google.mrered.workers.dev Open in urlscan Pro
2606:4700:3032::ac43:d27c Public Scan

Go To Rescan
Add Verdict Report

URL:
https://google.mrered.workers.dev/
Submission: On August 19 via api (August 19th 2023, 1:39:42 am UTC) from US — Scanned from US

Summary HTTP 26 Redirects Links 13 Behaviour Indicators

Summary

This website contacted 5 IPs in 1 countries across 3 domains to perform 26 HTTP transactions. The main IP is 2606:4700:3032::ac43:d27c, located in United States and belongs to CLOUDFLARENET, US. The main domain is google.mrered.workers.dev.
TLS certificate: Issued by GTS CA 1P5 on July 29th 2023. Valid for: 3 months.

This is the only time google.mrered.workers.dev was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
19	2606:4700:303... 2606:4700:3032::ac43:d27c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2607:f8b0:400... 2607:f8b0:4006:821::2003	15169 (GOOGLE) (GOOGLE)
2	2606:4700:303... 2606:4700:3036::6815:1059	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4006:81f::200e	15169 (GOOGLE) (GOOGLE)
26	5

19 2606:4700:3032::ac43:d27c (United States)

ASN13335 (CLOUDFLARENET, US)

google.mrered.workers.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:821::2003 (Stony Point, United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3036::6815:1059 (United States)

ASN13335 (CLOUDFLARENET, US)

ogs.google.mrered.workers.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.mrered.workers.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81f::200e (Stony Point, United States)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	workers.dev google.mrered.workers.dev ogs.google.mrered.workers.dev adservice.google.mrered.workers.dev	995 KB
2	gstatic.com www.gstatic.com	74 KB
1	google.com apis.google.com — Cisco Umbrella Rank: 164 play.google.com Failed	41 KB
26	3

	Domain	Requested by
19	google.mrered.workers.dev	google.mrered.workers.dev
2	www.gstatic.com	google.mrered.workers.dev
1	adservice.google.mrered.workers.dev
1	apis.google.com	www.gstatic.com
1	ogs.google.mrered.workers.dev	www.gstatic.com
0	play.google.com Failed	www.gstatic.com
26	6

This site contains links to these domains. Also see Links.

Domain
about.google
store.google.mrered.workers.dev
mail.google.mrered.workers.dev
www.google.mrered.workers.dev
accounts.google.mrered.workers.dev
sustainability.google
policies.google.mrered.workers.dev
support.google.mrered.workers.dev

Subject Issuer	Validity	Valid
mrered.workers.dev GTS CA 1P5	`2023-07-29` - `2023-10-27`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
*.apis.google.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://google.mrered.workers.dev/
Frame ID: 742A6E288DB738EF9E040529AF8A2C61
Requests: 26 HTTP requests in this frame

Frame: https://ogs.google.mrered.workers.dev/widget/callout?prid=19037050&pgid=19037049&puid=f564582f878719e3&cce=1&dc=1&origin=https%3A%2F%2Fgoogle.mrered.workers.dev&cn=callout&pid=1&spid=538&hl=en
Frame ID: BFB864D29F0A5FF0D00006D1DEFA018D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Google

Page Statistics

26
Requests

92 %
HTTPS

100 %
IPv6

3
Domains

6
Subdomains

5
IPs

1
Countries

1110 kB
Transfer

2535 kB
Size

1
Cookies

13 Outgoing links

These are links going to different origins than the main page.

URL: https://about.google/?fg=1&utm_source=google-US&utm_medium=referral&utm_campaign=hp-header
Title: About

Search URL Search Domain Scan URL

URL: https://store.google.mrered.workers.dev/US?utm_source=hp_header&utm_medium=google_ooo&utm_campaign=GS100042&hl=en-US
Title: Store

Search URL Search Domain Scan URL

URL: https://mail.google.mrered.workers.dev/mail/&ogbl
Title: Gmail

Search URL Search Domain Scan URL

URL: https://www.google.mrered.workers.dev/imghp?hl=en&ogbl
Title: Images

Search URL Search Domain Scan URL

URL: https://www.google.mrered.workers.dev/intl/en/about/products

Search URL Search Domain Scan URL

URL: https://accounts.google.mrered.workers.dev/ServiceLogin?hl=en&passive=true&continue=https://www.google.mrered.workers.dev/&ec=GAZAmgQ
Title: Sign in

Search URL Search Domain Scan URL

URL: https://www.google.mrered.workers.dev/intl/en_us/ads/?subid=ww-ww-et-g-awa-a-g_hpafoot1_1!o2&utm_source=google.mrered.workers.dev&utm_medium=referral&utm_campaign=google_hpafooter&fg=1
Title: Advertising

Search URL Search Domain Scan URL

URL: https://www.google.mrered.workers.dev/services/?subid=ww-ww-et-g-awa-a-g_hpbfoot1_1!o2&utm_source=google.mrered.workers.dev&utm_medium=referral&utm_campaign=google_hpbfooter&fg=1
Title: Business

Search URL Search Domain Scan URL

URL: https://sustainability.google/?utm_source=googlehpfooter&utm_medium=housepromos&utm_campaign=bottom-footer&utm_content=
Title: Our third decade of climate action: join us

Search URL Search Domain Scan URL

URL: https://policies.google.mrered.workers.dev/privacy?hl=en&fg=1
Title: Privacy

Search URL Search Domain Scan URL

URL: https://policies.google.mrered.workers.dev/terms?hl=en&fg=1
Title: Terms

Search URL Search Domain Scan URL

URL: https://www.google.mrered.workers.dev/preferences?hl=en&fg=1
Title: Search settings

Search URL Search Domain Scan URL

URL: https://support.google.mrered.workers.dev/websearch/?p=ws_results_help&hl=en&fg=1
Title: Search help

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

26 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
google.mrered.workers.dev/ 174 KB
56 KB 789ms
665ms Document
text/html 2606:4700:3032::ac43:d27c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://google.mrered.workers.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::ac43:d27c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d946d3c10872a396da0f05671b00df1c6cdb24a453dba07a20ad5bf11da51030

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ch: Sec-CH-UA-Platform Sec-CH-UA-Platform-Version Sec-CH-UA-Full-Version Sec-CH-UA-Arch Sec-CH-UA-Model Sec-CH-UA-Bitness Sec-CH-UA-Full-Version-List Sec-CH-UA-WoW64
access-control-allow-credentials: true
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cache-control: private, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 7f8eaf0668314bd2-BUF
content-encoding: br
content-type: text/html; charset=UTF-8
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
date: Sat, 19 Aug 2023 01:39:36 GMT
expires: -1
origin-trial: Ap+qNlnLzJDKSmEHjzM5ilaa908GuehlLqGb6ezME5lkhelj20qVzfv06zPmQ3LodoeujZuphAolrnhnPA8w4AIAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY4NTY2Mzk5OX0= AvudrjMZqL7335p1KLV2lHo1kxdMeIN0dUI15d0CPz9dovVLCcXk8OAqjho1DX4s6NbHbA/AGobuGvcZv0drGgQAAAB9eyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJCYWNrRm9yd2FyZENhY2hlTm90UmVzdG9yZWRSZWFzb25zIiwiZXhwaXJ5IjoxNjkxNTM5MTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
permissions-policy: unload=()
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
server: cloudflare
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H2 200 m=cdos,hsm,jsa,mb4ZUb,d,csi,cEt90b,SNUn3,qddgKe,sTsDMc,dtl0hd,eHDfl Show response
google.mrered.workers.dev/xjs/_/js/k=xjs.s.en_US.tFWlRA1T2lU.O/am=CAAAAAAAAAAgAACin3AIwAYwQAAACAAAgCAAAgAAAADAIAIAAwDBo0zSAAgIEEJgAcTgGgCUUAIAAAAAQNgPEQAAAADgAAgAAKAQgAaEgAIQAAAAAHkAAh4AYDBhAQAAAAA... 952 KB
333 KB 200ms
199ms Script
text/javascript 2606:4700:3032::ac43:d27c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://google.mrered.workers.dev/xjs/_/js/k=xjs.s.en_US.tFWlRA1T2lU.O/am=CAAAAAAAAAAgAACin3AIwAYwQAAACAAAgCAAAgAAAADAIAIAAwDBo0zSAAgIEEJgAcTgGgCUUAIAAAAAQNgPEQAAAADgAAgAAKAQgAaEgAIQAAAAAHkAAh4AYDBhAQAAAAAAAAAAAARQgmBwQQKgIAACAAAAAAAAAAAApJLJi4EE/d=1/ed=1/dg=2/br=1/rs=ACT90oGkGr_SHEisCcOxbSh7v72A4z58gA/ee=cEt90b:ws9Tlc;qddgKe:x4FYXe,d7YSfd;yxTchf:KUM7Z;dtl0hd:lLQWFe;eHDfl:ofjVkb;qaS3gd:yiLg6e;nAFL3:NTMZac,s39S4;oGtAuc:sOXFj;iFQyKf:vfuNJf,QIhFr;SNUn3:ZwDk9d,x8cHvb;io8t5d:sgY6Zb;Oj465e:KG2eXe,KG2eXe;Erl4fe:FloWmf,FloWmf;JsbNhc:Xd8iUd;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;uY49fb:COQbmf;Pjplud:PoEs9b,EEDORb;QGR0gd:Mlhmy;a56pNe:JEfCwb;Me32dd:MEeYgc;wR5FRb:TtcOte,O1Gjze;pXdRYb:JKoKVe,MdUzUe;dIoSBb:ZgGg9b;EmZ2Bf:zr1jrb;NSEoX:lazG7b;eBAeSb:Ck63tb;WCEKNd:I46Hvd;wV5Pjc:L8KGxe;EVNhjf:pw70Gc;sTsDMc:kHVSUb;wQlYve:aLUfP;zOsCQe:Ko78Df;KcokUb:KiuZBf;YV5bee:IvPZ6d;kbAm9d:MkHyGd;ZWEUA:afR4Cf;g8nkx:U4MzKc;lzgfYb:PI40bd;ESrPQc:mNTJvc;qavrXe:zQzcXe,mYbt1d;w9w86d:dt4g2b;GleZL:J1A7Od;bcPXSc:gSZLJb;JXS8fb:Qj0suc;IoGlCf:b5lhvb;vfVwPd:OXTqFb;VGRfx:VFqbr;BjwMce:cXX2Wb;pNsl2d:j9Yuyc;R9Ulx:CR7Ufe;kY7VAf:d91TEb;KpRAue:Tia57b;jY0zg:Q6tNgc;l8Azde:j4Ca9b;oSUNyd:fTfGO,fTfGO,vjQg0b;SMDL4c:fTfGO,vjQg0b;aZ61od:arTwJ;ZrFutb:W4Cdfc;K8vqCc:MyIcle;NPKaK:SdcwHb;LBgRLc:XVMNvd,SdcwHb;rQSrae:C6D5Fc;kCQyJ:ueyPK;KQzWid:mB4wNe;EABSZ:MXZt9d;TxfV6d:YORN0b;UDrY1c:eps46d;F9mqte:UoRcbe;Nyt6ic:jn2sGd;w3bZCb:ZPGaIb;G0KhTb:LIaoZ;aAJE9c:WHW6Ef;V2HTTe:RolTY;Wfmdue:g3MJlb;imqimf:jKGL2e;BgS6mb:fidj5d;UVmjEd:EesRsb;z97YGf:oug9te;AfeaP:TkrAjf;eBZ5Nd:audvde;CxXAWb:YyRLvc;VN6jIc:ddQyuf;SLtqO:Kh1xYe;tosKvd:ZCqP3;VOcgDe:YquhTb;uuQkY:u2V3ud;WDGyFe:jcVOxd;trZL0b:qY8PFe;VxQ32b:k0XsBb;DULqB:RKfG5c;Np8Qkd:Dpx6qc;cFTWae:gT8qnd;gaub4:TN6bMe;xBbsrc:NEW1Qc;DpcR3d:zL72xf;hjRo6e:F62sG;yGxLoc:FmAr0c;oUlnpc:RagDlc;R2kc8b:ALJqWb;pj82le:mg5CW;dLlj2:Qqt3Gf;qGV2uc:HHi04c;gtVSi:ekUOYd;UyG7Kb:wQd0G;LsNahb:ucGLNb;xbe2wc:uRMPBc;Q1Ow7b:x5CSu;okUaUd:wItadb;G6wU6e:hezEbd;uknmt:GkPrzb;PqHfGe:im2cZe;Fmv9Nc:O1Tzwc;hK67qb:QWEO5b;BMxAGc:E5bFse;R4IIIb:QWfeKf;whEZac:F4AmNb;tH4IIe:Ymry6;zxnPse:GkRiKb;xqZiqf:wmnU7d;lkq0A:Z0MWEf;daB6be:lMxGPd;U96pRd:FsR04;LEikZe:byfTOb,lsjVmc/m=cdos,hsm,jsa,mb4ZUb,d,csi,cEt90b,SNUn3,qddgKe,sTsDMc,dtl0hd,eHDfl

Requested by

Host: google.mrered.workers.dev
URL: https://google.mrered.workers.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::ac43:d27c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

298f10679e3efeb67a92eb0c63ad570aee58b31584425e502438b66da07dfdb1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://google.mrered.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 01:39:36 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
last-modified: Fri, 18 Aug 2023 20:46:21 GMT
server: cloudflare
cross-origin-opener-policy: same-origin; report-to="gws-team"
vary: Accept-Encoding, Origin
report-to: {"group":"gws-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws-team"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
access-control-allow-credentials: true
cf-ray: 7f8eaf0ac8714bd2-BUF
expires: Sun, 18 Aug 2024 01:39:36 GMT

GET
H2 404 googlelogo_color_272x92dp.png
google.mrered.workers.dev/images/branding/googlelogo/1x/ 2 KB
2 KB 843ms
843ms Image
text/html 2606:4700:3032::ac43:d27c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://google.mrered.workers.dev/images/branding/googlelogo/1x/googlelogo_color_272x92dp.png
Requested by: Host: google.mrered.workers.dev
URL: https://google.mrered.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:d27c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f70981750d3736ef3a67201aafe5b45319965883eacec0ef447c35e76cc3488c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://google.mrered.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 01:39:37 GMT
content-encoding: br
referrer-policy: no-referrer
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qk44gDhqNG%2FlzYhQx%2FJSE1OPa%2BeR9SDunWXJaGbKahyMsUaI2Qr4JS0gbeFvsnQeNW6LyNGTe%2FWlhAXZfaz0IC9aAJheiRnE06Sb5FU62Hk0phgyXluNyXmzLhCBoWNT9sEww3U43SyqGSQiMP9eUcL4MhNaPtOF"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 7f8eaf0ac8724bd2-BUF
alt-svc: h3=":443"; ma=86400

GET
DATA 200
OK truncated
/ 315 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dfc968774223d526b5bd576d65d52926560be675eb4d289e4b50b6b2d1c4c34c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://google.mrered.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 rs=AA2YrTsgd_ypzHoy2JPJv2iswMZ51SEckw Show response
www.gstatic.com/og/_/js/k=og.qtm.en_US.qYFIEIkCIVI.2019.O/rt=j/m=qabr,q_d,qcwid,qapid,qald,q_dg/exm=qaaw,qadd,qaid,qein,qhaw,qhba,qhbr,qhch,qhga,qhid,qhin/d=1/ed=1/ 204 KB
73 KB 87ms
25ms Script
text/javascript 2607:f8b0:4006:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/og/_/js/k=og.qtm.en_US.qYFIEIkCIVI.2019.O/rt=j/m=qabr,q_d,qcwid,qapid,qald,q_dg/exm=qaaw,qadd,qaid,qein,qhaw,qhba,qhbr,qhch,qhga,qhid,qhin/d=1/ed=1/rs=AA2YrTsgd_ypzHoy2JPJv2iswMZ51SEckw

Requested by

Host: google.mrered.workers.dev
URL: https://google.mrered.workers.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2003 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d14055293577be66d5e8ff6a99b01e46b5a4fafb3880cdd24aa740387eae2bd1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://google.mrered.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 12:03:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 221764
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/one-google-eng
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 74628
x-xss-protection: 0
last-modified: Sat, 12 Aug 2023 01:52:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="one-google-eng"
vary: Accept-Encoding, Origin
report-to: {"group":"one-google-eng","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/one-google-eng"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 15 Aug 2024 12:03:32 GMT

GET
H2 200 rs=AA2YrTuGs_dsg3deeYWmrd2SeOOCbFjXog
www.gstatic.com/og/_/ss/k=og.qtm.lyzWpsGgyY4.L.W.O/m=qcwid/excm=qaaw,qadd,qaid,qein,qhaw,qhba,qhbr,qhch,qhga,qhid,qhin/d=1/ed=1/ct=zgms/ 2 KB
1 KB 85ms
24ms Stylesheet
text/css 2607:f8b0:4006:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/og/_/ss/k=og.qtm.lyzWpsGgyY4.L.W.O/m=qcwid/excm=qaaw,qadd,qaid,qein,qhaw,qhba,qhbr,qhch,qhga,qhid,qhin/d=1/ed=1/ct=zgms/rs=AA2YrTuGs_dsg3deeYWmrd2SeOOCbFjXog

Requested by

Host: google.mrered.workers.dev
URL: https://google.mrered.workers.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2003 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

05fb5ceebe5ec03405975bd5f8b894a857b1e9bd32c7394487ff529fb902f69b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://google.mrered.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 08:00:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 322722
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/one-google-eng
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 639
x-xss-protection: 0
last-modified: Tue, 01 Aug 2023 01:50:11 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="one-google-eng"
vary: Accept-Encoding, Origin
report-to: {"group":"one-google-eng","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/one-google-eng"}]}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 14 Aug 2024 08:00:54 GMT

GET
H2 404 desktop_searchbox_sprites318_hr.webp
google.mrered.workers.dev/images/searchbox/ 2 KB
2 KB 848ms
848ms Image
text/html 2606:4700:3032::ac43:d27c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://google.mrered.workers.dev/images/searchbox/desktop_searchbox_sprites318_hr.webp
Requested by: Host: google.mrered.workers.dev
URL: https://google.mrered.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:d27c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e0775b611f80abb2d0432ece48ffae93ba1d6ec8679e6072a628779bccc4e8d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://google.mrered.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 01:39:37 GMT
content-encoding: br
referrer-policy: no-referrer
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=odFQap28sh07bG657gVxHtaigvWS9VxchChkhRQfwF%2FgFMw23g6TqJkPooQiIJN133Lf%2Bj5clHRejhBd7A0JaC9p98DsuJ1037E%2BhLtkS0eKyjKKOMNrnzq09lLUtBxzInABXU%2B%2FyMu8IRkydO2jGYqgt5twKEkg"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 7f8eaf0b087b4bd2-BUF
alt-svc: h3=":443"; ma=86400

GET
H2 404 callout
ogs.google.mrered.workers.dev/widget/ Frame BFB8 0
0 124ms
34ms Document
text/html 2606:4700:3036::6815:1059
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ogs.google.mrered.workers.dev/widget/callout?prid=19037050&pgid=19037049&puid=f564582f878719e3&cce=1&dc=1&origin=https%3A%2F%2Fgoogle.mrered.workers.dev&cn=callout&pid=1&spid=538&hl=en

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/og/_/js/k=og.qtm.en_US.qYFIEIkCIVI.2019.O/rt=j/m=qabr,q_d,qcwid,qapid,qald,q_dg/exm=qaaw,qadd,qaid,qein,qhaw,qhba,qhbr,qhch,qhga,qhid,qhin/d=1/ed=1/rs=AA2YrTsgd_ypzHoy2JPJv2iswMZ51SEckw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::6815:1059 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://google.mrered.workers.dev/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 7f8eaf0cb92b4bc7-BUF
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sat, 19 Aug 2023 01:39:37 GMT
expires: Thu, 01 Jan 1970 00:00:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MYFY%2FcKpjxVM0lrre51qS72O0aMfloL5dzSmrFKXlTHSzOD2Z%2BRmTo9mf7uNis%2F5ZKzBgDyK0KHVnzaiviVYgfBMsV3iQuoFtoe6ftsbsbhXepH5VwtNCcG4kYuxQ%2B3x6OeHFgSJHkxLR%2FNgprPWfDQSEUDap2%2BNYNgugQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN

GET
H2 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.hh2Jqle7bK0.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-jeiq7uVLkyqJvSohFtUkaGjEuyg/ 118 KB
41 KB 88ms
26ms Script
text/javascript 2607:f8b0:4006:81f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.hh2Jqle7bK0.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-jeiq7uVLkyqJvSohFtUkaGjEuyg/cb=gapi.loaded_0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::200e Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d973cc0f5e02b5e5b73d9f1e3474b79843febb64fed861b5b51508b1938f87bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://google.mrered.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 23:15:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 267868
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40948
x-xss-protection: 0
last-modified: Tue, 04 Jul 2023 15:22:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 14 Aug 2024 23:15:09 GMT

GET
H3 200 search Show response
google.mrered.workers.dev/complete/ 12 KB
9 KB 865ms
865ms XHR
application/json 2606:4700:3032::ac43:d27c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://google.mrered.workers.dev/complete/search?q&cp=0&client=gws-wiz&xssi=t&gs_pcrt=2&hl=en&authuser=0&psi=WB3gZMTuH8-aptQPuJKXgA0.1692409177181&dpr=1&nolsbt=1

Requested by

Host: google.mrered.workers.dev
URL: https://google.mrered.workers.dev/xjs/_/js/k=xjs.s.en_US.tFWlRA1T2lU.O/am=CAAAAAAAAAAgAACin3AIwAYwQAAACAAAgCAAAgAAAADAIAIAAwDBo0zSAAgIEEJgAcTgGgCUUAIAAAAAQNgPEQAAAADgAAgAAKAQgAaEgAIQAAAAAHkAAh4AYDBhAQAAAAAAAAAAAARQgmBwQQKgIAACAAAAAAAAAAAApJLJi4EE/d=1/ed=1/dg=2/br=1/rs=ACT90oGkGr_SHEisCcOxbSh7v72A4z58gA/ee=cEt90b:ws9Tlc;qddgKe:x4FYXe,d7YSfd;yxTchf:KUM7Z;dtl0hd:lLQWFe;eHDfl:ofjVkb;qaS3gd:yiLg6e;nAFL3:NTMZac,s39S4;oGtAuc:sOXFj;iFQyKf:vfuNJf,QIhFr;SNUn3:ZwDk9d,x8cHvb;io8t5d:sgY6Zb;Oj465e:KG2eXe,KG2eXe;Erl4fe:FloWmf,FloWmf;JsbNhc:Xd8iUd;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;uY49fb:COQbmf;Pjplud:PoEs9b,EEDORb;QGR0gd:Mlhmy;a56pNe:JEfCwb;Me32dd:MEeYgc;wR5FRb:TtcOte,O1Gjze;pXdRYb:JKoKVe,MdUzUe;dIoSBb:ZgGg9b;EmZ2Bf:zr1jrb;NSEoX:lazG7b;eBAeSb:Ck63tb;WCEKNd:I46Hvd;wV5Pjc:L8KGxe;EVNhjf:pw70Gc;sTsDMc:kHVSUb;wQlYve:aLUfP;zOsCQe:Ko78Df;KcokUb:KiuZBf;YV5bee:IvPZ6d;kbAm9d:MkHyGd;ZWEUA:afR4Cf;g8nkx:U4MzKc;lzgfYb:PI40bd;ESrPQc:mNTJvc;qavrXe:zQzcXe,mYbt1d;w9w86d:dt4g2b;GleZL:J1A7Od;bcPXSc:gSZLJb;JXS8fb:Qj0suc;IoGlCf:b5lhvb;vfVwPd:OXTqFb;VGRfx:VFqbr;BjwMce:cXX2Wb;pNsl2d:j9Yuyc;R9Ulx:CR7Ufe;kY7VAf:d91TEb;KpRAue:Tia57b;jY0zg:Q6tNgc;l8Azde:j4Ca9b;oSUNyd:fTfGO,fTfGO,vjQg0b;SMDL4c:fTfGO,vjQg0b;aZ61od:arTwJ;ZrFutb:W4Cdfc;K8vqCc:MyIcle;NPKaK:SdcwHb;LBgRLc:XVMNvd,SdcwHb;rQSrae:C6D5Fc;kCQyJ:ueyPK;KQzWid:mB4wNe;EABSZ:MXZt9d;TxfV6d:YORN0b;UDrY1c:eps46d;F9mqte:UoRcbe;Nyt6ic:jn2sGd;w3bZCb:ZPGaIb;G0KhTb:LIaoZ;aAJE9c:WHW6Ef;V2HTTe:RolTY;Wfmdue:g3MJlb;imqimf:jKGL2e;BgS6mb:fidj5d;UVmjEd:EesRsb;z97YGf:oug9te;AfeaP:TkrAjf;eBZ5Nd:audvde;CxXAWb:YyRLvc;VN6jIc:ddQyuf;SLtqO:Kh1xYe;tosKvd:ZCqP3;VOcgDe:YquhTb;uuQkY:u2V3ud;WDGyFe:jcVOxd;trZL0b:qY8PFe;VxQ32b:k0XsBb;DULqB:RKfG5c;Np8Qkd:Dpx6qc;cFTWae:gT8qnd;gaub4:TN6bMe;xBbsrc:NEW1Qc;DpcR3d:zL72xf;hjRo6e:F62sG;yGxLoc:FmAr0c;oUlnpc:RagDlc;R2kc8b:ALJqWb;pj82le:mg5CW;dLlj2:Qqt3Gf;qGV2uc:HHi04c;gtVSi:ekUOYd;UyG7Kb:wQd0G;LsNahb:ucGLNb;xbe2wc:uRMPBc;Q1Ow7b:x5CSu;okUaUd:wItadb;G6wU6e:hezEbd;uknmt:GkPrzb;PqHfGe:im2cZe;Fmv9Nc:O1Tzwc;hK67qb:QWEO5b;BMxAGc:E5bFse;R4IIIb:QWfeKf;whEZac:F4AmNb;tH4IIe:Ymry6;zxnPse:GkRiKb;xqZiqf:wmnU7d;lkq0A:Z0MWEf;daB6be:lMxGPd;U96pRd:FsR04;LEikZe:byfTOb,lsjVmc/m=cdos,hsm,jsa,mb4ZUb,d,csi,cEt90b,SNUn3,qddgKe,sTsDMc,dtl0hd,eHDfl

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::ac43:d27c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3504209930c0fe3e1dd2d972fe3e84d3c022d8be7819602fb910f9a134e24dfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://google.mrered.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 01:39:38 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/cdt1"}]}
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
access-control-allow-credentials: true
origin-trial: Ap+qNlnLzJDKSmEHjzM5ilaa908GuehlLqGb6ezME5lkhelj20qVzfv06zPmQ3LodoeujZuphAolrnhnPA8w4AIAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY4NTY2Mzk5OX0=, AvudrjMZqL7335p1KLV2lHo1kxdMeIN0dUI15d0CPz9dovVLCcXk8OAqjho1DX4s6NbHbA/AGobuGvcZv0drGgQAAAB9eyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJCYWNrRm9yd2FyZENhY2hlTm90UmVzdG9yZWRSZWFzb25zIiwiZXhwaXJ5IjoxNjkxNTM5MTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
permissions-policy: unload=()
vary: Accept-Encoding
cf-ray: 7f8eaf0d789c4bd2-BUF
expires: Sat, 19 Aug 2023 01:39:37 GMT

GET
H3 200 m=DhPYme,EkevXb,GU4Gab,MpJwZc,NzU6V,UUJqVe,aa,abd,async,epYOx,ifl,loL8vb,ms4mZb,mu,pHXghd,q0xTif,s39S4,sOXFj,sb_wiz,sf,sonic,spch Show response
google.mrered.workers.dev/xjs/_/js/k=xjs.s.en_US.tFWlRA1T2lU.O/ck=xjs.s.1cSoGalsFF0.L.W.O/am=CAAAAAAAAAAgAACin3AIwAYwQAAACAAAgCAAAgAAAADAIAIAAwDBo0zSAAgIEEJgAcTgGgCUUAIAAAAAQNgPEQAAAADgAAgAAKAQgAaE... 882 KB
487 KB 919ms
919ms Script
text/javascript 2606:4700:3032::ac43:d27c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://google.mrered.workers.dev/xjs/_/js/k=xjs.s.en_US.tFWlRA1T2lU.O/ck=xjs.s.1cSoGalsFF0.L.W.O/am=CAAAAAAAAAAgAACin3AIwAYwQAAACAAAgCAAAgAAAADAIAIAAwDBo0zSAAgIEEJgAcTgGgCUUAIAAAAAQNgPEQAAAADgAAgAAKAQgAaEgAIQAAAAAHkAAh4AYDBhAQAAAAAAAAAAAARQgmBwQQKgIAACAAAAAAAAAAAApJLJi4EE/d=1/exm=SNUn3,cEt90b,cdos,csi,d,dtl0hd,eHDfl,hsm,jsa,mb4ZUb,qddgKe,sTsDMc/ed=1/dg=2/br=1/rs=ACT90oG1wIodvI9W7lec0sgpKdOyLLZJJA/ee=AfeaP:TkrAjf;BMxAGc:E5bFse;BgS6mb:fidj5d;BjwMce:cXX2Wb;CxXAWb:YyRLvc;DULqB:RKfG5c;DpcR3d:zL72xf;EABSZ:MXZt9d;ESrPQc:mNTJvc;EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;Erl4fe:FloWmf;F9mqte:UoRcbe;Fmv9Nc:O1Tzwc;G0KhTb:LIaoZ;G6wU6e:hezEbd;GleZL:J1A7Od;IoGlCf:b5lhvb;JXS8fb:Qj0suc;JsbNhc:Xd8iUd;K8vqCc:MyIcle;KQzWid:mB4wNe;KcokUb:KiuZBf;KpRAue:Tia57b;LBgRLc:SdcwHb,XVMNvd;LEikZe:byfTOb,lsjVmc;LsNahb:ucGLNb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Np8Qkd:Dpx6qc;Nyt6ic:jn2sGd;Oj465e:KG2eXe;Pjplud:EEDORb,PoEs9b;PqHfGe:im2cZe;Q1Ow7b:x5CSu;QGR0gd:Mlhmy;R2kc8b:ALJqWb;R4IIIb:QWfeKf;R9Ulx:CR7Ufe;SLtqO:Kh1xYe;SMDL4c:fTfGO,vjQg0b;SNUn3:ZwDk9d,x8cHvb;TxfV6d:YORN0b;U96pRd:FsR04;UDrY1c:eps46d;UVmjEd:EesRsb;UyG7Kb:wQd0G;V2HTTe:RolTY;VGRfx:VFqbr;VN6jIc:ddQyuf;VOcgDe:YquhTb;VxQ32b:k0XsBb;WCEKNd:I46Hvd;WDGyFe:jcVOxd;Wfmdue:g3MJlb;YV5bee:IvPZ6d;ZWEUA:afR4Cf;ZrFutb:W4Cdfc;a56pNe:JEfCwb;aAJE9c:WHW6Ef;aZ61od:arTwJ;bcPXSc:gSZLJb;cEt90b:ws9Tlc;cFTWae:gT8qnd;dIoSBb:ZgGg9b;dLlj2:Qqt3Gf;daB6be:lMxGPd;dtl0hd:lLQWFe;eBAeSb:Ck63tb;eBZ5Nd:audvde;eHDfl:ofjVkb;g8nkx:U4MzKc;gaub4:TN6bMe;gtVSi:ekUOYd;hK67qb:QWEO5b;hjRo6e:F62sG;iFQyKf:QIhFr,vfuNJf;imqimf:jKGL2e;io8t5d:sgY6Zb;jY0zg:Q6tNgc;kCQyJ:ueyPK;kMFpHd:OTA3Ae;kY7VAf:d91TEb;kbAm9d:MkHyGd;l8Azde:j4Ca9b;lkq0A:Z0MWEf;lzgfYb:PI40bd;nAFL3:NTMZac,s39S4;oGtAuc:sOXFj;oSUNyd:fTfGO,vjQg0b;oUlnpc:RagDlc;okUaUd:wItadb;pNsl2d:j9Yuyc;pXdRYb:JKoKVe,MdUzUe;pj82le:mg5CW;qGV2uc:HHi04c;qaS3gd:yiLg6e;qavrXe:mYbt1d,zQzcXe;qddgKe:d7YSfd,x4FYXe;rQSrae:C6D5Fc;sP4Vbe:VwDzFe;sTsDMc:kHVSUb;tH4IIe:Ymry6;tosKvd:ZCqP3;trZL0b:qY8PFe;uY49fb:COQbmf;uknmt:GkPrzb;uuQkY:u2V3ud;vfVwPd:OXTqFb;w3bZCb:ZPGaIb;w9w86d:dt4g2b;wQlYve:aLUfP;wR5FRb:O1Gjze,TtcOte;wV5Pjc:L8KGxe;whEZac:F4AmNb;xBbsrc:NEW1Qc;xbe2wc:uRMPBc;xqZiqf:wmnU7d;yGxLoc:FmAr0c;yxTchf:KUM7Z;z97YGf:oug9te;zOsCQe:Ko78Df;zxnPse:GkRiKb/m=DhPYme,EkevXb,GU4Gab,MpJwZc,NzU6V,UUJqVe,aa,abd,async,epYOx,ifl,loL8vb,ms4mZb,mu,pHXghd,q0xTif,s39S4,sOXFj,sb_wiz,sf,sonic,spch?xjs=s1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::ac43:d27c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

203b11726bb762e5959ba0532ab241249a6a7273e71b1dd9decd5c0f8bb67de5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://google.mrered.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 01:39:38 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
last-modified: Fri, 18 Aug 2023 20:31:27 GMT
server: cloudflare
cross-origin-opener-policy: same-origin; report-to="gws-team"
vary: Accept-Encoding, Origin
report-to: {"group":"gws-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws-team"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
access-control-allow-credentials: true
cf-ray: 7f8eaf0d889d4bd2-BUF
expires: Sun, 18 Aug 2024 01:39:37 GMT

GET
H3 200 rs=ACT90oGkGr_SHEisCcOxbSh7v72A4z58gA Show response
google.mrered.workers.dev/xjs/_/js/md=1/k=xjs.s.en_US.tFWlRA1T2lU.O/am=CAAAAAAAAAAgAACin3AIwAYwQAAACAAAgCAAAgAAAADAIAIAAwDBo0zSAAgIEEJgAcTgGgCUUAIAAAAAQNgPEQAAAADgAAgAAKAQgAaEgAIQAAAAAHkAAh4AYDBhAQ... 163 KB
87 KB 951ms
951ms XHR
text/javascript 2606:4700:3032::ac43:d27c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://google.mrered.workers.dev/xjs/_/js/md=1/k=xjs.s.en_US.tFWlRA1T2lU.O/am=CAAAAAAAAAAgAACin3AIwAYwQAAACAAAgCAAAgAAAADAIAIAAwDBo0zSAAgIEEJgAcTgGgCUUAIAAAAAQNgPEQAAAADgAAgAAKAQgAaEgAIQAAAAAHkAAh4AYDBhAQAAAAAAAAAAAARQgmBwQQKgIAACAAAAAAAAAAAApJLJi4EE/rs=ACT90oGkGr_SHEisCcOxbSh7v72A4z58gA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::ac43:d27c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6029759218d7492615cce0356b0ea112906d99d95622826bc18fcd2456136e44

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://google.mrered.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 01:39:38 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
last-modified: Fri, 18 Aug 2023 20:46:21 GMT
server: cloudflare
cross-origin-opener-policy: same-origin; report-to="gws-team"
vary: Accept-Encoding, Origin
report-to: {"group":"gws-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws-team"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
access-control-allow-credentials: true
cf-ray: 7f8eaf0d889e4bd2-BUF
expires: Sun, 18 Aug 2024 01:39:37 GMT

GET
H3 204 client_204
google.mrered.workers.dev/ 0
1 KB 894ms
893ms Image
text/html 2606:4700:3032::ac43:d27c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://google.mrered.workers.dev/client_204?atyp=i&biw=1600&bih=1200&ei=WB3gZMTuH8-aptQPuJKXgA0&opi=89978449

Requested by

Host: google.mrered.workers.dev
URL: https://google.mrered.workers.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::ac43:d27c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://google.mrered.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 01:39:38 GMT
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
server: cloudflare
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
x-frame-options: SAMEORIGIN
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/cdt1"}]}
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
access-control-allow-credentials: true
origin-trial: Ap+qNlnLzJDKSmEHjzM5ilaa908GuehlLqGb6ezME5lkhelj20qVzfv06zPmQ3LodoeujZuphAolrnhnPA8w4AIAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY4NTY2Mzk5OX0=, AvudrjMZqL7335p1KLV2lHo1kxdMeIN0dUI15d0CPz9dovVLCcXk8OAqjho1DX4s6NbHbA/AGobuGvcZv0drGgQAAAB9eyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJCYWNrRm9yd2FyZENhY2hlTm90UmVzdG9yZWRSZWFzb25zIiwiZXhwaXJ5IjoxNjkxNTM5MTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
permissions-policy: unload=()
cf-ray: 7f8eaf0d889f4bd2-BUF

POST
H3 204 gen_204
google.mrered.workers.dev/ 0
1015 B 1544ms
1543ms Ping
text/html 2606:4700:3032::ac43:d27c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://google.mrered.workers.dev/gen_204?s=webhp&t=aft&atyp=csi&ei=WB3gZMTuH8-aptQPuJKXgA0&rt=wsrt.790,aft.874,afti.874,prt.74&wh=1200&imn=5&ima=1&imad=0&imac=1&imf=0&aft=1&aftp=1200&opi=89978449&bl=yZuX

Requested by

Host: google.mrered.workers.dev
URL: https://google.mrered.workers.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::ac43:d27c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://google.mrered.workers.dev/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 19 Aug 2023 01:39:39 GMT
cf-cache-status: DYNAMIC
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
server: cloudflare
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
x-frame-options: SAMEORIGIN
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
access-control-allow-credentials: true
origin-trial: Ap+qNlnLzJDKSmEHjzM5ilaa908GuehlLqGb6ezME5lkhelj20qVzfv06zPmQ3LodoeujZuphAolrnhnPA8w4AIAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY4NTY2Mzk5OX0=, AvudrjMZqL7335p1KLV2lHo1kxdMeIN0dUI15d0CPz9dovVLCcXk8OAqjho1DX4s6NbHbA/AGobuGvcZv0drGgQAAAB9eyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJCYWNrRm9yd2FyZENhY2hlTm90UmVzdG9yZWRSZWFzb25zIiwiZXhwaXJ5IjoxNjkxNTM5MTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
permissions-policy: unload=()
cf-ray: 7f8eaf1008b54bd2-BUF

POST log
play.google.com/ 0
0

GET
H3 200 m=sy1y,syhy,syqu,WlNQGd,sy1k6,nabPbb,syqv,CnSW2d,kQvlef,syhz,fXO0xe,syfi,sym2,sym3,sym4,sym5,DPreE Show response
google.mrered.workers.dev/xjs/_/js/k=xjs.s.en_US.tFWlRA1T2lU.O/ck=xjs.s.1cSoGalsFF0.L.W.O/am=CAAAAAAAAAAgAACin3AIwAYwQAAACAAAgCAAAgAAAADAIAIAAwDBo0zSAAgIEEJgAcTgGgCUUAIAAAAAQNgPEQAAAADgAAgAAKAQgAaE... 21 KB
8 KB 366ms
365ms Script
text/javascript 2606:4700:3032::ac43:d27c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::ac43:d27c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

402cfdf34f480faea58da8c0d57afa8140ad9c1f9624e020060ff71219fc42fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://google.mrered.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 01:39:39 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
last-modified: Fri, 18 Aug 2023 20:31:27 GMT
server: cloudflare
cross-origin-opener-policy: same-origin; report-to="gws-team"
vary: Accept-Encoding, Origin
report-to: {"group":"gws-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws-team"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
access-control-allow-credentials: true
cf-ray: 7f8eaf1a59404bd2-BUF
expires: Sun, 18 Aug 2024 01:39:39 GMT

POST
H3 204 gen_204
google.mrered.workers.dev/ 0
1016 B 309ms
309ms Ping
text/html 2606:4700:3032::ac43:d27c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://google.mrered.workers.dev/gen_204?atyp=i&ei=WB3gZMTuH8-aptQPuJKXgA0&dt19=2&zx=1692409179250&opi=89978449

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::ac43:d27c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://google.mrered.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 01:39:39 GMT
cf-cache-status: DYNAMIC
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
server: cloudflare
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
x-frame-options: SAMEORIGIN
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
access-control-allow-credentials: true
origin-trial: Ap+qNlnLzJDKSmEHjzM5ilaa908GuehlLqGb6ezME5lkhelj20qVzfv06zPmQ3LodoeujZuphAolrnhnPA8w4AIAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY4NTY2Mzk5OX0=, AvudrjMZqL7335p1KLV2lHo1kxdMeIN0dUI15d0CPz9dovVLCcXk8OAqjho1DX4s6NbHbA/AGobuGvcZv0drGgQAAAB9eyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJCYWNrRm9yd2FyZENhY2hlTm90UmVzdG9yZWRSZWFzb25zIiwiZXhwaXJ5IjoxNjkxNTM5MTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
permissions-policy: unload=()
cf-ray: 7f8eaf1a69414bd2-BUF

GET
H3 204 client_204 Show response
google.mrered.workers.dev/ 0
1 KB 1071ms
1071ms XHR
text/html 2606:4700:3032::ac43:d27c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://google.mrered.workers.dev/client_204?cs=1&opi=89978449

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::ac43:d27c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://google.mrered.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 01:39:40 GMT
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
server: cloudflare
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
x-frame-options: SAMEORIGIN
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/cdt1"}]}
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
access-control-allow-credentials: true
origin-trial: Ap+qNlnLzJDKSmEHjzM5ilaa908GuehlLqGb6ezME5lkhelj20qVzfv06zPmQ3LodoeujZuphAolrnhnPA8w4AIAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY4NTY2Mzk5OX0=, AvudrjMZqL7335p1KLV2lHo1kxdMeIN0dUI15d0CPz9dovVLCcXk8OAqjho1DX4s6NbHbA/AGobuGvcZv0drGgQAAAB9eyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJCYWNrRm9yd2FyZENhY2hlTm90UmVzdG9yZWRSZWFzb25zIiwiZXhwaXJ5IjoxNjkxNTM5MTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
permissions-policy: unload=()
cf-ray: 7f8eaf1a69424bd2-BUF

POST
H3 204 gen_204
google.mrered.workers.dev/ 0
1015 B 926ms
926ms Ping
text/html 2606:4700:3032::ac43:d27c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://google.mrered.workers.dev/gen_204?atyp=csi&ei=WB3gZMTuH8-aptQPuJKXgA0&s=promo&rt=hpbas.2540&zx=1692409179258&opi=89978449

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::ac43:d27c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://google.mrered.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 01:39:40 GMT
cf-cache-status: DYNAMIC
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
server: cloudflare
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
x-frame-options: SAMEORIGIN
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
access-control-allow-credentials: true
origin-trial: Ap+qNlnLzJDKSmEHjzM5ilaa908GuehlLqGb6ezME5lkhelj20qVzfv06zPmQ3LodoeujZuphAolrnhnPA8w4AIAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY4NTY2Mzk5OX0=, AvudrjMZqL7335p1KLV2lHo1kxdMeIN0dUI15d0CPz9dovVLCcXk8OAqjho1DX4s6NbHbA/AGobuGvcZv0drGgQAAAB9eyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJCYWNrRm9yd2FyZENhY2hlTm90UmVzdG9yZWRSZWFzb25zIiwiZXhwaXJ5IjoxNjkxNTM5MTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
permissions-policy: unload=()
cf-ray: 7f8eaf1a79434bd2-BUF

GET
H3 404 hpba Show response
google.mrered.workers.dev/async/ 2 KB
1 KB 848ms
847ms XHR
text/html 2606:4700:3032::ac43:d27c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://google.mrered.workers.dev/async/hpba?vet=10ahUKEwjE-p--y-eAAxVPjYkEHTjJBdAQj-0KCBo..i&ei=WB3gZMTuH8-aptQPuJKXgA0&opi=89978449&yv=3&cs=0&async=_ck:xjs.s.1cSoGalsFF0.L.W.O,_k:xjs.s.en_US.tFWlRA1T2lU.O,_fmt:prog,_id:a3JU5b
Requested by: Host: google.mrered.workers.dev
URL: https://google.mrered.workers.dev/xjs/_/js/k=xjs.s.en_US.tFWlRA1T2lU.O/ck=xjs.s.1cSoGalsFF0.L.W.O/am=CAAAAAAAAAAgAACin3AIwAYwQAAACAAAgCAAAgAAAADAIAIAAwDBo0zSAAgIEEJgAcTgGgCUUAIAAAAAQNgPEQAAAADgAAgAAKAQgAaEgAIQAAAAAHkAAh4AYDBhAQAAAAAAAAAAAARQgmBwQQKgIAACAAAAAAAAAAAApJLJi4EE/d=1/exm=SNUn3,cEt90b,cdos,csi,d,dtl0hd,eHDfl,hsm,jsa,mb4ZUb,qddgKe,sTsDMc/ed=1/dg=2/br=1/rs=ACT90oG1wIodvI9W7lec0sgpKdOyLLZJJA/ee=AfeaP:TkrAjf;BMxAGc:E5bFse;BgS6mb:fidj5d;BjwMce:cXX2Wb;CxXAWb:YyRLvc;DULqB:RKfG5c;DpcR3d:zL72xf;EABSZ:MXZt9d;ESrPQc:mNTJvc;EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;Erl4fe:FloWmf;F9mqte:UoRcbe;Fmv9Nc:O1Tzwc;G0KhTb:LIaoZ;G6wU6e:hezEbd;GleZL:J1A7Od;IoGlCf:b5lhvb;JXS8fb:Qj0suc;JsbNhc:Xd8iUd;K8vqCc:MyIcle;KQzWid:mB4wNe;KcokUb:KiuZBf;KpRAue:Tia57b;LBgRLc:SdcwHb,XVMNvd;LEikZe:byfTOb,lsjVmc;LsNahb:ucGLNb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Np8Qkd:Dpx6qc;Nyt6ic:jn2sGd;Oj465e:KG2eXe;Pjplud:EEDORb,PoEs9b;PqHfGe:im2cZe;Q1Ow7b:x5CSu;QGR0gd:Mlhmy;R2kc8b:ALJqWb;R4IIIb:QWfeKf;R9Ulx:CR7Ufe;SLtqO:Kh1xYe;SMDL4c:fTfGO,vjQg0b;SNUn3:ZwDk9d,x8cHvb;TxfV6d:YORN0b;U96pRd:FsR04;UDrY1c:eps46d;UVmjEd:EesRsb;UyG7Kb:wQd0G;V2HTTe:RolTY;VGRfx:VFqbr;VN6jIc:ddQyuf;VOcgDe:YquhTb;VxQ32b:k0XsBb;WCEKNd:I46Hvd;WDGyFe:jcVOxd;Wfmdue:g3MJlb;YV5bee:IvPZ6d;ZWEUA:afR4Cf;ZrFutb:W4Cdfc;a56pNe:JEfCwb;aAJE9c:WHW6Ef;aZ61od:arTwJ;bcPXSc:gSZLJb;cEt90b:ws9Tlc;cFTWae:gT8qnd;dIoSBb:ZgGg9b;dLlj2:Qqt3Gf;daB6be:lMxGPd;dtl0hd:lLQWFe;eBAeSb:Ck63tb;eBZ5Nd:audvde;eHDfl:ofjVkb;g8nkx:U4MzKc;gaub4:TN6bMe;gtVSi:ekUOYd;hK67qb:QWEO5b;hjRo6e:F62sG;iFQyKf:QIhFr,vfuNJf;imqimf:jKGL2e;io8t5d:sgY6Zb;jY0zg:Q6tNgc;kCQyJ:ueyPK;kMFpHd:OTA3Ae;kY7VAf:d91TEb;kbAm9d:MkHyGd;l8Azde:j4Ca9b;lkq0A:Z0MWEf;lzgfYb:PI40bd;nAFL3:NTMZac,s39S4;oGtAuc:sOXFj;oSUNyd:fTfGO,vjQg0b;oUlnpc:RagDlc;okUaUd:wItadb;pNsl2d:j9Yuyc;pXdRYb:JKoKVe,MdUzUe;pj82le:mg5CW;qGV2uc:HHi04c;qaS3gd:yiLg6e;qavrXe:mYbt1d,zQzcXe;qddgKe:d7YSfd,x4FYXe;rQSrae:C6D5Fc;sP4Vbe:VwDzFe;sTsDMc:kHVSUb;tH4IIe:Ymry6;tosKvd:ZCqP3;trZL0b:qY8PFe;uY49fb:COQbmf;uknmt:GkPrzb;uuQkY:u2V3ud;vfVwPd:OXTqFb;w3bZCb:ZPGaIb;w9w86d:dt4g2b;wQlYve:aLUfP;wR5FRb:O1Gjze,TtcOte;wV5Pjc:L8KGxe;whEZac:F4AmNb;xBbsrc:NEW1Qc;xbe2wc:uRMPBc;xqZiqf:wmnU7d;yGxLoc:FmAr0c;yxTchf:KUM7Z;z97YGf:oug9te;zOsCQe:Ko78Df;zxnPse:GkRiKb/m=DhPYme,EkevXb,GU4Gab,MpJwZc,NzU6V,UUJqVe,aa,abd,async,epYOx,ifl,loL8vb,ms4mZb,mu,pHXghd,q0xTif,s39S4,sOXFj,sb_wiz,sf,sonic,spch?xjs=s1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:d27c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 20ba9cee8294414201af61596c13bbd2454aa12f5003a74c20a401d28fede79f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://google.mrered.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 01:39:40 GMT
content-encoding: br
referrer-policy: no-referrer
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kcWvG9PVPznBDNuR2A3oE4h7LLWRO%2BMJ4v1I8BwtQeuKdtAu6GebxnEcbJg1N%2B8Lh2Ro35pWKSV0GG4%2BdXoW5D70GUQvZLqHONu6Hgx9aoOVPAspmQYOjy9CtDtuAu3FzjGnLhlkjKdqolKj1BiHhJ%2FIJnU2Sonk"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 7f8eaf1a79464bd2-BUF
alt-svc: h3=":443"; ma=86400

GET
H3 200 m=sy7i,sy7j,aLUfP Show response
google.mrered.workers.dev/xjs/_/js/k=xjs.s.en_US.tFWlRA1T2lU.O/ck=xjs.s.1cSoGalsFF0.L.W.O/am=CAAAAAAAAAAgAACin3AIwAYwQAAACAAAgCAAAgAAAADAIAIAAwDBo0zSAAgIEEJgAcTgGgCUUAIAAAAAQNgPEQAAAADgAAgAAKAQgAaE... 2 KB
1 KB 312ms
311ms Script
text/javascript 2606:4700:3032::ac43:d27c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::ac43:d27c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a232f7b5eacbc807ce6b9f7962f57eab2364ea0c3ad0479036a247301705ea0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://google.mrered.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 01:39:39 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
last-modified: Fri, 18 Aug 2023 20:31:27 GMT
server: cloudflare
cross-origin-opener-policy: same-origin; report-to="gws-team"
vary: Accept-Encoding, Origin
report-to: {"group":"gws-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws-team"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
access-control-allow-credentials: true
cf-ray: 7f8eaf1cd9654bd2-BUF
expires: Sun, 18 Aug 2024 01:39:39 GMT

POST log
play.google.com/ 0
0

POST
H3 204 gen_204
google.mrered.workers.dev/ 0
1015 B 361ms
361ms Ping
text/html 2606:4700:3032::ac43:d27c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://google.mrered.workers.dev/gen_204?atyp=csi&ei=WB3gZMTuH8-aptQPuJKXgA0&s=webhp&t=all&bl=yZuX&wh=1200&imn=5&ima=1&imad=0&imac=1&imf=0&aft=1&aftp=1200&adh=&cls=0.0008906945800781249&ime=2&imex=2&imeh=3&imea=0&imeb=0&imel=0&scp=0&mem=ujhs.11,tjhs.15,jhsl.3760,dm.8&nv=ne.1,feid.bc75eb13-6fef-42c7-900b-7ffdf10fd991&net=dl.10000,ect.4g,rtt.0&sys=hc.4&rt=aft.874,prt.74,xjses.376,xjsee.430,xjs.430,dcl.431,afti.874,aftqf.875,ol.3245,lcp.103,fcp.103,wsrt.790,cst.68,dnst.55,rqst.668,rspt.3,sslt.40,rqstt.125,unt.1,cstt.57,dit.885&zx=1692409179964&opi=89978449

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::ac43:d27c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://google.mrered.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 01:39:40 GMT
cf-cache-status: DYNAMIC
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
server: cloudflare
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
x-frame-options: SAMEORIGIN
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
access-control-allow-credentials: true
origin-trial: Ap+qNlnLzJDKSmEHjzM5ilaa908GuehlLqGb6ezME5lkhelj20qVzfv06zPmQ3LodoeujZuphAolrnhnPA8w4AIAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY4NTY2Mzk5OX0=, AvudrjMZqL7335p1KLV2lHo1kxdMeIN0dUI15d0CPz9dovVLCcXk8OAqjho1DX4s6NbHbA/AGobuGvcZv0drGgQAAAB9eyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJCYWNrRm9yd2FyZENhY2hlTm90UmVzdG9yZWRSZWFzb25zIiwiZXhwaXJ5IjoxNjkxNTM5MTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
permissions-policy: unload=()
cf-ray: 7f8eaf1ed9704bd2-BUF

GET
H2 404 ui
adservice.google.mrered.workers.dev/adsid/google/ 0
0 78ms
35ms Image
text/html 2606:4700:3036::6815:1059
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adservice.google.mrered.workers.dev/adsid/google/ui
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:1059 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://google.mrered.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

GET
H3 204 gen_204
google.mrered.workers.dev/ 0
1 KB 443ms
442ms Image
text/html 2606:4700:3032::ac43:d27c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://google.mrered.workers.dev/gen_204?atyp=i&ct=psnt&cad=&nt=navigate&ei=WB3gZMTuH8-aptQPuJKXgA0&zx=1692409179966&opi=89978449

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::ac43:d27c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://google.mrered.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 01:39:40 GMT
cf-cache-status: DYNAMIC
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
server: cloudflare
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
x-frame-options: SAMEORIGIN
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
access-control-allow-credentials: true
origin-trial: Ap+qNlnLzJDKSmEHjzM5ilaa908GuehlLqGb6ezME5lkhelj20qVzfv06zPmQ3LodoeujZuphAolrnhnPA8w4AIAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY4NTY2Mzk5OX0=, AvudrjMZqL7335p1KLV2lHo1kxdMeIN0dUI15d0CPz9dovVLCcXk8OAqjho1DX4s6NbHbA/AGobuGvcZv0drGgQAAAB9eyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJCYWNrRm9yd2FyZENhY2hlTm90UmVzdG9yZWRSZWFzb25zIiwiZXhwaXJ5IjoxNjkxNTM5MTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
permissions-policy: unload=()
cf-ray: 7f8eaf1ed9714bd2-BUF

POST
H3 204 gen_204
google.mrered.workers.dev/ 0
1016 B 152ms
151ms Ping
text/html 2606:4700:3032::ac43:d27c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://google.mrered.workers.dev/gen_204?atyp=csi&ei=WB3gZMTuH8-aptQPuJKXgA0&s=async&astyp=hpba&rt=ttfb.857,ft.857&zx=1692409180116&opi=89978449

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::ac43:d27c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://google.mrered.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 01:39:40 GMT
cf-cache-status: DYNAMIC
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
server: cloudflare
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
x-frame-options: SAMEORIGIN
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
access-control-allow-credentials: true
origin-trial: Ap+qNlnLzJDKSmEHjzM5ilaa908GuehlLqGb6ezME5lkhelj20qVzfv06zPmQ3LodoeujZuphAolrnhnPA8w4AIAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY4NTY2Mzk5OX0=, AvudrjMZqL7335p1KLV2lHo1kxdMeIN0dUI15d0CPz9dovVLCcXk8OAqjho1DX4s6NbHbA/AGobuGvcZv0drGgQAAAB9eyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJCYWNrRm9yd2FyZENhY2hlTm90UmVzdG9yZWRSZWFzb25zIiwiZXhwaXJ5IjoxNjkxNTM5MTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
permissions-policy: unload=()
cf-ray: 7f8eaf1fc9784bd2-BUF

POST
H3 204 gen_204
google.mrered.workers.dev/ 0
1016 B 909ms
909ms Ping
text/html 2606:4700:3032::ac43:d27c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://google.mrered.workers.dev/gen_204?atyp=i&ei=WB3gZMTuH8-aptQPuJKXgA0&bver=1851&srcpg=webhp&jsr=1&error=HTTP%20error&script=https://google.mrered.workers.dev/&line=Not%20available&ons=0&jsel=3&ectx={%22ur%22:%22np%22,%22s%22:404,%22rurl%22:%22https://google.mrered.workers.dev/async/hpba?vet%3D10ahUKEwjE-p--y-eAAxVPjYkEHTjJBdAQj-0KCBo..i%26ei%3DWB3gZMTuH8-aptQPuJKXgA0%26opi%3D89978449%26yv%3D3%26cs%3D0%26async%3D_ck:xjs.s.1cSoGalsFF0.L.W.O,_k:xjs.s.en_US.tFWlRA1T2lU.O,_fmt:prog,_id:a3JU5b%22,%22t%22:%22hpba%22}&tum={%22https://google.mrered.workers.dev/xjs/_/js/k%3Dxjs.s.en_US.tFWlRA1T2lU.O/ck%3Dxjs.s.1cSoGalsFF0.L.W.O/am%3DCAAAAAAAAAAgAACin3AIwAYwQAAACAAAgCAAAgAAAADAIAIAAwDBo0zSAAgIEEJgAcTgGgCUUAIAAAAAQNgPEQAAAADgAAgAAKAQgAaEgAIQAAAAAHkAAh4AYDBhAQAAAAAAAAAAAARQgmBwQQKgIAACAAAAAAAAAAAApJLJi4EE/d%3D1/exm%3DSNUn3,cEt90b,cdos,csi,d,dtl0hd,eHDfl,hsm,jsa,mb4ZUb,qddgKe,sTsDMc/ed%3D1/dg%3D2/br%3D1/rs%3DACT90oG1wIodvI9W7lec0sgpKdOyLLZJJA/ee%3DAfeaP:TkrAjf;BMxAGc:E5bFse;BgS6mb:fidj5d;BjwMce:cXX2Wb;CxXAWb:YyRLvc;DULqB:RKfG5c;DpcR3d:zL72xf;EABSZ:MXZt9d;ESrPQc:mNTJvc;EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;Erl4fe:FloWmf;F9mqte:UoRcbe;Fmv9Nc:O1Tzwc;G0KhTb:LIaoZ;G6wU6e:hezEbd;GleZL:J1A7Od;IoGlCf:b5lhvb;JXS8fb:Qj0suc;JsbNhc:Xd8iUd;K8vqCc:MyIcle;KQzWid:mB4wNe;KcokUb:KiuZBf;KpRAue:Tia57b;LBgRLc:SdcwHb,XVMNvd;LEikZe:byfTOb,lsjVmc;LsNahb:ucGLNb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Np8Qkd:Dpx6qc;Nyt6ic:jn2sGd;Oj465e:KG2eXe;Pjplud:EEDORb,PoEs9b;PqHfGe:im2cZe;Q1Ow7b:x5CSu;QGR0gd:Mlhmy;R2kc8b:ALJqWb;R4IIIb:QWfeKf;R9Ulx:CR7Ufe;SLtqO:Kh1xYe;SMDL4c:fTfGO,vjQg0b;SNUn3:ZwDk9d,x8cHvb;TxfV6d:YORN0b;U96pRd:FsR04;UDrY1c:eps46d;UVmjEd:EesRsb;UyG7Kb:wQd0G;V2HTTe:RolTY;VGRfx:VFqbr;VN6jIc:ddQyuf;VOcgDe:YquhTb;VxQ32b:k0XsBb;WCEKNd:I46Hvd;WDGyFe:jcVOxd;Wfmdue:g3MJlb;YV5bee:IvPZ6d;ZWEUA:afR4Cf;ZrFutb:W4Cdfc;a56pNe:JEfCwb;aAJE9c:WHW6Ef;aZ61od:arTwJ;bcPXSc:gSZLJb;cEt90b:ws9Tlc;cFTWae:gT8qnd;dIoSBb:ZgGg9b;dLlj2:Qqt3Gf;daB6be:lMxGPd;dtl0hd:lLQWFe;eBAeSb:Ck63tb;eBZ5Nd:audvde;eHDfl:ofjVkb;g8nkx:U4MzKc;gaub4:TN6bMe;gtVSi:ekUOYd;hK67qb:QWEO5b;hjRo6e:F62sG;iFQyKf:QIhFr,vfuNJf;imqimf:jKGL2e;io8t5d:sgY6Zb;jY0zg:Q6tNgc;kCQyJ:ueyPK;kMFpHd:OTA3Ae;kY7VAf:d91TEb;kbAm9d:MkHyGd;l8Azde:j4Ca9b;lkq0A:Z0MWEf;lzgfYb:PI40bd;nAFL3:NTMZac,s39S4;oGtAuc:sOXFj;oSUNyd:fTfGO,vjQg0b;oUlnpc:RagDlc;okUaUd:wItadb;pNsl2d:j9Yuyc;pXdRYb:JKoKVe,MdUzUe;pj82le:mg5CW;qGV2uc:HHi04c;qaS3gd:yiLg6e;qavrXe:mYbt1d,zQzcXe;qddgKe:d7YSfd,x4FYXe;rQSrae:C6D5Fc;sP4Vbe:VwDzFe;sTsDMc:kHVSUb;tH4IIe:Ymry6;tosKvd:ZCqP3;trZL0b:qY8PFe;uY49fb:COQbmf;uknmt:GkPrzb;uuQkY:u2V3ud;vfVwPd:OXTqFb;w3bZCb:ZPGaIb;w9w86d:dt4g2b;wQlYve:aLUfP;wR5FRb:O1Gjze,TtcOte;wV5Pjc:L8KGxe;whEZac:F4AmNb;xBbsrc:NEW1Qc;xbe2wc:uRMPBc;xqZiqf:wmnU7d;yGxLoc:FmAr0c;yxTchf:KUM7Z;z97YGf:oug9te;zOsCQe:Ko78Df;zxnPse:GkRiKb/m%3DDhPYme,EkevXb,GU4Gab,MpJwZc,NzU6V,UUJqVe,aa,abd,async,epYOx,ifl,loL8vb,ms4mZb,mu,pHXghd,q0xTif,s39S4,sOXFj,sb_wiz,sf,sonic,spch%22:%22{{0}}%22}&trace=Error:%20HTTP%20error%0A%20%20%20%20at%20new%20cid%20({{0}}:357:82)%0A%20%20%20%20at%20t.onreadystatechange%20({{0}}:351:154)&zx=1692409180119&opi=89978449

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::ac43:d27c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://google.mrered.workers.dev/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 19 Aug 2023 01:39:41 GMT
cf-cache-status: DYNAMIC
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
server: cloudflare
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
x-frame-options: SAMEORIGIN
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
access-control-allow-credentials: true
origin-trial: Ap+qNlnLzJDKSmEHjzM5ilaa908GuehlLqGb6ezME5lkhelj20qVzfv06zPmQ3LodoeujZuphAolrnhnPA8w4AIAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY4NTY2Mzk5OX0=, AvudrjMZqL7335p1KLV2lHo1kxdMeIN0dUI15d0CPz9dovVLCcXk8OAqjho1DX4s6NbHbA/AGobuGvcZv0drGgQAAAB9eyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJCYWNrRm9yd2FyZENhY2hlTm90UmVzdG9yZWRSZWFzb25zIiwiZXhwaXJ5IjoxNjkxNTM5MTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
permissions-policy: unload=()
cf-ray: 7f8eaf1fd9794bd2-BUF

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: play.google.com
URL: https://play.google.com/log?format=json&hasfast=true

Domain: play.google.com
URL: https://play.google.com/log?format=json&hasfast=true

Verdicts & Comments Add Verdict or Comment

33 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.google.com/	1970-01-20 18:30:20	Name: NID Value: 511=T5N-8YqqffY_OSveTEfXEdcR9jlbOPYwYb24fa7YD5Tw4rqMK_zBaug7DamuXwFvvCfDhkmnVvz6UVQNx116cXBuaHW-H_dB13xy1x0GF-DsiNytSKCnJZxq-RFbAxY1xGj9A47RSy3w6D2XCEk879LutpMva2YFYPIoLTX8Ur4

11 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'unload'.
network	error	URL: chrome-error://chromewebdata/ Message: Failed to load resource: the server responded with a status of 404 ()
other	error	URL: chrome-error://chromewebdata/ Message: Refused to display 'https://ogs.google.mrered.workers.dev/' in a frame because it set 'X-Frame-Options' to 'sameorigin'.
network	error	URL: https://google.mrered.workers.dev/images/branding/googlelogo/1x/googlelogo_color_272x92dp.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://google.mrered.workers.dev/images/searchbox/desktop_searchbox_sprites318_hr.webp Message: Failed to load resource: the server responded with a status of 404 ()
javascript	error	URL: https://google.mrered.workers.dev/ Message: Access to XMLHttpRequest at 'https://play.google.com/log?format=json&hasfast=true' from origin 'https://google.mrered.workers.dev' has been blocked by CORS policy: The 'Access-Control-Allow-Origin' header has a value 'http://play.google.com' that is not equal to the supplied origin.
network	error	URL: https://play.google.com/log?format=json&hasfast=true Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://google.mrered.workers.dev/ Message: Access to XMLHttpRequest at 'https://play.google.com/log?format=json&hasfast=true' from origin 'https://google.mrered.workers.dev' has been blocked by CORS policy: The 'Access-Control-Allow-Origin' header has a value 'http://play.google.com' that is not equal to the supplied origin.
network	error	URL: https://play.google.com/log?format=json&hasfast=true Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://adservice.google.mrered.workers.dev/adsid/google/ui Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://google.mrered.workers.dev/async/hpba?vet=10ahUKEwjE-p--y-eAAxVPjYkEHTjJBdAQj-0KCBo..i&ei=WB3gZMTuH8-aptQPuJKXgA0&opi=89978449&yv=3&cs=0&async=_ck:xjs.s.1cSoGalsFF0.L.W.O,_k:xjs.s.en_US.tFWlRA1T2lU.O,_fmt:prog,_id:a3JU5b Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.mrered.workers.dev
apis.google.com
google.mrered.workers.dev
ogs.google.mrered.workers.dev
play.google.com
www.gstatic.com
play.google.com
2606:4700:3032::ac43:d27c
2606:4700:3036::6815:1059
2607:f8b0:4006:81f::200e
2607:f8b0:4006:821::2003
05fb5ceebe5ec03405975bd5f8b894a857b1e9bd32c7394487ff529fb902f69b
203b11726bb762e5959ba0532ab241249a6a7273e71b1dd9decd5c0f8bb67de5
20ba9cee8294414201af61596c13bbd2454aa12f5003a74c20a401d28fede79f
298f10679e3efeb67a92eb0c63ad570aee58b31584425e502438b66da07dfdb1
3504209930c0fe3e1dd2d972fe3e84d3c022d8be7819602fb910f9a134e24dfa
402cfdf34f480faea58da8c0d57afa8140ad9c1f9624e020060ff71219fc42fa
4e0775b611f80abb2d0432ece48ffae93ba1d6ec8679e6072a628779bccc4e8d
5a232f7b5eacbc807ce6b9f7962f57eab2364ea0c3ad0479036a247301705ea0
6029759218d7492615cce0356b0ea112906d99d95622826bc18fcd2456136e44
d14055293577be66d5e8ff6a99b01e46b5a4fafb3880cdd24aa740387eae2bd1
d946d3c10872a396da0f05671b00df1c6cdb24a453dba07a20ad5bf11da51030
d973cc0f5e02b5e5b73d9f1e3474b79843febb64fed861b5b51508b1938f87bf
dfc968774223d526b5bd576d65d52926560be675eb4d289e4b50b6b2d1c4c34c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f70981750d3736ef3a67201aafe5b45319965883eacec0ef447c35e76cc3488c

google.mrered.workers.dev Open in urlscan Pro 2606:4700:3032::ac43:d27c Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

26 Requests

92 %HTTPS

100 %IPv6

3 Domains

6 Subdomains

5 IPs

1 Countries

1110 kBTransfer

2535 kBSize

1 Cookies

13 Outgoing links

Redirected requests

26 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

33 JavaScript Global Variables

1 Cookies

11 Console Messages

Security Headers

Indicators

google.mrered.workers.dev Open in urlscan Pro
2606:4700:3032::ac43:d27c Public Scan

Screenshot
Live screenshot

Full Image

26
Requests

92 %
HTTPS

100 %
IPv6

3
Domains

6
Subdomains

5
IPs

1
Countries

1110 kB
Transfer

2535 kB
Size

1
Cookies

26 HTTP transactions
1 data transactions