/thumbnail/funny-nose-surgery.jpg
Requested by: Host: www.ttt4.com
URL: https://www.ttt4.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:fb3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 75d01a8ab462841241db5ffa8cb2d26cb67468b58dc8468ad0f19a5324ee8618

Request headers

Referer: https://www.ttt4.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 14:42:52 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 456145
cf-bgj: h2pri
content-length: 12837
cf-request-id: 0870f0e1b3000007463e18f000000001
last-modified: Mon, 08 Feb 2021 10:13:40 GMT
server: cloudflare
etag: "60210ed4-3225"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=tAestvddQJJ4JyJxOKygmfhIBQ5XRYPlbnsfS%2BfdHTo3b3ynQ20TPjUvN3lCNXIwyLhtj4WulaUN0sdfShUCh6r7O5RfpEhNpn1FZKKBu6cWPdLe6vJ0zDU%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6261b74918900746-FRA
expires: Sat, 20 Mar 2021 08:00:27 GMT

GET
H2 200 baby-hazel-kitchen-fun.jpg
cdn.ttt4.com/maher/images/thumbnail/ 12 KB
12 KB 10ms
10ms Image
image/jpeg 2606:4700:20::681a:fb3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ttt4.com/maher/images/thumbnail/baby-hazel-kitchen-fun.jpg
Requested by: Host: www.ttt4.com
URL: https://www.ttt4.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:fb3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5557925e7a407e603be7fd2cd862e7c5a294568ef01baac8afce4200413dcec9

Request headers

Referer: https://www.ttt4.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 14:42:52 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1312840
cf-bgj: h2pri
content-length: 12308
cf-request-id: 0870f0e1b3000007468ab98000000001
last-modified: Mon, 08 Feb 2021 09:53:14 GMT
server: cloudflare
etag: "60210a0a-3014"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=un7%2Fy7S1WEq9JRIMj2HLRTKITfuGs4SMf7BN2Y6m2WmkfkipSawj4CMZ%2FSTyyilBwPg0cM3MBJD6CU0wB%2F64dgEXBC8rhnXwuwKlQ3UFQ1bsefiMwVufB5M%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6261b74918910746-FRA
expires: Wed, 10 Mar 2021 10:02:12 GMT

GET
H2 200 run-over-zombies.jpg
cdn.ttt4.com/maher/images/thumbnail/ 7 KB
8 KB 12ms
11ms Image
image/jpeg 2606:4700:20::681a:fb3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ttt4.com/maher/images/thumbnail/run-over-zombies.jpg
Requested by: Host: www.ttt4.com
URL: https://www.ttt4.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:fb3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 511f7b7d3ec1db80b1c90cb073d3ce0cbedb4dc39a4f36eb52b214331ba19b33

Request headers

Referer: https://www.ttt4.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 14:42:52 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1476170
cf-bgj: h2pri
content-length: 7514
cf-request-id: 0870f0e1b3000007462b272000000001
last-modified: Sat, 06 Feb 2021 12:28:37 GMT
server: cloudflare
etag: "601e8b75-1d5a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=iTcCg73OVAqBh2iBjY5PPRkBew9y0yb9lOulJcNBFb3F7NAGg3tLthHvsJQk3Sy9u3GZNzFabqRgDtHfyzggiVH5IMXK7RbBjdsQUkH94PC1DvvsBAYM5KU%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6261b74918930746-FRA
expires: Mon, 08 Mar 2021 12:40:02 GMT

GET
H2 200 wheely-6.jpg
cdn.ttt4.com/maher/images/thumbnail/ 12 KB
12 KB 16ms
16ms Image
image/jpeg 2606:4700:20::681a:fb3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ttt4.com/maher/images/thumbnail/wheely-6.jpg
Requested by: Host: www.ttt4.com
URL: https://www.ttt4.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:fb3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 97e822379164f4254532c743715222e913192ec4ded1d02063fed6aa56344295

Request headers

Referer: https://www.ttt4.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 14:42:52 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1482915
cf-bgj: h2pri
content-length: 12004
cf-request-id: 0870f0e1b7000007466f3a4000000001
last-modified: Sat, 06 Feb 2021 10:42:15 GMT
server: cloudflare
etag: "601e7287-2ee4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=7GXVzZQ0ukV6x2oFIpgKG6n1PlpSJ2meFj1RdHnlT%2BNuzFb8MMD0GLOPSfYeaBEf%2B%2FLYyZbt7kgQW8UY80Ia2nKim13vJ8cYyHXYyfmT1lVG%2B3QaUk9KpnY%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6261b74928960746-FRA
expires: Mon, 08 Mar 2021 10:47:37 GMT

GET
H2 200 who-will-win-the-million.jpg
cdn.ttt4.com/maher/images/thumbnail/ 4 KB
5 KB 10ms
9ms Image
image/jpeg 2606:4700:20::681a:fb3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ttt4.com/maher/images/thumbnail/who-will-win-the-million.jpg
Requested by: Host: www.ttt4.com
URL: https://www.ttt4.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:fb3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8998e1891d8c0438539d93f6f7cb156bd1add074ec7ae271529041072ead7945

Request headers

Referer: https://www.ttt4.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 14:42:52 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 334008
cf-bgj: h2pri
content-length: 4390
cf-request-id: 0870f0e1b700000746581c5000000001
last-modified: Sun, 30 Oct 2011 09:29:52 GMT
server: cloudflare
etag: "4ead1910-1126"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Sf2BuXrO0Ujg%2Bkvkx1jMX7nSvsPyIWhhnPm4rkQddw%2BE182pWlk6MsNgl6vtk%2BWlY11r68ZOSTb3hbDTtd0g9uWGNbogJYmQrnVIEqkPeiL6bCReKPkqlgA%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6261b74928970746-FRA
expires: Sun, 21 Mar 2021 17:56:04 GMT

GET
H2 200 car-traffic.jpg
cdn.ttt4.com/maher/images/thumbnail/ 9 KB
9 KB 11ms
11ms Image
image/jpeg 2606:4700:20::681a:fb3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ttt4.com/maher/images/thumbnail/car-traffic.jpg
Requested by: Host: www.ttt4.com
URL: https://www.ttt4.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:fb3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9e411b3a77e5e6d116d49bf63a03765982bb19402c2dc93bdd44f189060e4562

Request headers

Referer: https://www.ttt4.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 14:42:52 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 2077316
cf-bgj: h2pri
content-length: 8927
cf-request-id: 0870f0e1b90000074633215000000001
last-modified: Sat, 30 Jan 2021 13:32:22 GMT
server: cloudflare
etag: "60155fe6-22df"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=9Y%2FCPQTR4H4uNHXGa0pAtJ3CxDHnwFI2g7zWhucm1Ek71KUf3ND%2BYAL%2BiM%2BRwNd5VJ3tEjqYhpPCNQtkuffOA6s1%2Bb4BVA1hEPWkRJdh2Q7T4EIuNasNtiY%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6261b749289d0746-FRA
expires: Mon, 01 Mar 2021 13:40:56 GMT

GET
H2 200 free-new-york-taxi-driver-3d-sim.jpg
cdn.ttt4.com/maher/images/thumbnail/ 15 KB
15 KB 16ms
13ms Image
image/jpeg 2606:4700:20::681a:fb3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ttt4.com/maher/images/thumbnail/free-new-york-taxi-driver-3d-sim.jpg
Requested by: Host: www.ttt4.com
URL: https://www.ttt4.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:fb3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f4ac975bcdda6b6c93ac0a5ca0993776f4e585f937e63a0bb9575c69124efc25

Request headers

Referer: https://www.ttt4.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 14:42:53 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 334483
cf-bgj: h2pri
content-length: 14934
cf-request-id: 0870f0e1c0000007468bbc4000000001
last-modified: Fri, 08 Jan 2021 09:51:56 GMT
server: cloudflare
etag: "5ff82b3c-3a56"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=tGNr0MqyXSdctvbkVwPGojh%2Fb1iSb%2BX%2BpOeOo1F4fz1MM13m2oU%2Fa0qw4kxaUs11mVFjz%2BTI3jUjBFSaAVsUuxn7PJgRgfpWW3C7cHMXA%2FOabYVhekC%2BFv4%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6261b74938ae0746-FRA
expires: Sun, 21 Mar 2021 17:48:09 GMT

GET
H2 200 krunker-io.jpg
cdn.ttt4.com/maher/images/thumbnail/ 10 KB
10 KB 12ms
10ms Image
image/jpeg 2606:4700:20::681a:fb3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ttt4.com/maher/images/thumbnail/krunker-io.jpg
Requested by: Host: www.ttt4.com
URL: https://www.ttt4.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:fb3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f03db3ac6470a1a7cb0035afc1aeb25bfab7c593f484532b78472165efccf49

Request headers

Referer: https://www.ttt4.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 14:42:52 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 333949
cf-bgj: h2pri
content-length: 9910
cf-request-id: 0870f0e1c0000007463ab85000000001
last-modified: Tue, 10 Nov 2020 21:47:42 GMT
server: cloudflare
etag: "5fab0a7e-26b6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=gKVKtody41f%2BTOoX1RmfhvKvPCptVnjrmwJyY1QxHWW%2B3%2BCjQDxAzsVPaqIBLQ2eLZc866CDv8HHIi95QzdZWXkpUsNV%2FbXwkTCeq2s7h%2BmwIox8wwzzfig%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6261b74938b10746-FRA
expires: Sun, 21 Mar 2021 17:57:03 GMT

GET
H2 200 moto-x3m-3.jpg
cdn.ttt4.com/maher/images/thumbnail/ 11 KB
12 KB 12ms
11ms Image
image/jpeg 2606:4700:20::681a:fb3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ttt4.com/maher/images/thumbnail/moto-x3m-3.jpg
Requested by: Host: www.ttt4.com
URL: https://www.ttt4.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:fb3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6e79178eecebe5f108edd1c06fe30b4e335f30ffa440b12dd22adea8061b346d

Request headers

Referer: https://www.ttt4.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 14:42:52 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 334483
cf-bgj: h2pri
content-length: 11503
cf-request-id: 0870f0e1c1000007467e80b000000001
last-modified: Tue, 10 Nov 2020 21:48:49 GMT
server: cloudflare
etag: "5fab0ac1-2cef"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=j0QZNOfZp3EqMG%2BiQ%2BmAntp39ja56g6ToCNUToR%2BtT%2FpZu%2BqDIUBR1wLrQb3s2gqD%2Flv9UiHJ1J7G3jU6DIivmoA86mIErqwGRX%2FNOEVFiHs1Ke5TD2k8H0%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6261b74938b30746-FRA
expires: Sun, 21 Mar 2021 17:48:09 GMT

GET
H2 200 escaping-the-prison.jpg
cdn.ttt4.com/maher/images/thumbnail/ 6 KB
6 KB 13ms
12ms Image
image/jpeg 2606:4700:20::681a:fb3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ttt4.com/maher/images/thumbnail/escaping-the-prison.jpg
Requested by: Host: www.ttt4.com
URL: https://www.ttt4.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:fb3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d4bcc0724f6e712c79852ea183bf3d4da5a6301703ab33730c6a998320422b73

Request headers

Referer: https://www.ttt4.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 14:42:53 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 620886
cf-bgj: h2pri
content-length: 5859
cf-request-id: 0870f0e1c1000007467f38b000000001
last-modified: Sat, 23 Jan 2021 21:13:05 GMT
server: cloudflare
etag: "600c9161-16e3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=J8qvOiMM78vN8XQDLRQIeKgBL8%2FdAX2kBSn5GbSUd9s5kjc4kY5EdcxfODthew%2FH5mDOyJy4OQiuRqUFvOWltconpvQFOnC6XcRA2nptb9nmzOZWyxfdpUs%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6261b74938b40746-FRA
expires: Thu, 18 Mar 2021 10:14:46 GMT

GET
H2 200 grand-shift-auto.jpg
cdn.ttt4.com/maher/images/thumbnail/ 12 KB
13 KB 12ms
12ms Image
image/jpeg 2606:4700:20::681a:fb3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ttt4.com/maher/images/thumbnail/grand-shift-auto.jpg
Requested by: Host: www.ttt4.com
URL: https://www.ttt4.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:fb3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a4597e814de06ead29e261e695ca5845318c30fcec6d2a65ed67d5e849d8d7b

Request headers

Referer: https://www.ttt4.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 14:42:53 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 333879
cf-bgj: h2pri
content-length: 12711
cf-request-id: 0870f0e1c5000007465fa19000000001
last-modified: Sun, 13 Dec 2020 13:17:31 GMT
server: cloudflare
etag: "5fd6146b-31a7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=8U7yLTbgl0MGpxrIvG3VBFu6IRAGnDsSmUroO%2BvmuHYAI%2FjiQh%2FjHG7i2f6Lp3iIpQpkvHeC62%2F%2BOLoLGlVa7k1%2B8NWmWJcSu%2Fem5GA2nCfSREOaZqMMeK4%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6261b74938ce0746-FRA
expires: Sun, 21 Mar 2021 17:58:14 GMT

GET
H2 200 train-driver.jpg
cdn.ttt4.com/maher/images/thumbnail/ 9 KB
10 KB 11ms
11ms Image
image/jpeg 2606:4700:20::681a:fb3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ttt4.com/maher/images/thumbnail/train-driver.jpg
Requested by: Host: www.ttt4.com
URL: https://www.ttt4.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:fb3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a9810cb1d11dc4a6a4a0c47f43e6fe2edd4763e356eb164b8afa71d0cb5ddafa

Request headers

Referer: https://www.ttt4.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 14:42:53 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 456174
cf-bgj: h2pri
content-length: 9482
cf-request-id: 0870f0e1c8000007462b9cd000000001
last-modified: Tue, 02 Feb 2021 12:07:52 GMT
server: cloudflare
etag: "60194098-250a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=2vscF%2FhATq79%2FqPnE4aUn%2F8Ly4B3JwidVp6nGlmG8mK4o7XwydJqgX3TfDJ8u3xnJ7584f%2B%2BsaYHwqLJaox4o9PdqveNB%2FShdgck34cEMo4ZE6hR01w6GLQ%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6261b74938d30746-FRA
expires: Sat, 20 Mar 2021 07:59:59 GMT

GET
H2 200 offroad-cycle-3d.jpg
cdn.ttt4.com/maher/images/thumbnail/ 12 KB
12 KB 10ms
9ms Image
image/jpeg 2606:4700:20::681a:fb3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ttt4.com/maher/images/thumbnail/offroad-cycle-3d.jpg
Requested by: Host: www.ttt4.com
URL: https://www.ttt4.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:fb3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1f5360a322c2ca5a0fa8135c08d649cd7348d27baba73dbb21e4e50fed717d27

Request headers

Referer: https://www.ttt4.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 14:42:53 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 456372
cf-bgj: h2pri
content-length: 12327
cf-request-id: 0870f0e1cd00000746769a0000000001
last-modified: Sat, 16 Jan 2021 20:10:59 GMT
server: cloudflare
etag: "60034853-3027"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=BOarHePbYvdGO9TA0gjyEjeqCZeyXJu5hXqiuG0gviwhPsOrwchzHO0qhHGcvB8B%2BJjgQSPdJQvdPjH7s7xTjsOVT2XHmJvvv72eYF3Fxtw3BFhJ7pmDiWY%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6261b74948de0746-FRA
expires: Sat, 20 Mar 2021 07:56:41 GMT

GET
H2 200 world-football-soccer.jpg
cdn.ttt4.com/maher/images/thumbnail/ 7 KB
7 KB 13ms
12ms Image
image/jpeg 2606:4700:20::681a:fb3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ttt4.com/maher/images/thumbnail/world-football-soccer.jpg
Requested by: Host: www.ttt4.com
URL: https://www.ttt4.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:fb3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e06f5493e5454ca306517848c88ec1c70e5fec96628853b0a386120c7cb2c670

Request headers

Referer: https://www.ttt4.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 14:42:53 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 428692
cf-bgj: h2pri
content-length: 7287
cf-request-id: 0870f0e1cd000007467e80c000000001
last-modified: Mon, 25 Jan 2021 16:17:35 GMT
server: cloudflare
etag: "600eef1f-1c77"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=UtoGGmvlgE0EfiAK41UuZPsQTtYhRoG0EtRUfSDaq0RO65QNyXTFnFP17aFxjEOy2yyvxWs%2FPyabOfBQNyf05tYIZau8fp0wl%2FAgdHlMwDeVmwYsGjDsMFY%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6261b74948e30746-FRA
expires: Sat, 20 Mar 2021 15:38:01 GMT

GET
H2 200 subway-surf.jpg
cdn.ttt4.com/maher/images/thumbnail/ 19 KB
19 KB 15ms
14ms Image
image/jpeg 2606:4700:20::681a:fb3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ttt4.com/maher/images/thumbnail/subway-surf.jpg
Requested by: Host: www.ttt4.com
URL: https://www.ttt4.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:fb3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c1c9d1d14eddcd48f860bb956c08334a1ed1ac339097be1ecefc14bd62ad790

Request headers

Referer: https://www.ttt4.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 14:42:53 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 333879
cf-bgj: h2pri
content-length: 19382
cf-request-id: 0870f0e1d000000746a9383000000001
last-modified: Thu, 31 Dec 2020 04:52:52 GMT
server: cloudflare
etag: "5fed5924-4bb6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=5lowJ1Iez2QVcWdxVshgcbEF4C5Ip3ihHM49qh1eLkCnvEFTSSTLrgAvRxpzaZcEyHfA8X%2B83h6y%2FxmJeVi%2FLfY2RVbFGMm0Nr%2FUJblxIZFCLJd8RMM7xM0%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6261b74948ef0746-FRA
expires: Sun, 21 Mar 2021 17:58:14 GMT

GET
H2 200 supra-drift-3d.jpg
cdn.ttt4.com/maher/images/thumbnail/ 9 KB
9 KB 11ms
10ms Image
image/jpeg 2606:4700:20::681a:fb3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ttt4.com/maher/images/thumbnail/supra-drift-3d.jpg
Requested by: Host: www.ttt4.com
URL: https://www.ttt4.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:fb3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47545ca60ccb80161a6d21eaf5a1db28b957e36fff1387f3aa6430cd2ebaa522

Request headers

Referer: https://www.ttt4.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 14:42:53 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 334484
cf-bgj: h2pri
content-length: 9160
cf-request-id: 0870f0e1d0000007468e029000000001
last-modified: Thu, 14 Jan 2021 15:51:21 GMT
server: cloudflare
etag: "60006879-23c8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=vsFGISzhMuvBfPL5M0kGsF9hGWWvpDOS5wpT8fNfAaUJrArbcLWlyAjUTy6m35ERg13uUnKoezVe%2BGLr%2FP4tdJVVKaxg%2BbBD21GevpjK4ZYdqjbR8P7U61Y%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6261b74948f20746-FRA
expires: Sun, 21 Mar 2021 17:48:09 GMT

GET
H2 200 zombie-hunters.jpg
cdn.ttt4.com/maher/images/thumbnail/ 14 KB
14 KB 15ms
14ms Image
image/jpeg 2606:4700:20::681a:fb3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ttt4.com/maher/images/thumbnail/zombie-hunters.jpg
Requested by: Host: www.ttt4.com
URL: https://www.ttt4.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:fb3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: affc78313af74cb556ddb4bda187a4b095f0b7cf720e0111bd8a2e98d564fd19

Request headers

Referer: https://www.ttt4.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 14:42:53 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 456060
cf-bgj: h2pri
content-length: 14147
cf-request-id: 0870f0e1d4000007467183a000000001
last-modified: Mon, 23 Nov 2020 19:51:05 GMT
server: cloudflare
etag: "5fbc12a9-3743"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2Bg1%2BydQcWV1OkWOFQjCLOj47Dr4kJp7VJLfLjCxkLh724As6LpDN%2BEORh1K5520%2Fc2VDtb%2BatFMT14EkqA9hD%2FfFy2BdTT9AtlFLL9eqU%2FWvxitK7Wx3XDo%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6261b74958fc0746-FRA
expires: Sat, 20 Mar 2021 08:01:53 GMT

GET
H2 200 puzzle-maniax.jpg
cdn.ttt4.com/maher/images/thumbnail/ 7 KB
7 KB 13ms
13ms Image
image/jpeg 2606:4700:20::681a:fb3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ttt4.com/maher/images/thumbnail/puzzle-maniax.jpg
Requested by: Host: www.ttt4.com
URL: https://www.ttt4.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:fb3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 29e41f9b1a649e30f8daf4e4add9d35dbae465d21792d1de5df85e31b8c731a4

Request headers

Referer: https://www.ttt4.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 14:42:53 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 329888
cf-bgj: h2pri
content-length: 6667
cf-request-id: 0870f0e1d4000007463e90a000000001
last-modified: Mon, 18 Jan 2021 16:31:22 GMT
server: cloudflare
etag: "6005b7da-1a0b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=0BpIkK5nwaxUE7q9aPZa72aZbq%2F6SS8iiWae6QfeLRVMhrb2UIDKwLix9dZJQUiKA2mQej8P%2BBKG%2FaOiYUb7MJ98aBW2bNBisoWHqETJ%2Bp6soMAaT5jqG1g%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6261b74958fe0746-FRA
expires: Sun, 21 Mar 2021 19:04:45 GMT

GET
H2 200 mario-adventure-2.jpg
cdn.ttt4.com/maher/images/thumbnail/ 4 KB
4 KB 11ms
11ms Image
image/jpeg 2606:4700:20::681a:fb3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ttt4.com/maher/images/thumbnail/mario-adventure-2.jpg
Requested by: Host: www.ttt4.com
URL: https://www.ttt4.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:fb3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 22d3085f32cdded06c472cbd302ae77007f446f819f276e3cfdd6de5fe933760

Request headers

Referer: https://www.ttt4.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 14:42:53 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 333840
cf-bgj: h2pri
content-length: 4018
cf-request-id: 0870f0e1d80000074667149000000001
last-modified: Sun, 30 Oct 2011 09:27:34 GMT
server: cloudflare
etag: "4ead1886-fb2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=tNtmYmoDBUzcBVhuPEc0ibU5Zn5RACrR0sXsjXTzvhvWGQMM4obJ8L2%2Fw1R3%2FIzS6A8Q7O1NidXXk3l2R0D3Coyw8YxByovrncSx6xP0MvW%2F6r9yy0DzjFE%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6261b74959060746-FRA
expires: Sun, 21 Mar 2021 17:58:53 GMT

GET
H2 200 adam-and-eve.jpg
cdn.ttt4.com/maher/images/thumbnail/ 15 KB
16 KB 11ms
10ms Image
image/jpeg 2606:4700:20::681a:fb3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ttt4.com/maher/images/thumbnail/adam-and-eve.jpg
Requested by: Host: www.ttt4.com
URL: https://www.ttt4.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:fb3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d114ff11fcd2086e63bbf66b6503efa195594156372fd392ca6cd4ff145f9f84

Request headers

Referer: https://www.ttt4.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 14:42:53 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 454899
cf-bgj: h2pri
content-length: 15625
cf-request-id: 0870f0e1dc000007466b82f000000001
last-modified: Fri, 01 Jan 2021 01:16:37 GMT
server: cloudflare
etag: "5fee77f5-3d09"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=3GJQi%2FjtiBP%2F1wGe5P0pc8z27v%2FdqlntchZU6b8oXORDAsA1bQrGd%2FWyTVWggp3udtIf0vF4TOcFP2ACr3zK2tP4dY3ZQX43riz6IMdOD2ZIP8llJS4uCdo%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6261b749590a0746-FRA
expires: Sat, 20 Mar 2021 08:21:14 GMT

GET
H2 200 slap-king.jpg
cdn.ttt4.com/maher/images/thumbnail/ 15 KB
16 KB 12ms
11ms Image
image/jpeg 2606:4700:20::681a:fb3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ttt4.com/maher/images/thumbnail/slap-king.jpg
Requested by: Host: www.ttt4.com
URL: https://www.ttt4.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:fb3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 38bc20d52c61eae2779bd87b131dce86f86957a3e09f02b969a77e94d7acfc32

Request headers

Referer: https://www.ttt4.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 14:42:53 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 332420
cf-bgj: h2pri
content-length: 15825
cf-request-id: 0870f0e1dc00000746769a1000000001
last-modified: Wed, 18 Nov 2020 08:03:59 GMT
server: cloudflare
etag: "5fb4d56f-3dd1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=3Zy%2FWiLS4xkgLrHjRz9FuBcpQjNRNU%2FbbULEaUi5fxw%2FpClYfuskDq7fFxxswHLm%2FBGIKYuRVWCETMU%2BypkkKbf5I0uGCnBXm18DWy%2BScoZX8hARE1%2BniYc%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6261b749590c0746-FRA
expires: Sun, 21 Mar 2021 18:22:33 GMT

GET
H2 200 basketball-stars.jpg
cdn.ttt4.com/maher/images/thumbnail/ 13 KB
14 KB 13ms
13ms Image
image/jpeg 2606:4700:20::681a:fb3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ttt4.com/maher/images/thumbnail/basketball-stars.jpg
Requested by: Host: www.ttt4.com
URL: https://www.ttt4.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:fb3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e66761d586d732639b766ef241457f7050126dfde3480a46673416cc9f81a3d

Request headers

Referer: https://www.ttt4.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 14:42:53 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 454730
cf-bgj: h2pri
content-length: 13786
cf-request-id: 0870f0e1df000007463e191000000001
last-modified: Tue, 10 Nov 2020 21:46:15 GMT
server: cloudflare
etag: "5fab0a27-35da"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=MCW4BMzWJpgdvGGL5OULyu7IlBOAjBEW%2Br0KoewadDnfHXy40hJEMOo%2F0QxflcVel0k6VViMFTenP1sKl0u0F8N5wH%2FdbLA6hfLq7pV8ihd8%2FbyFUAYr0zo%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6261b74969140746-FRA
expires: Sat, 20 Mar 2021 08:24:03 GMT

GET
H2 200 airport-rush.jpg
cdn.ttt4.com/maher/images/thumbnail/ 13 KB
13 KB 10ms
8ms Image
image/jpeg 2606:4700:20::681a:fb3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ttt4.com/maher/images/thumbnail/airport-rush.jpg
Requested by: Host: www.ttt4.com
URL: https://www.ttt4.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:fb3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0ad9444e5e5f21ac2684040d22d2471f64ba11ed0a23a526d4737734c90fede7

Request headers

Referer: https://www.ttt4.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 14:42:53 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 333925
cf-bgj: h2pri
content-length: 13388
cf-request-id: 0870f0e1e100000746a4bb0000000001
last-modified: Mon, 14 Dec 2020 09:13:44 GMT
server: cloudflare
etag: "5fd72cc8-344c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2BfLV69mAXqD71uIRGaV0h2ZuIWWgHg89ODTM4u%2Bxk8eUc%2B%2Bu4JQcsWSGnprCTE05C4FRUJJxuqp9%2F%2BFKAtTAklhkUS%2BrFamClWYrWKAcAIzsRph4bYqunyM%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6261b749691a0746-FRA
expires: Sun, 21 Mar 2021 17:57:28 GMT

GET
H2 200 love-meter.jpg
cdn.ttt4.com/maher/images/thumbnail/ 6 KB
6 KB 12ms
11ms Image
image/jpeg 2606:4700:20::681a:fb3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ttt4.com/maher/images/thumbnail/love-meter.jpg
Requested by: Host: www.ttt4.com
URL: https://www.ttt4.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:fb3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 631f5242e0cb15b0cf69c4129f1f80c891fd89787af79d31a0090e55047c7f10

Request headers

Referer: https://www.ttt4.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 14:42:53 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 455733
cf-bgj: h2pri
content-length: 6082
cf-request-id: 0870f0e1e4000007468e02b000000001
last-modified: Sun, 30 Oct 2011 09:27:30 GMT
server: cloudflare
etag: "4ead1882-17c2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=wMCz7V4DTALRcBqKPeLLgSDOkJDoSsHsk9e%2FLGQXxjZ5ivGyUpgydN4veyYrVypl%2FiMo4eb0p%2FzWjum%2F%2BMANQ2wjjSnhCjTujTgTDKHmOah5GrRTFo2AdcQ%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6261b749691e0746-FRA
expires: Sat, 20 Mar 2021 08:07:20 GMT

GET
H2 200 furious-racing-3d.jpg
cdn.ttt4.com/maher/images/thumbnail/ 12 KB
12 KB 12ms
11ms Image
image/jpeg 2606:4700:20::681a:fb3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ttt4.com/maher/images/thumbnail/furious-racing-3d.jpg
Requested by: Host: www.ttt4.com
URL: https://www.ttt4.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:fb3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f6d3c97e756484a4e9f83da4a830df89ee8d0b1f517cbde1773e410985d521e6

Request headers

Referer: https://www.ttt4.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 14:42:53 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 456349
cf-bgj: h2pri
content-length: 12096
cf-request-id: 0870f0e1e4000007468524f000000001
last-modified: Fri, 18 Dec 2020 14:52:54 GMT
server: cloudflare
etag: "5fdcc246-2f40"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=J1QlJyD8mqRZi72jCkwq80WbRazTVSkbkCwpIfrVJTN2nhyAl7MX2rGXidCUwuIs4MaqJw3AfWOeGM21GGU8mFlUpZ7ZTYLHmw5KdR4SSJxrVx6oh8blM%2Bg%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6261b749691f0746-FRA
expires: Sat, 20 Mar 2021 07:57:04 GMT

GET
H2 200 princess-halloween-makeup.jpg
cdn.ttt4.com/maher/images/thumbnail/ 13 KB
14 KB 10ms
10ms Image
image/jpeg 2606:4700:20::681a:fb3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ttt4.com/maher/images/thumbnail/princess-halloween-makeup.jpg
Requested by: Host: www.ttt4.com
URL: https://www.ttt4.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:fb3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 799315868f339547245dd172f2309a1fd7ae25fddf9ab2761c939be2ecb90772

Request headers

Referer: https://www.ttt4.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 14:42:53 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 333937
cf-bgj: h2pri
content-length: 13707
cf-request-id: 0870f0e1e8000007467c3b5000000001
last-modified: Thu, 10 Dec 2020 04:23:37 GMT
server: cloudflare
etag: "5fd1a2c9-358b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=wIaESwT%2B6hbJnKGQxOTVl7MI2UhUdMLX66AALri1Xr9aONT4wOVGXgZMDxgqjASBRwloLzn73%2F9KoWDLQ00vcbyB4G4iiSfSKnHElM6YrOA0kVOPfqJKr%2B8%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6261b749792c0746-FRA
expires: Sun, 21 Mar 2021 17:57:16 GMT

GET
H2 200 frozen-double-trouble.jpg
cdn.ttt4.com/maher/images/thumbnail/ 12 KB
12 KB 11ms
10ms Image
image/jpeg 2606:4700:20::681a:fb3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ttt4.com/maher/images/thumbnail/frozen-double-trouble.jpg
Requested by: Host: www.ttt4.com
URL: https://www.ttt4.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:fb3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b3059d648f494d75adc15c080ca1e39c0583d0b47606a7accad6b81841b6b81e

Request headers

Referer: https://www.ttt4.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 14:42:53 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 334464
cf-bgj: h2pri
content-length: 11939
cf-request-id: 0870f0e1e8000007469a2ce000000001
last-modified: Tue, 10 Nov 2020 21:47:42 GMT
server: cloudflare
etag: "5fab0a7e-2ea3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=k7DdTz%2FszlpdC0pbfxq0jkKYttFMS4UAh2vHdj1JwLrAvdWxi0zC31TjhRjpMUzAQG6fY9N7kGdOVpEhRaCXCs%2BZGbgs0Kwm%2FNhQ%2B0oSCCgtwvr9aA4GPfc%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6261b749792d0746-FRA
expires: Sun, 21 Mar 2021 17:48:29 GMT

GET
H2 200 uno.jpg
cdn.ttt4.com/maher/images/thumbnail/ 11 KB
11 KB 11ms
9ms Image
image/jpeg 2606:4700:20::681a:fb3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ttt4.com/maher/images/thumbnail/uno.jpg
Requested by: Host: www.ttt4.com
URL: https://www.ttt4.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:fb3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 729a2ac0024a0373951287e7972036da81501280cbd7f63c45f1ba3db73b9a2a

Request headers

Referer: https://www.ttt4.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 14:42:53 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 333402
cf-bgj: h2pri
content-length: 10838
cf-request-id: 0870f0e1ed000007469f383000000001
last-modified: Tue, 10 Nov 2020 21:49:12 GMT
server: cloudflare
etag: "5fab0ad8-2a56"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=TjZ4o3BansQfIO0KmCqr7S203LCtHNUve71HdRINXKvC5xEmlbKdPOAI9TOOr2w6AMopIktqfRhV29fvSYOs97BBFfMCvWKc0boemtf%2FjmTe5OM5%2BWQO1f8%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6261b74979460746-FRA
expires: Sun, 21 Mar 2021 18:06:11 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 56 KB
19 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: ads.ad4game.com
URL: https://ads.ad4game.com/www/delivery/async-ajs.php?v=1&cb=a4g8664926&h=0&siteurl=https%3A%2F%2Fwww.ttt4.com%2F&c=UTF-8&z=63010,41771&b=3&x=3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

09d353af2007e6c46308991eeb0281c06fefbffab294c01c17a4dd93165b8ac5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ttt4.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 14:42:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "792 / 542 of 1000 / last-modified: 1614082486"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19460
x-xss-protection: 0
expires: Tue, 23 Feb 2021 14:42:53 GMT

GET
H/1.1 200
OK bid Show response
ads.ad4game.com/v1/ 5 KB
2 KB 538ms
325ms XHR
application/json 192.207.255.147
AS-MNX

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.ad4game.com/v1/bid?if=0&siteurl=https%3A%2F%2Fwww.ttt4.com%2F&size=160x600%3B728x90&id=215c08bdde7a76%3B3b91e3723c2b68&zoneId=63010%3B41771
Requested by: Host: cdn.ad4game.com
URL: https://cdn.ad4game.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.207.255.147 , United States, ASN62821 (AS-MNX, US),
Reverse DNS: haproxy2.ad4game.com
Software: nginx /
Resource Hash: b1950b2f67ef6cdff5a1a0ad4809f525b651d660551a8d891c1f2cce42db7e8c

Request headers

Referer: https://www.ttt4.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Date: Tue, 23 Feb 2021 14:42:53 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: https://www.ttt4.com
Transfer-Encoding: chunked
Connection: close
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-Application-Context: application:12065

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 24 B
369 B 132ms
85ms XHR
application/json 184.31.84.150
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=610022&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22418b9cb68ce43a%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.ttt4.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A2%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allU%22%3A2%2C%22ren%22%3Afalse%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%225cf5708dde1488%22%2C%22ext%22%3A%7B%22siteID%22%3A%22610022%22%2C%22sid%22%3A%22160x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A160%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2269d5fd09562f1c%22%2C%22ext%22%3A%7B%22siteID%22%3A%22610021%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by: Host: cdn.ad4game.com
URL: https://cdn.ad4game.com/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.31.84.150 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-31-84-150.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 831eef7718072c7fef9dbcd3774ea36d1ecdf6552bb11b2231293d84663af5ef

Request headers

Referer: https://www.ttt4.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 23 Feb 2021 14:42:53 GMT
content-encoding: gzip
x-ak-initial-geo: CC:[NL], RC:[], CN:[EU], CIP:[185.212.171.67], XFF:[]
server: Apache
vary: Is-Traffic-Invalid,Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.ttt4.com
x-cs-client-geo: 12
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 44
x-ak-client-geo: 12
expires: Tue, 23 Feb 2021 14:42:53 GMT

GET
H2 200 pubads_impl_2021021701.js Show response
securepubads.g.doubleclick.net/gpt/ 291 KB
103 KB 79ms
30ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021701.js?31060198

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

sffe /

Resource Hash

2fc82ebe208dec1743b56fd6e8b0be2d6c6537b2ae9945ba8e168b83f2498c00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ttt4.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 14:42:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 17 Feb 2021 09:39:39 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 104514
x-xss-protection: 0
expires: Tue, 23 Feb 2021 14:42:53 GMT

GET
H2 200 like.php Show response
www.facebook.com/plugins/ Frame 2AD8 33 KB
13 KB 96ms
95ms Document
text/html 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/like.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df44c36f9e3e904%26domain%3Dwww.ttt4.com%26origin%3Dhttps%253A%252F%252Fwww.ttt4.com%252Ff2716fa8a806b9%26relation%3Dparent.parent&container_width=600&href=https%3A%2F%2Fwww.facebook.com%2Fpages%2F%25D8%25A7%25D9%2584%25D8%25B9%25D8%25A7%25D8%25A8-%25D9%2585%25D8%25A7%25D9%2587%25D8%25B1%2F150424148383278&layout=button_count&locale=en_US&sdk=joey&send=false&show_faces=false&width=100

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=53d13b8caaa82b6299968198799d0903&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3931e452fd26e27a9c4a4d2c1bed51031992236132de01f189e40416a4eb34b2

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /plugins/like.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df44c36f9e3e904%26domain%3Dwww.ttt4.com%26origin%3Dhttps%253A%252F%252Fwww.ttt4.com%252Ff2716fa8a806b9%26relation%3Dparent.parent&container_width=600&href=https%3A%2F%2Fwww.facebook.com%2Fpages%2F%25D8%25A7%25D9%2584%25D8%25B9%25D8%25A7%25D8%25A8-%25D9%2585%25D8%25A7%25D9%2587%25D8%25B1%2F150424148383278&layout=button_count&locale=en_US&sdk=joey&send=false&show_faces=false&width=100
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.ttt4.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.ttt4.com/

Response headers

vary: Accept-Encoding
x-fb-rlafr: 0
pragma: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-encoding: br
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
x-xss-protection: 0
cache-control: private, no-cache, no-store, must-revalidate
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
x-fb-debug: UzTb8vwiUyq+r1Gv+tkrvxjyxXxExADc/Br4tvXybg9A8ihKDSQ/cIuhh93PL5OK4YSn4wKkDPUBRy+exnGrbg==
date: Tue, 23 Feb 2021 14:42:53 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

GET
H2 200 OqOE21UvWe3.png
www.facebook.com/rsrc.php/v3/y5/r/ Frame 2AD8 400 B
671 B 6ms
6ms Image
image/png 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/rsrc.php/v3/y5/r/OqOE21UvWe3.png

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/like.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df44c36f9e3e904%26domain%3Dwww.ttt4.com%26origin%3Dhttps%253A%252F%252Fwww.ttt4.com%252Ff2716fa8a806b9%26relation%3Dparent.parent&container_width=600&href=https%3A%2F%2Fwww.facebook.com%2Fpages%2F%25D8%25A7%25D9%2584%25D8%25B9%25D8%25A7%25D8%25A8-%25D9%2585%25D8%25A7%25D9%2587%25D8%25B1%2F150424148383278&layout=button_count&locale=en_US&sdk=joey&send=false&show_faces=false&width=100

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ed91fbb0cd9308f91f8e1fd93942c94ee850fc4161ed788b16f801b743c70b9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/plugins/like.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df44c36f9e3e904%26domain%3Dwww.ttt4.com%26origin%3Dhttps%253A%252F%252Fwww.ttt4.com%252Ff2716fa8a806b9%26relation%3Dparent.parent&container_width=600&href=https%3A%2F%2Fwww.facebook.com%2Fpages%2F%25D8%25A7%25D9%2584%25D8%25B9%25D8%25A7%25D8%25A8-%25D9%2585%25D8%25A7%25D9%2587%25D8%25B1%2F150424148383278&layout=button_count&locale=en_US&sdk=joey&send=false&show_faces=false&width=100
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fb-debug: qThsALBtzsGqcYvtyqXAATkIO+9EHhZVQF7HBBhbmNAjTPQLD8n3kZr5UQ87pBJStu/zJHI9le21VXrMS4rm+Q==
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: uF0RL4E+h23ClLQmPOTTMw==
date: Tue, 16 Feb 2021 20:07:16 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 400
x-fb-rlafr: 0
expires: Wed, 16 Feb 2022 20:07:16 GMT

GET
H2 200 j37dMD2npOS.js Show response
www.facebook.com/rsrc.php/v3iEpO4/yu/l/en_US/ Frame 2AD8 477 KB
123 KB 6ms
6ms XHR
application/x-javascript 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3iEpO4/yu/l/en_US/j37dMD2npOS.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

921dbf87a287f65d88b40b028fadbf3550463739ec03a519d36dc8ae94404d51

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/plugins/like.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df44c36f9e3e904%26domain%3Dwww.ttt4.com%26origin%3Dhttps%253A%252F%252Fwww.ttt4.com%252Ff2716fa8a806b9%26relation%3Dparent.parent&container_width=600&href=https%3A%2F%2Fwww.facebook.com%2Fpages%2F%25D8%25A7%25D9%2584%25D8%25B9%25D8%25A7%25D8%25A8-%25D9%2585%25D8%25A7%25D9%2587%25D8%25B1%2F150424148383278&layout=button_count&locale=en_US&sdk=joey&send=false&show_faces=false&width=100
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fb-debug: 5gqIsNm9El0Im2WWayokOLT35PYVgjPsswCPwNNYT+uku7nO7X4zE+SxWoU0v+/81NtlHGFK1uiDWvRX7FzxtA==
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: mJMotsRi6aL0pgNLyBHUBQ==
date: Tue, 23 Feb 2021 04:18:36 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 125436
x-fb-rlafr: 0
expires: Wed, 23 Feb 2022 04:18:36 GMT

GET
H2 200 cavalry_endpoint.php
www.facebook.com/common/ Frame 2AD8 67 B
758 B 102ms
98ms Image
image/png 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/common/cavalry_endpoint.php?t_cstart=1614091373436&t_start=1614091373436&t_domcontent=1614091373445&t_layout=1614091373462&t_onload=1614091373463&t_paint=1614091373463&t_creport=1614091373463&t_tti=1614091373445&lid=6932469659954961001-0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com data: blob: 'self';script-src .facebook.com .fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com;connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com: attachment.fbsbx.com blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.facebook.com/plugins/like.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df44c36f9e3e904%26domain%3Dwww.ttt4.com%26origin%3Dhttps%253A%252F%252Fwww.ttt4.com%252Ff2716fa8a806b9%26relation%3Dparent.parent&container_width=600&href=https%3A%2F%2Fwww.facebook.com%2Fpages%2F%25D8%25A7%25D9%2584%25D8%25B9%25D8%25A7%25D8%25A8-%25D9%2585%25D8%25A7%25D9%2587%25D8%25B1%2F150424148383278&layout=button_count&locale=en_US&sdk=joey&send=false&show_faces=false&width=100
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com data: blob: 'self';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: br
x-content-type-options: nosniff
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: BhpTnHmVYP4+s9KUL2fHLVshCgSyF5KlJev5ChwXGz1uo4JID4nIRffYmjPqeWAkBSGkfDBl5p1/nwBl2mnpnA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-frame-options: DENY
date: Tue, 23 Feb 2021 14:42:53 GMT
strict-transport-security: max-age=15552000; preload
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: image/png
vary: Accept-Encoding
cache-control: private, no-store, no-cache, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
692 B 67ms
43ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_urg_spr&pvsid=191361105636439&vrg=2021021701&nw_id=60257202&nslots=2&eid=21068891%2C31060198%2C31060211%2C44734254&pub_url=https%3A%2F%2Fwww.ttt4.com%2F&start_time=1614091373679&end_time=1614091373680&num_slots_filtered=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ttt4.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Feb 2021 14:42:53 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
803 B 48ms
27ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.ttt4.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021701.js?31060198

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ttt4.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Feb 2021 14:42:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
803 B 48ms
28ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.ttt4.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021701.js?31060198

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ttt4.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Feb 2021 14:42:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 100 KB
31 KB 364ms
335ms XHR
text/plain 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=191361105636439&correlator=932570942554644&output=ldjh&impl=fifs&eid=21068891%2C31060198%2C31060211%2C44734254&vrg=2021021701&ptt=17&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20210223&iu_parts=60257202%2CTtt4.com-Google-160x600(New)%2CTtt4.com-Google-728x90&enc_prev_ius=%2F0%2F1%2C%2F0%2F2&prev_iu_szs=160x600%2C728x90&prev_scp=hb_format_a4g%3Dbanner%26hb_source_a4g%3Dclient%26hb_size_a4g%3D160x600%26hb_pb_a4g%3D0.51%26hb_adid_a4g%3D215c08bdde7a76%26hb_bidder_a4g%3Da4g%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D160x600%26hb_pb%3D0.51%26hb_adid%3D215c08bdde7a76%26hb_bidder%3Da4g%7Chb_format_a4g%3Dbanner%26hb_source_a4g%3Dclient%26hb_size_a4g%3D728x90%26hb_pb_a4g%3D0.05%26hb_adid_a4g%3D3b91e3723c2b68%26hb_bidder_a4g%3Da4g%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D728x90%26hb_pb%3D0.05%26hb_adid%3D3b91e3723c2b68%26hb_bidder%3Da4g&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1614090329&dt=1614091373708&dlt=1614091372521&idt=785&frm=20&biw=1600&bih=1200&oid=3&adxs=1429%2C669&adys=478%2C170&adks=296907753%2C1248503751&ucis=1%7C2&ifi=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.ttt4.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=170x600%7C1374x90&msz=160x-1%7C728x-1&ga_vid=523490765.1614091373&ga_sid=1614091374&ga_hid=1468248694&fws=4%2C4&ohw=1600%2C1400

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021701.js?31060198

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

50c29c69ee12a6da4c901b195bf6d1285009bd5ba4db75099d88939b6f77090a

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2522908643960029184/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2522908643960029184/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMG94feegO8CFQmbewodEzwJhQ&gqi=&layout=/sadbundle/%24csp%253Der3%24/2522908643960029184/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ttt4.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2522908643960029184/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2522908643960029184/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMG94feegO8CFQmbewodEzwJhQ&gqi=&layout=/sadbundle/%24csp%253Der3%24/2522908643960029184/index.html
content-encoding: br
x-content-type-options: nosniff
google-creative-id: -1,-1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30239
x-xss-protection: 0
google-lineitem-id: -1,-1
pragma: no-cache
server: cafe
date: Tue, 23 Feb 2021 14:42:54 GMT
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.ttt4.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
e3617ebdde843a35541cfc0b060d855b.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 0
0 30ms
15ms Other
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://e3617ebdde843a35541cfc0b060d855b.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021701.js?31060198
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.ttt4.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 0
0 25ms
6ms Other
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021701.js?31060198
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.ttt4.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 container.html Show response
e3617ebdde843a35541cfc0b060d855b.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 5A66 6 KB
3 KB 35ms
20ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e3617ebdde843a35541cfc0b060d855b.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021701.js?31060198

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e86479d6e54449d1085c2149e190a615c6bead407b20bacbcf5852b5d65f1fee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: e3617ebdde843a35541cfc0b060d855b.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-37/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.ttt4.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.ttt4.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 2973
date: Tue, 23 Feb 2021 14:42:53 GMT
expires: Wed, 23 Feb 2022 14:42:53 GMT
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/032101070013000/ Frame E4B7 185 KB
53 KB 28ms
5ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032101070013000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021701.js?31060198

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0f59622e2b26255471d645d7d7f8d43af7ba7afcd7933e873bf6dd091b667e8

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ttt4.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 22987
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53774
x-xss-protection: 0
server: sffe
date: Tue, 23 Feb 2021 08:19:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "b7a446e7a0853ea3"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Feb 2022 08:19:47 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/032101070013000/v0/ Frame E4B7 12 KB
5 KB 38ms
16ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032101070013000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021701.js?31060198

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

981f6ac4a0eed80f6a40eef39d86ce7876f6e360d8b3a2f57f2617bb12895dc3

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ttt4.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 22987
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4559
x-xss-protection: 0
server: sffe
date: Tue, 23 Feb 2021 08:19:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "c3a321a15743f406"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Feb 2022 08:19:47 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/032101070013000/v0/ Frame E4B7 87 KB
27 KB 39ms
17ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032101070013000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021701.js?31060198

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c4024d5169b2506f3421052b45f5d66154de796baf2443d9326ac40107ce5cfb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ttt4.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 2868
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27206
x-xss-protection: 0
server: sffe
date: Tue, 23 Feb 2021 13:55:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "1f991b6a8daa2b14"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Feb 2022 13:55:06 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/032101070013000/v0/ Frame E4B7 3 KB
1 KB 40ms
18ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032101070013000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021701.js?31060198

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c7fa743da4cd37829cd0e7c02e877f094400036be87c8e1fd9d2c3f5f68a8fa5

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ttt4.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 22987
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1376
x-xss-protection: 0
server: sffe
date: Tue, 23 Feb 2021 08:19:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "512b909f94eb26fb"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Feb 2022 08:19:47 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/032101070013000/v0/ Frame E4B7 40 KB
13 KB 40ms
19ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032101070013000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021701.js?31060198

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

194a2819816bb760d4c5ba2ba825cf1926b853c821842697c3024ec74a36f66c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ttt4.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 22987
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12793
x-xss-protection: 0
server: sffe
date: Tue, 23 Feb 2021 08:19:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "1e3ef417618f7e28"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Feb 2022 08:19:47 GMT

GET
DATA 200
OK truncated
/ Frame E4B7 220 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cee154c1bde4d6403fbca4cccb80899e57fa2fbfd2a0edd4476542137b81eb2e

Request headers

Referer: https://www.ttt4.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 5181252516783846553
tpc.googlesyndication.com/simgad/ Frame E4B7 98 KB
98 KB 37ms
20ms Image
image/jpeg 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5181252516783846553?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qlp3_7so2B98TlA6JZ1eKYQ27LMeg

Requested by

Host: www.ttt4.com
URL: https://www.ttt4.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de35c207e00e170b91eba5c6ec42ea0c55ce4f906ef058521d9d8bf296048087

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ttt4.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 22 Feb 2021 19:39:45 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Feb 2021 08:57:06 GMT
server: sffe
age: 68589
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 99880
x-xss-protection: 0
expires: Tue, 22 Feb 2022 19:39:45 GMT

GET
H3-Q050 200 ar.png
tpc.googlesyndication.com/pagead/images/abg/ Frame E4B7 3 KB
3 KB 29ms
13ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/ar.png

Requested by

Host: www.ttt4.com
URL: https://www.ttt4.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dfa586fa8b70c056272ef189e613dc9f6bcb8f9b659259219fa776f639dd3374

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ttt4.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Feb 2021 03:21:26 GMT
x-content-type-options: nosniff
server: cafe
age: 40888
etag: 9421415325968714010
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2737
x-xss-protection: 0
expires: Wed, 24 Feb 2021 03:21:26 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame E4B7 344 B
439 B 30ms
14ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: www.ttt4.com
URL: https://www.ttt4.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ttt4.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Feb 2021 09:04:24 GMT
x-content-type-options: nosniff
server: cafe
age: 20310
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Wed, 24 Feb 2021 09:04:24 GMT

GET
H3-Q050 200 adview
securepubads.g.doubleclick.net/pagead/ Frame E4B7 0
0 63ms
62ms Image
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C6_7YbRQ1YILTMIm27gOT-KSoCNGf-MdhsI-my_kMvsGp4ZUOEAEgopmhHGCRhJOF_BegAfeuoM8CyAECqQJBcHe4ik-BPuACAKgDAcgDCKoEyQFP0Fs87bg4Yst2W-iu2cyVR6HpSCJuuy1slao4s7aTiXKxxX_xbqC2CJQemsTJhNMkPRDr3caJV8q_BuGII3ubpoh7WvvSRKBMrU4tQZ0tW2eMe-OpAib7GIk2xcLRZ0DBwVZcMehieIjFZVqlDHND1i7H2ltVl443TioQyAWyuallxMI5M95iVtHexuL-gT-TRSlUEZOTBtCQtPC2Xr9_dNbSwRGp41Lq_UWKXsut34qhQtmw_V53zTliq0ibai5ZMKStCTBniHPABOrJxfLCA-AEAZIFBAgEGAGSBQQIBRgEoAYCgAfT1tTqAagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAfIHBBDW4RjSCAkIgOGAUBABGB3yCBthZHgtc3Vic3luLTM4OTczNjE0Nzc1NTExMTGACgPICwHYEwyyFxoKGAgAEhRwdWItMTIzMjI2NTM5OTQxNzMwMg&sigh=1LvXWblf2fc&tpd=AGWhJmtJGnrubz75I5tjwm_q-TMMNJZfZTEGqnLHmAY-ZKFRzQ
Requested by: Host: www.ttt4.com
URL: https://www.ttt4.com/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s51-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ttt4.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 74 KB
28 KB 63ms
49ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021701.js?31060198

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5f7fd5989c12c6559d04ebec24d035a6781b0732ad49ab642a33b8b26cfe0a5b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ttt4.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 14:42:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1613997197137185"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28345
x-xss-protection: 0
expires: Tue, 23 Feb 2021 14:42:54 GMT

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
7 KB 46ms
32ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021021701&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021701.js?31060198

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18b857c59024092e3c20f5d3b77697c43d15cd5ce3016c333b5f5c253eb10e22

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ttt4.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Feb 2021 14:42:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6465
x-xss-protection: 0

GET
H3-Q050 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2522908643960029184/ Frame 1FF6 118 KB
29 KB 7ms
7ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2522908643960029184/index.html

Requested by

Host: www.ttt4.com
URL: https://www.ttt4.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f3f3b91f7f5267d65968963346a50a9850b776fdb04133f8102a07c1242ec5ef

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/2522908643960029184/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://e3617ebdde843a35541cfc0b060d855b.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://e3617ebdde843a35541cfc0b060d855b.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
date: Fri, 19 Feb 2021 04:04:34 GMT
expires: Sat, 19 Feb 2022 04:04:34 GMT
last-modified: Thu, 17 Sep 2020 04:15:16 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
content-length: 28013
age: 383900
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 5A66 0
0 63ms
63ms Fetch
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C1ubfbRQ1YIHTMIm27gOT-KSoCLiVu5BgwoT7-d8Lt5iPho4LEAEgopmhHGCRhJOF_BegAaSlr8UDyAEJqQJBcHe4ik-BPuACAKgDAcgDAqoExQFP0MGtdYtsEe8u77giEnquwXRgChA9XhrpsLzh9htqbYhEqZGqxQcm4cQzwvcqnOwKAMmPeBWC4Y1AJz_ozyXpELVntG_xA9VNuqID61PjY5vQtsW7eMb5i6VJ2m4o-3J2t7YoPiIoQDShQcb8oGX3JDfTHB25eZErcaN2QbUDExaBVaFLCiDTnadB0jbS5VnaBvKQbvIxRuShuIkUA9wamUan2KVol-nUVyth0aLkgkkUcc2q35RJk5YiRsPK4Kv4K1T238AEhLK0rmTgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGXYAHxNrQOqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAfIHBBDDzyrSCAkIgOGAUBABGB3yCBthZHgtc3Vic3luLTM4OTczNjE0Nzc1NTExMTGACgPICwHYEwKyFxoKGAgAEhRwdWItMTIzMjI2NTM5OTQxNzMwMg&sigh=O3ltqcGAc3U&tpd=AGWhJmuvsjJq66dyEX__mhSJRrAWRHYBxkxZZ840ZYrn-ekyOg
Requested by: Host: www.ttt4.com
URL: https://www.ttt4.com/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s51-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Referer: https://e3617ebdde843a35541cfc0b060d855b.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 28E5 143 B
244 B 6ms
5ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: e3617ebdde843a35541cfc0b060d855b.safeframe.googlesyndication.com
URL: https://e3617ebdde843a35541cfc0b060d855b.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://e3617ebdde843a35541cfc0b060d855b.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://e3617ebdde843a35541cfc0b060d855b.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Tue, 23 Feb 2021 14:41:25 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 89
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210217/r20110914/client/ Frame 5A66 3 KB
2 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210217/r20110914/client/window_focus_fy2019.js

Requested by

Host: e3617ebdde843a35541cfc0b060d855b.safeframe.googlesyndication.com
URL: https://e3617ebdde843a35541cfc0b060d855b.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e3617ebdde843a35541cfc0b060d855b.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 14:37:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 333
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1546
x-xss-protection: 0
server: cafe
etag: 8852521427838746165
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 09 Mar 2021 14:37:21 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5A66 107 KB
33 KB 45ms
44ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: e3617ebdde843a35541cfc0b060d855b.safeframe.googlesyndication.com
URL: https://e3617ebdde843a35541cfc0b060d855b.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1e707397659a327ca2c365daccf19d3673c313bc9db68c2eb9a10790c5f75dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e3617ebdde843a35541cfc0b060d855b.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 14:42:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1613997191106504"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33369
x-xss-protection: 0
expires: Tue, 23 Feb 2021 14:42:54 GMT

GET
H3-Q050 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210217/r20110914/client/ Frame 5A66 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210217/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: e3617ebdde843a35541cfc0b060d855b.safeframe.googlesyndication.com
URL: https://e3617ebdde843a35541cfc0b060d855b.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

718d8e9bf93740a3a90b67e53219319342074524b2dede8ba219eea4c41ea0c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e3617ebdde843a35541cfc0b060d855b.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 14:37:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 333
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6139
x-xss-protection: 0
server: cafe
etag: 15217341015479086142
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 09 Mar 2021 14:37:21 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 5A66 0
0 14ms
13ms Image
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTCqTx6YPiBBgKXUQ5s1ky001qmncX94P1TlMBUQ2QQ0-NOHr80LEucZ4atCGUsSvjeBpIV
Requested by: Host: e3617ebdde843a35541cfc0b060d855b.safeframe.googlesyndication.com
URL: https://e3617ebdde843a35541cfc0b060d855b.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://e3617ebdde843a35541cfc0b060d855b.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021701.js?31060198

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ttt4.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 14:42:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1611170586013198"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6403
x-xss-protection: 0
expires: Tue, 23 Feb 2021 14:42:54 GMT

GET
H3-Q050

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame E4B7
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

35ms
22ms

Image
text/html

2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Requested by: Host: www.ttt4.com
URL: https://www.ttt4.com/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

date: Tue, 23 Feb 2021 14:42:54 GMT
x-content-type-options: nosniff
server: safe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame 1FF6 4 KB
740 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:600,regular

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2522908643960029184/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0548a34e1f94e73ba30c13a14a5c4351d28230779b06f1b6f6ea3e0e148ed7f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 23 Feb 2021 14:42:15 GMT
server: ESF
date: Tue, 23 Feb 2021 14:42:54 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 23 Feb 2021 14:42:54 GMT

GET
H3-Q050 200 Enabler.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 1FF6 16 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2522908643960029184/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 04:25:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 37033
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5866
x-xss-protection: 0
server: cafe
etag: 544157900006238945
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Wed, 24 Feb 2021 04:25:41 GMT

GET
H3-Q050 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 1FF6 22 KB
9 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2522908643960029184/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 12:41:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7261
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8867
x-xss-protection: 0
server: cafe
etag: 18043545750443934562
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Wed, 24 Feb 2021 12:41:53 GMT

GET
H3-Q050 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/221/ Frame 8AFC 12 KB
5 KB 7ms
7ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/221/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.ttt4.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.ttt4.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4984
date: Tue, 23 Feb 2021 13:33:35 GMT
expires: Wed, 23 Feb 2022 13:33:35 GMT
last-modified: Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 4159
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 5A66 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1999ccc970bce581a4752b1c8baa1e7399518e75c0eb71bedd1b440bea7eb45f

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 28E5
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
21 B

16ms
16ms

Document
text/html

2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Host: e3617ebdde843a35541cfc0b060d855b.safeframe.googlesyndication.com
URL: https://e3617ebdde843a35541cfc0b060d855b.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUnuQcnHjwAJt1SVbDsFeDcj51yTSxiodQM9gg3OClhnZ70cnKcy2oSVPOCq; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 23 Feb 2021 14:42:54 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Tue, 23-Feb-2021 15:42:54 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Tue, 23 Feb 2021 14:42:54 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 23 Feb 2021 14:42:54 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v18/ Frame 1FF6 9 KB
9 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:600,regular

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: null
Referer: https://fonts.googleapis.com/css?family=Open+Sans:600,regular
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 13:55:06 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:49 GMT
server: sffe
age: 2868
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9180
x-xss-protection: 0
expires: Wed, 23 Feb 2022 13:55:06 GMT

GET
H3-Q050 200 logo-h.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2522908643960029184/ Frame 1FF6 6 KB
8 KB 7ms
7ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2522908643960029184/logo-h.png

Requested by

Host: e3617ebdde843a35541cfc0b060d855b.safeframe.googlesyndication.com
URL: https://e3617ebdde843a35541cfc0b060d855b.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ab519d134c535a448a8f1c03762449aa057018f1ded2c7da9e75515a3051d681

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 451110
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6561
x-xss-protection: 0
last-modified: Thu, 17 Sep 2020 04:15:16 GMT
server: sffe
date: Thu, 18 Feb 2021 09:24:24 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 18 Feb 2022 09:24:24 GMT

GET
H3-Q050 200 logo-v.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2522908643960029184/ Frame 1FF6 10 KB
10 KB 9ms
8ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2522908643960029184/logo-v.png

Requested by

Host: e3617ebdde843a35541cfc0b060d855b.safeframe.googlesyndication.com
URL: https://e3617ebdde843a35541cfc0b060d855b.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f50ec91598d9c0a4f76e761f83619c4358d7e614500e41a78a9941659eb87dc5

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 437896
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10374
x-xss-protection: 0
last-modified: Thu, 17 Sep 2020 04:15:16 GMT
server: sffe
date: Thu, 18 Feb 2021 13:04:38 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 18 Feb 2022 13:04:38 GMT

GET
DATA 200
OK truncated
/ Frame 1FF6 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3-Q050 200 sprite.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2522908643960029184/ Frame 1FF6 59 KB
59 KB 9ms
8ms Image
image/jpeg 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2522908643960029184/sprite.jpg

Requested by

Host: e3617ebdde843a35541cfc0b060d855b.safeframe.googlesyndication.com
URL: https://e3617ebdde843a35541cfc0b060d855b.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

819fe2aeba8373e296a2b65c1847aa764d565ad03fc66838d40fdc6c1f5dca8d

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 377146
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60501
x-xss-protection: 0
last-modified: Thu, 17 Sep 2020 04:15:16 GMT
server: sffe
date: Fri, 19 Feb 2021 05:57:08 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 19 Feb 2022 05:57:08 GMT

GET
H3-Q050 200 5F6tG6N9C-HNFBmbPVEyNyk6q7IXWibXNpfQ51AyKrE.js Show response
pagead2.googlesyndication.com/bg/ Frame 8AFC 14 KB
6 KB 10ms
6ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/5F6tG6N9C-HNFBmbPVEyNyk6q7IXWibXNpfQ51AyKrE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e45ead1ba37d0be1cd14199b3d513237293aabb2175a26d73697d0e750322ab1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 08:19:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Feb 2021 11:15:00 GMT
server: sffe
age: 22984
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6224
x-xss-protection: 0
expires: Wed, 23 Feb 2022 08:19:50 GMT

GET
H3-Q050 200 logo-v.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2522908643960029184/ Frame 1FF6 10 KB
10 KB 6ms
5ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2522908643960029184/logo-v.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2522908643960029184/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f50ec91598d9c0a4f76e761f83619c4358d7e614500e41a78a9941659eb87dc5

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2522908643960029184/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 437896
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10374
x-xss-protection: 0
last-modified: Thu, 17 Sep 2020 04:15:16 GMT
server: sffe
date: Thu, 18 Feb 2021 13:04:38 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 18 Feb 2022 13:04:38 GMT

GET
H3-Q050 200 logo-h.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2522908643960029184/ Frame 1FF6 6 KB
6 KB 7ms
6ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2522908643960029184/logo-h.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2522908643960029184/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ab519d134c535a448a8f1c03762449aa057018f1ded2c7da9e75515a3051d681

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2522908643960029184/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 451110
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6561
x-xss-protection: 0
last-modified: Thu, 17 Sep 2020 04:15:16 GMT
server: sffe
date: Thu, 18 Feb 2021 09:24:24 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 18 Feb 2022 09:24:24 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
196 B 47ms
46ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gpt_2021021701&jk=191361105636439&bg=!tbaltvXNAAXB_3NtwTsAKQB2-DxaIg3ursqyW5LilninjlcIM0Xq7s9rneieYjdTsuBanVkzwGSMAgAAAE1SAAAAEmgBBwoBubaaU7H3F1NENkamJx4o7HAegJlLweyOCQFWff3J0yE90BZYaI_0cbRT15XjWE_J8fUTiByE8ZzUxjZxhG706wjXf8Iw9inC1hQBvtp-n0kN2CftYBUTlwFt_PTaRr-wxof9ZI3pOrrCVtigixi-R15BS6Htzj3jRPTWFDE0ZFwe5UoVhEKjA1ASeLpj7I87frqFUn5JtT89-DXlEzVdFCddknB9q2wsaexX507WUMh9w-txcBG4TQFmBSxX8Iil6qu_huo00czfjWnlsAHjsqut2PbMhIbErbM38LW5aYd3zexSehblRaOduylx22c_SDGTQ-WJFCTncNDaQlXDtpp33oRsIEEvLQBtVyiFDovHJPJvGR3s32uOla6ulweEOGqj9EgVYAErcamYSI2fmQ1P5Y2a91KD50QMzb0g3KcB1GhxDvKJgkGuWplOcFxwEsfPYHhaTn0CrwUMteUE6Mm8i4lyNStb0tbXU1eyBjV74Oz2RKfUzDVe-MkPTZCJ-MxtO60FV6mJaSqThVo5Ou2KJY4YEBDub6XQYhSECw4ecEoJT2lbDUapTkDS_GHhAJB4Q38mXGRwUpkBxgN5D_4yMBjhTXxp602dHU048VW4AiOB5IbDU1aa1xU93_S97ildoI-YRupGaONQRgo39cGzwSJKrORQPTMhxt7wr3ll47Y5okqp51ve_D2-kJnLDFe2eR2DiFbMq5IJ3t9A6W-3kVFjz4pmFGqeL50iv0n2-urXOL7iM6iP8uj2r5IDvn4-U6txztZOiFBwbrnx0zscMtdHbAa9Rct0VUD4wcOmwKrAldLaZ7Z-iQXsF-WcqVh12u0tfme3GGYWNMIosOAMqD6jZWb1VVrvlhndDQzqMJGl-f8AFAr8BA9ebQ0CtvVKOAkb5wBvPyjeV8TqYr0IP28xvQZiP37tHYBY2LaUjB3LU7mM3oRwKvu_YlrIud2XzYWh_Zwv-j-ZuHfkzdoUqKMPnumu8SlZq-jLypPNqG2ICedBAAFuBaQqKp64t7jtMCmzmNTeXwNKQ7ynsMgcB81zEHWkqkI6zah47VBjFMIMydPe6r-XtCIFI9Ys7ALjPvJV2Ipejmik4RSHWXxxf3_HK-IrsskudZEeFrdSxEf1tj9W2dbDWumikrBzXOBozcTGO9KGuY338yAwH3wfQ51R67pllsLq7mnTTC_Mxq8

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ttt4.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Feb 2021 14:42:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview
pagead2.googlesyndication.com/pcs/ Frame E4B7 42 B
94 B 46ms
46ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvr7N40OPrXxPq6YBmKARd5RRO3-mjw7Jdh_NPE_CjSm0zeTzb-8R1BjXd1Re0mJtsbMr3AAo6SJPJ1gLvrMv_0d3JqgNxsS6H46yRgvrQdVCawTfPaocU03Swjwg&sai=AMfl-YRhKgBvmoC3eMGeIKk5KTn-E0Gsurd_juzKd4vPA1T-yDAZLcid0X8EVj47uDFRZAcuVSuEPYcfvFA44MJoejsaOPaYWWNCScNSSUGZ5Vke5Bh4VCh56T2uluEXZMck&sig=Cg0ArKJSzNPZuWFigzlvEAE&cid=CAASPeRoiuCrU_eBZptrw6kMz-sNp2bU-QvvNAx8ZM6DOstjaMXNEiXQiclmmypY9h5VjJ7wcD-M2B_Eb59Ga-s&id=ampim&o=669,170&d=728,90&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=189&tls=1189&g=100&h=100&tt=1189&r=v&avms=ampa&adk=1248503751

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ttt4.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Feb 2021 14:42:55 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5A66 42 B
155 B 47ms
46ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu_MF9bquyC6RFO6jY2cCIN_nJfeJdy5LEIGgf05UDxclW_klq5sm41bFoZRqxYWhjdlwZt2rg9ooZXoIPoU3Qhwx9hB_KwhXsDncGZz2ZiLwumciy9u91bU8eVZg&sai=AMfl-YSg61xT9QLi3SuhLs2OI29LhJgPochcKPYeSAtV91gIzq5uqHx07tndmyPyUXzrfj7-MpvClEQxha2x3zlVxoXv5OXp1KQb0EvuyC3hA51SQ9HpIXviRV3lWgurv1bG&sig=Cg0ArKJSzGbxgEKtr2s9EAE&cid=CAASPeRohNuo9Kl_X7yZbQ-cKBWDYlnmsGVUM9xlCEy1hcTjiqgTCCe_3EhMwmb3PJrtKYrwQXxvzaJFfuYqVXU&id=osdim&mcvt=1002&p=478,1429,1078,1589&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20210222&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=2&adk=296907753&rs=4&met=mue&la=0&cr=0&osd=1&vs=4&rst=1614091374124&dlt=23&rpt=249&isd=0&msd=0&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e3617ebdde843a35541cfc0b060d855b.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Feb 2021 14:42:55 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1FF6 0
56 B 51ms
41ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=html5-mon&a0=layout&f0=layout&s0=0&d0=302.0000&a1=https&f1=layout_html&s1=0&d1=9.0000&i=465849580247&t=419&c=p&lp=%2Fsadbundle%2F%24csp%253Der3%24%2F2522908643960029184%2Findex.html&qqi=CMG94feegO8CFQmbewodEzwJhQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Feb 2021 14:43:04 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

114 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.ttt4.com/	1970-01-19 16:21:31	Name: _gat_gtag_UA_245504_3 Value: 1
.ttt4.com/	1970-01-19 16:22:57	Name: _gid Value: GA1.2.1942572732.1614091373
.ttt4.com/	1970-01-20 09:52:43	Name: _ga Value: GA1.2.523490765.1614091373
.ttt4.com/	1970-01-19 17:04:43	Name: __cfduid Value: d73d5e73b6f676380d3315bf0206fb8841614091372

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	info	URL: https://cdn.ampproject.org/rtv/032101070013000/amp4ads-v0.mjs(Line 10) Message: Powered by AMP ⚡ HTML – Version 2101070013000 https://www.ttt4.com/

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.ad4game.com
adservice.google.com
adservice.google.de
cdn.ad4game.com
cdn.ampproject.org
cdn.ttt4.com
connect.facebook.net
e3617ebdde843a35541cfc0b060d855b.safeframe.googlesyndication.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
htlb.casalemedia.com
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.ttt4.com
142.250.185.162
151.139.242.3
184.31.84.150
192.207.255.147
2606:4700:20::681a:fb3
2a00:1450:4001:800::2003
2a00:1450:4001:801::2002
2a00:1450:4001:801::2008
2a00:1450:4001:809::2001
2a00:1450:4001:80e::200e
2a00:1450:4001:810::2002
2a00:1450:4001:811::2002
2a00:1450:4001:812::200a
2a00:1450:4001:813::2004
2a00:1450:4001:828::2002
2a00:1450:4001:829::2001
2a00:1450:4001:82a::2004
2a00:1450:4001:82b::2002
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
020c2557de3ec69a07664513c219fced0ec626f0b6033f1b26593539658659ba
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
0548a34e1f94e73ba30c13a14a5c4351d28230779b06f1b6f6ea3e0e148ed7f9
09d353af2007e6c46308991eeb0281c06fefbffab294c01c17a4dd93165b8ac5
0ad9444e5e5f21ac2684040d22d2471f64ba11ed0a23a526d4737734c90fede7
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
189f1ba8660bd1bef48b94f8fb448042e2fc9250a7a9be4c89d2702e56a3d044
18b857c59024092e3c20f5d3b77697c43d15cd5ce3016c333b5f5c253eb10e22
194a2819816bb760d4c5ba2ba825cf1926b853c821842697c3024ec74a36f66c
1999ccc970bce581a4752b1c8baa1e7399518e75c0eb71bedd1b440bea7eb45f
1f5360a322c2ca5a0fa8135c08d649cd7348d27baba73dbb21e4e50fed717d27
22d3085f32cdded06c472cbd302ae77007f446f819f276e3cfdd6de5fe933760
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
29e41f9b1a649e30f8daf4e4add9d35dbae465d21792d1de5df85e31b8c731a4
2fc82ebe208dec1743b56fd6e8b0be2d6c6537b2ae9945ba8e168b83f2498c00
31c1db4cf32818d1898e8d29aef48936020fb06237582219e0e335dd3777931c
3885bebadfd29d3a6912a014ea7a3e2c391c1b42b79cb5d35d9e8820e8286eb8
38bc20d52c61eae2779bd87b131dce86f86957a3e09f02b969a77e94d7acfc32
3931e452fd26e27a9c4a4d2c1bed51031992236132de01f189e40416a4eb34b2
3a4597e814de06ead29e261e695ca5845318c30fcec6d2a65ed67d5e849d8d7b
3ff36a95569320af0b7f1c4b21ee5324cdabb55b85acf629ec7dfd5ba2972f3e
425cb0d82cfdd99bfafcbc0ca9e8a0990b18b1aaf16c596b3906549eadc22ed1
4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87
47545ca60ccb80161a6d21eaf5a1db28b957e36fff1387f3aa6430cd2ebaa522
49b8e5171e1ecf3fc308900a6225713f0fe36d16a40e683faaad1c85f3c673fb
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
4e66761d586d732639b766ef241457f7050126dfde3480a46673416cc9f81a3d
4f03db3ac6470a1a7cb0035afc1aeb25bfab7c593f484532b78472165efccf49
50c29c69ee12a6da4c901b195bf6d1285009bd5ba4db75099d88939b6f77090a
511f7b7d3ec1db80b1c90cb073d3ce0cbedb4dc39a4f36eb52b214331ba19b33
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
5557925e7a407e603be7fd2cd862e7c5a294568ef01baac8afce4200413dcec9
5956c56a1babeffee7857dcde43858cc94760eaf73cd9182f79b5479b90255d5
5c99d39b81d55c6657045677a7ea31d1786ab4dbddc1a4ce32acbacd4aed6234
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
5f7fd5989c12c6559d04ebec24d035a6781b0732ad49ab642a33b8b26cfe0a5b
616472ecf104659e2788bd543077eb5f2f4294480302cfbd47b9eef27d76750a
61ff312f213ee4e5a553417b0e376863eec8eb9bd62eefb5d6818ae5ba49ccef
631f5242e0cb15b0cf69c4129f1f80c891fd89787af79d31a0090e55047c7f10
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6dea962ded6b7bb1803e1d10fe3bde8e9b71ad87606e7b4388dfe9d27cea640e
6e79178eecebe5f108edd1c06fe30b4e335f30ffa440b12dd22adea8061b346d
718d8e9bf93740a3a90b67e53219319342074524b2dede8ba219eea4c41ea0c4
729a2ac0024a0373951287e7972036da81501280cbd7f63c45f1ba3db73b9a2a
75d01a8ab462841241db5ffa8cb2d26cb67468b58dc8468ad0f19a5324ee8618
7609dfadb65296fbcca457ff5c6bba851b43943307f2834ccc9f31be4479c224
799315868f339547245dd172f2309a1fd7ae25fddf9ab2761c939be2ecb90772
7c1c9d1d14eddcd48f860bb956c08334a1ed1ac339097be1ecefc14bd62ad790
819fe2aeba8373e296a2b65c1847aa764d565ad03fc66838d40fdc6c1f5dca8d
831eef7718072c7fef9dbcd3774ea36d1ecdf6552bb11b2231293d84663af5ef
873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745
8998e1891d8c0438539d93f6f7cb156bd1add074ec7ae271529041072ead7945
8cd1cc7558309ce0839d31c56f33d5274b8b53e2472ec3deda3be24fcd3fe40c
8e9e374eeedee4a6e820c88ebf463c8df3d41e0713201b0c3a679b8be1e7d479
921dbf87a287f65d88b40b028fadbf3550463739ec03a519d36dc8ae94404d51
97e822379164f4254532c743715222e913192ec4ded1d02063fed6aa56344295
981f6ac4a0eed80f6a40eef39d86ce7876f6e360d8b3a2f57f2617bb12895dc3
9a71ff2d6a12cd63eada38c3473972227cababd2cac1abcb4afb672fb8d46342
9e411b3a77e5e6d116d49bf63a03765982bb19402c2dc93bdd44f189060e4562
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0b12e6711153a5e2ad45bb982943eedc21d39395da6cc972e8b68987ccbec75
a9810cb1d11dc4a6a4a0c47f43e6fe2edd4763e356eb164b8afa71d0cb5ddafa
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ab519d134c535a448a8f1c03762449aa057018f1ded2c7da9e75515a3051d681
affc78313af74cb556ddb4bda187a4b095f0b7cf720e0111bd8a2e98d564fd19
b1950b2f67ef6cdff5a1a0ad4809f525b651d660551a8d891c1f2cce42db7e8c
b3059d648f494d75adc15c080ca1e39c0583d0b47606a7accad6b81841b6b81e
b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc
c4024d5169b2506f3421052b45f5d66154de796baf2443d9326ac40107ce5cfb
c7fa743da4cd37829cd0e7c02e877f094400036be87c8e1fd9d2c3f5f68a8fa5
cee154c1bde4d6403fbca4cccb80899e57fa2fbfd2a0edd4476542137b81eb2e
d0f59622e2b26255471d645d7d7f8d43af7ba7afcd7933e873bf6dd091b667e8
d114ff11fcd2086e63bbf66b6503efa195594156372fd392ca6cd4ff145f9f84
d4bcc0724f6e712c79852ea183bf3d4da5a6301703ab33730c6a998320422b73
d794a7e3a152f335f88b572a5ff5dbf6b7560b7ba223c4ffe050ce8d58de4354
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
dc9f7cdaabb3201fd2ead8c0cfd974710305362d0ea77c96069cb189796d6238
de35c207e00e170b91eba5c6ec42ea0c55ce4f906ef058521d9d8bf296048087
dfa586fa8b70c056272ef189e613dc9f6bcb8f9b659259219fa776f639dd3374
e06f5493e5454ca306517848c88ec1c70e5fec96628853b0a386120c7cb2c670
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e45ead1ba37d0be1cd14199b3d513237293aabb2175a26d73697d0e750322ab1
e86479d6e54449d1085c2149e190a615c6bead407b20bacbcf5852b5d65f1fee
e8bac59fdfccebb6510422d5598de565aefe6bd1cdf2bc05f3e704e61e2cf9fc
ed37b417602c624034bbc47eeabf39101595b6b7f7b6d043b12d76ca96e5e93e
ed91fbb0cd9308f91f8e1fd93942c94ee850fc4161ed788b16f801b743c70b9b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1e707397659a327ca2c365daccf19d3673c313bc9db68c2eb9a10790c5f75dd
f3f3b91f7f5267d65968963346a50a9850b776fdb04133f8102a07c1242ec5ef
f4ac975bcdda6b6c93ac0a5ca0993776f4e585f937e63a0bb9575c69124efc25
f50ec91598d9c0a4f76e761f83619c4358d7e614500e41a78a9941659eb87dc5
f6d3c97e756484a4e9f83da4a830df89ee8d0b1f517cbde1773e410985d521e6
fc061da13dcea60089bfd2a9ed45106fb54a1817a8562e6270343366e0327699

www.ttt4.com Open in urlscan Pro 2606:4700:20::681a:fb3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

103 Requests

100 %HTTPS

80 %IPv6

15 Domains

21 Subdomains

20 IPs

2 Countries

1408 kBTransfer

2997 kBSize

4 Cookies

1 Outgoing links

Redirected requests

103 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.ttt4.com Open in urlscan Pro
2606:4700:20::681a:fb3 Public Scan

Screenshot
Live screenshot

Full Image

103
Requests

100 %
HTTPS

80 %
IPv6

15
Domains

21
Subdomains

20
IPs

2
Countries

1408 kB
Transfer

2997 kB
Size

4
Cookies

103 HTTP transactions
4 data transactions