www.emuparadise.me Open in urlscan Pro
151.101.194.109 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://m.emuparadise.me/redirect/desktop/
Effective URL:
https://www.emuparadise.me/
Submission: On November 23 via api (November 23rd 2020, 11:04:55 pm UTC) from BR

Summary HTTP 98 Redirects Links 12 Behaviour Indicators

Summary

This website contacted 19 IPs in 2 countries across 19 domains to perform 98 HTTP transactions. The main IP is 151.101.194.109, located in United States and belongs to FASTLY, US. The main domain is www.emuparadise.me.
TLS certificate: Issued by GlobalSign CloudSSL CA - SHA256 - G3 on October 26th 2020. Valid for: 6 months.

This is the only time www.emuparadise.me was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3 4	151.101.194.109 151.101.194.109	54113 (FASTLY) (FASTLY)
15	104.108.144.152 104.108.144.152	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:81a::200a	15169 (GOOGLE) (GOOGLE)
1	104.18.4.23 104.18.4.23	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:824::200e	15169 (GOOGLE) (GOOGLE)
1 3	172.226.219.188 172.226.219.188	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	104.16.87.26 104.16.87.26	13335 (CLOUDFLAR...) (CLOUDFLARENET)
21	104.18.13.5 104.18.13.5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:814::200e	15169 (GOOGLE) (GOOGLE)
7	67.202.110.31 67.202.110.31	32748 (STEADFAST) (STEADFAST)
2	104.16.38.14 104.16.38.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	208.100.17.184 208.100.17.184	32748 (STEADFAST) (STEADFAST)
1	104.108.144.200 104.108.144.200	16625 (AKAMAI-AS) (AKAMAI-AS)
2	65.9.7.126 65.9.7.126	16509 (AMAZON-02) (AMAZON-02)
1	208.100.17.171 208.100.17.171	32748 (STEADFAST) (STEADFAST)
25	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
5	172.217.18.162 172.217.18.162	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:816::2001	15169 (GOOGLE) (GOOGLE)
98	19

4 151.101.194.109 (United States) 3 redirects

ASN54113 (FASTLY, US)

m.emuparadise.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.emuparadise.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 104.108.144.152 (United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-108-144-152.deploy.static.akamaitechnologies.com

b64459531885200b3efb-5206a7b3a50a3f5974248375cd863061.ssl.cf1.rackcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.4.23 (United States)

ASN13335 (CLOUDFLARENET, US)

tags.expo9.exponential.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:824::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.226.219.188 (United States) 1 redirects

ASN20940 (AKAMAI-ASN1, EU)
PTR: a172-226-219-188.deploy.static.akamaitechnologies.com

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.16.87.26 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sc.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 104.18.13.5 (United States)

ASN13335 (CLOUDFLARENET, US)

s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:814::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 67.202.110.31 (Chicago, United States)

ASN32748 (STEADFAST, US)

ic.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.16.38.14 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn-sic.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 208.100.17.184 (Chicago, United States)

ASN32748 (STEADFAST, US)

de.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.108.144.200 (United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-108-144-200.deploy.static.akamaitechnologies.com

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 65.9.7.126 (Seattle, United States)

ASN16509 (AMAZON-02, US)

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 208.100.17.171 (Chicago, United States)

ASN32748 (STEADFAST, US)
PTR: ip171.208-100-17.static.steadfastdns.net

sic.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.217.18.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s29-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:816::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	tribalfusion.com s.tribalfusion.com	52 KB
18	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	393 KB
15	rackcdn.com b64459531885200b3efb-5206a7b3a50a3f5974248375cd863061.ssl.cf1.rackcdn.com	87 KB
11	tynt.com cdn.tynt.com sc.tynt.com ic.tynt.com de.tynt.com	9 KB
6	doubleclick.net googleads.g.doubleclick.net securepubads.g.doubleclick.net	116 KB
4	emuparadise.me 3 redirects m.emuparadise.me www.emuparadise.me	12 KB
3	googletagservices.com www.googletagservices.com	83 KB
3	google.com adservice.google.com	2 KB
3	google.de adservice.google.de	2 KB
3	googleadservices.com partner.googleadservices.com	1 KB
3	33across.com cdn-sic.33across.com sic.33across.com	122 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com	2 KB
2	amazon-adsystem.com c.amazon-adsystem.com	32 KB
2	google-analytics.com www.google-analytics.com	19 KB
1	adnxs.com acdn.adnxs.com	31 KB
1	youtube.com www.youtube.com
1	exponential.com tags.expo9.exponential.com	3 KB
1	googleapis.com ajax.googleapis.com	33 KB
0	po.st Failed i.po.st Failed
98	19

	Domain	Requested by
21	s.tribalfusion.com	tags.expo9.exponential.com s.tribalfusion.com www.emuparadise.me
15	b64459531885200b3efb-5206a7b3a50a3f5974248375cd863061.ssl.cf1.rackcdn.com	www.emuparadise.me b64459531885200b3efb-5206a7b3a50a3f5974248375cd863061.ssl.cf1.rackcdn.com
12	pagead2.googlesyndication.com	s.tribalfusion.com pagead2.googlesyndication.com www.emuparadise.me
7	ic.tynt.com	www.emuparadise.me
6	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
4	googleads.g.doubleclick.net	pagead2.googlesyndication.com
3	www.googletagservices.com	pagead2.googlesyndication.com
3	adservice.google.com	pagead2.googlesyndication.com
3	adservice.google.de	pagead2.googlesyndication.com
3	partner.googleadservices.com	pagead2.googlesyndication.com
3	sb.scorecardresearch.com	1 redirects b64459531885200b3efb-5206a7b3a50a3f5974248375cd863061.ssl.cf1.rackcdn.com www.emuparadise.me
3	www.emuparadise.me	2 redirects
2	securepubads.g.doubleclick.net	cdn-sic.33across.com securepubads.g.doubleclick.net
2	c.amazon-adsystem.com	cdn-sic.33across.com c.amazon-adsystem.com
2	de.tynt.com	cdn.tynt.com
2	cdn-sic.33across.com	cdn.tynt.com cdn-sic.33across.com
2	www.google-analytics.com	b64459531885200b3efb-5206a7b3a50a3f5974248375cd863061.ssl.cf1.rackcdn.com www.google-analytics.com
1	sic.33across.com	cdn-sic.33across.com
1	acdn.adnxs.com	cdn-sic.33across.com
1	sc.tynt.com	cdn.tynt.com
1	www.youtube.com	www.emuparadise.me
1	cdn.tynt.com	www.emuparadise.me
1	tags.expo9.exponential.com	www.emuparadise.me
1	ajax.googleapis.com	www.emuparadise.me
1	m.emuparadise.me	1 redirects
0	i.po.st Failed	b64459531885200b3efb-5206a7b3a50a3f5974248375cd863061.ssl.cf1.rackcdn.com
98	26

This site contains links to these domains. Also see Links.

Domain
www.epforums.org
www.facebook.com
twitter.com
feeds.feedburner.com
www.youtube.com

Subject Issuer	Validity	Valid
f3.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-10-26` - `2021-04-17`	6 months	crt.sh
*.ssl.cf1.rackcdn.com DigiCert SHA2 Secure Server CA	`2020-04-19` - `2021-07-19`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
exponential.com Cloudflare Inc ECC CA-3	`2020-05-22` - `2021-05-22`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
sb.scorecardresearch.com DigiCert Secure Site ECC CA-1	`2020-07-17` - `2021-06-02`	a year	crt.sh
*.tynt.com Sectigo RSA Domain Validation Secure Server CA	`2019-10-01` - `2021-09-30`	2 years	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-08` - `2021-08-08`	a year	crt.sh
*.google.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2019-10-01` - `2021-09-30`	2 years	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2020-01-02` - `2021-04-02`	a year	crt.sh
c.amazon-adsystem.com Amazon	`2020-08-04` - `2021-08-02`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
*.googleadservices.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
*.google.de GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh

This page contains 27 frames:

Primary Page: https://www.emuparadise.me/
Frame ID: B1EDEE37CB4FC83B3AD5612EB4EE8409
Requests: 37 HTTP requests in this frame

Frame: https://s.tribalfusion.com/real/tags/EmuParadiseorg/ATF/tags.js
Frame ID: 185CDE2961A0F663AF113ECE0122FB8C
Requests: 12 HTTP requests in this frame

Frame: https://s.tribalfusion.com/real/tags/EmuParadiseorg/ATF/tags.js
Frame ID: E0637ECA60D29B2839937F3A6F589597
Requests: 12 HTTP requests in this frame

Frame: https://s.tribalfusion.com/real/tags/EmuParadiseorg/ATF/tags.js
Frame ID: 04621B3F20F43EE74E0CF65451DD3EB6
Requests: 12 HTTP requests in this frame

Frame: https://www.youtube.com/embed/UZMBXSqGIEY
Frame ID: C2F4BC5A324153E1858D612D733D3E84
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ast/ast.js
Frame ID: 3B093ECE93FF6A7DEC751B4BF490FD7B
Requests: 1 HTTP requests in this frame

Frame: https://c.amazon-adsystem.com/aax2/apstag.js
Frame ID: B1D8BE96356391E08C07CB5EA68FCEED
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20201112/r20190131/zrt_lookup.html
Frame ID: 3666A9F72B43BF18E4C6DEEE9DF9D1E8
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/p.media?clickID=ajmTR85U3WTFfFV6f5PEnXScvoSdjM0HBuTmUy3V3UXrYKUm2m2PMdQmJB2WYO0tJCntEw36U13cr6TcJdVcBlP6UxWWrWWrr55b6uVTUvVEJdSEnZaRGFZbRravRt7bVVrS2FPtmdaq0qqp3WQBSV7H5AJZbot6nTHbbXbfa1UB90qqsPbMZbTrQ2WtQ5nUQnPbrnXqZbt3abg2TnXmafI1rUfWHMSt6rwpubRCE&mediaDataID=6347136&mediaName=frame.html
Frame ID: 9A2E01E61A71814DF2EFF17B03C473B9
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/p.media?clickID=almTR8Wrb15bEpUavrTEFcSTrIQGJZdQrAvPWQ9Vsv54bqondEr0qXy3tQEQGbZa4PBFotAqVWFf0rnaYUYf1aImPUYEWbn0TtBXorjxQrZbNYTFp5aZbg5Ef3oT7IYFU6THjToAYZbnGnnmHrJ2qvl5dar4mvZanb3JXV3TYcF2XG7nnEvU5Un2WbJBV6YVQab1QVZboPH3NYHJsTPrv2GUU0UZbDVminYmQStZbpwSW&mediaDataID=6546596&mediaName=frame.html
Frame ID: 5F09030E28A7DB42BD304C05E28BE0B1
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/p.media?clickID=aBmTR8TtQ2orJmPUjM1qnr3Tfi4EQPnTFI1bbcTd7Xm6MImGQmmHYG2Tvg3taN56nEnbMZa0GMX1s320GvxmTFS5bUUTrBGUAf1REYQPGrMQdUM1WBwVmQy4s3UXbZbKUmys2PMaP6jB4WQO1drZcptIv4PBS5cUdTsM9WcMePP3oUtFVWrJP2UAsVTMxWqJbQaBKRcYJRFItPtncWcn52F6xodqq5TqInb7sSP&mediaDataID=4056396&mediaName=frame.html
Frame ID: 390D3DB639EAD43C4317AE0571E44C5A
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/p.media?clickID=aYmTR82mQZamdAqUtJa0rMd1UQg1TErSbnZbWFn2WWUWmUFoQUFq1Erp4E7l4arRmqrKYbZb7WHf0oPnLnG7mpHUE5q3e5HIs3AnJprYEYcQ0YsFY1srunqrQ5UY2VrnHVAnXREU3Qc3sStJr0HZbsTmnu3GB5XFrZcT6Xq4PZb8R6bK2HZbqXWrAptEM3PZbP4Vj6TVJ8VVrfP6ryWWUWUFfP5b2uUqjoQqUTu1jFZa4&mediaDataID=9148826&mediaName=frame.html
Frame ID: C45B1312BA0615D251EC078D0EE6CAE8
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/p.media?clickID=a1mTR83A7ZbprMZb0VvVYsn5XGrxmqFT2bM2TUBBV6MTPanXPcMtStbw0dZbpV6rp2VJWXFULVmuu2AU8P6MA3WnoXdQJpWaO36JV3sQgUGnjWsMjRPYMTWQRWr7P3U2nVqMrTTv9QTQZcQVZbCQFZatPWrdVcbU4UXsmtAnXqev4dMZdQVrH2mMHmWEqVHfcYFfaYbYi1TysPUvDWbQYVH3WorQxRUrr4aYHv57wOZb&mediaDataID=8039566&mediaName=frame.html
Frame ID: 87C12B1666379EF0C5497B6A410AD692
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/p.media?clickID=a3mTR836YR3sr6TGMcVcFhPPnmTWZbVUbFP5ritVTnvVq3cPTnZdQV7ZbQbZaoRHriWsj34Uupod6M0amv2dbFPGJB2AYZcmW6NVWYa0bUkXr790qqoRUvFTrM2TtUWmFQoQUbo1Erm5TFl2aMRnaJG1bB8TtMRmPQZanVUqoHfD5EU73dmr3AZbGmUfZdYGUWXGF20svNmanU5brRTr7EWmrTREbQScZbsVWJZctn3mAT&mediaDataID=6807466&mediaName=frame.html
Frame ID: 52E3604D9BDB186FB9B4B610856E5BD8
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/p.media?clickID=a5mTR8VWJ60bnaYFF61T6qPbMZcUrQ2VHnWob7qQrfNYaQr4Tbk2aQ3nEJDYrFfUdr0mPnJpGrumWnD3EZbh2tZap3mfZdpFQZc0G7U1cvV1cBnnEvQ3bv5WrbBUAMTPqbXPc3nStbv1tfpT6vp3Gr10FYIUAim4ArbPmJE2WZbrXWYAnt2v36rY4VYfTVQ7VGMeR6FMTWZbVWFZb45UZaoWEvvTTJlSTBZcTsZbvrt3Zc8y&mediaDataID=6680176&mediaName=frame.html
Frame ID: 8FBA8E7E5652DCD5F70D882B77A9AD94
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/p.media?clickID=a8mTR80bnb1UBf0qAqSFrEWUrPWW3XnFfxRFFnXaYy5qBj5aQXoTZbHXb78UHjXm67DnVvomHML5TUh3tmq4AFLpFrZb0s3R1cZbYXGFnmqB43FFSVrJAVPr1REvQQVZbqPtFvYtJqV6ru4s3UYbvZbV6un56Zb8PmFH2Hvn0WBKpdEo5mBR3sYgUGvdUsZbjSmFuUWFRTFr15UisUEMpVa3lSTBFQVQJWUaCqQNu1B&mediaDataID=6719746&mediaName=frame.html
Frame ID: DBE0D44F3176B4DED1F730BE982A7D3A
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/p.media?clickID=aamTR81c33XG7upEfS5FJUTFBCUPU0PT3QSsMoPWJr1WjnW6Uv4sn0YFvITmuw4mFgPmbC4WYMXHYKnd2u46MT3GM9VVM6UcrjPPvoTHM3UbM53FZaxVq3sTTUlQaBZaRVBZcRrIrRHndUVv55rTrot6qYEev2t3CQVBC4mJZbmdAyTHQ60b3kXUjk1qIOSFJHUbB2WHB2oF7rRbbqYqQy3TUa2a7Ytq7ptKWCsA&mediaDataID=7665496&mediaName=frame.html
Frame ID: 0F7001EB0FFC0EFDCDEE919B5624C62C
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/p.media?clickID=acmTR8UcbfPP3wUdMPTbnY5barWaMmWEnlSEnKRsZbCPUimSHQcUVUP5UTmmd6OXT6n2tMHSG7Zc26QZbodXsUWjc0Uvd1bjlXayoPbrZbTrvSVdJ5nrFsPFjn1EYy5aUj5an4oTZbEYrF8WH7Xnm3ZdpVrnptfD3Tri3dEm5AvZaprMEXVfQ1cnV1VFvmqFW2rFVVrnBVmf5RqU5SV3tQHBrYtvuT6bu1V3kp2UJyL&mediaDataID=5436426&mediaName=frame.html
Frame ID: 0326F849F0AA42E2233EC517203412B8
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/p.media?clickID=aemTR8XaisPbQGWFY0VtY4orbsQUBqXEMy3Ebh5EMRmqfBXrb9WHZbWnP3KnGnwod7L3TUf5tay3P7ZanrbZcYGUW1VU5XsZbopTnQ5Uv2WbJZcWP71PqMXPVMoStJr1HvnW6rO4snYXU3IVmmw56vcRmfB3dZbr0HvZbntey56BS3srgTsJcUcJ8SmMwUWZbUTUM03U2tVEboTav7SaQZdScFCRruvPH7dPsvarNp38p&mediaDataID=6530936&mediaName=frame.html
Frame ID: 48ABF02A0853223E4DA0B2BBD7202B0F
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/p.media?clickID=agmTR8pT7U5U3VVbFZaV6f3REr0PVvnSHjrYdJtWAvp2VU2YUMJVm2r5Av9P6fK2tFM0HYIpdIm3mYS5sj6Ucr6UVjhP6nmWdZbRWrBP2FauWajmVT3cQEUKQVZbCPFumSHn6UVUS4FmmodeOYE2M4tnEPsrG46nKotioTWQ70bnkYFYeXaAMRFvHUUn1WWJ3mFQqQbMr1qro3aFk4TrRoTMI1rU8Rd79rf8hC7&mediaDataID=2713736&mediaName=frame.html
Frame ID: 2BABC280ABC229B7EFB2CD00E92DF5CB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-8349397313676385&output=html&h=250&slotname=7797732353&adk=1624638799&adf=1923364441&pi=t.ma~as.7797732353&w=300&url=https%3A%2F%2Fwww.emuparadise.me%2F&ea=0&flash=0&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1606172678052&bpp=17&bdt=843&idt=112&shv=r20201112&cbv=r20190131&ptt=5&saldr=sa&correlator=2283660471199&frm=23&ife=1&pv=2&ga_vid=2142255762.1606172677&ga_sid=1606172678&ga_hid=314828876&ga_fc=1&iag=3&icsg=41558&nhd=1&dssz=10&mdo=0&mso=64&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1060&ady=447&biw=1600&bih=1200&isw=300&ish=250&ifk=2323582349&scr_x=0&scr_y=0&eid=21066429&oid=3&pvsid=1192835452081720&pem=758&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.c83kdj4bzrst&fsb=1&dtd=133
Frame ID: 5A0550FB1761451C06AEF3DE92ED2248
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-8349397313676385&output=html&h=600&slotname=1751198753&adk=1179831814&adf=2638734761&pi=t.ma~as.1751198753&w=160&url=https%3A%2F%2Fwww.emuparadise.me%2F&ea=0&flash=0&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1606172678087&bpp=12&bdt=886&idt=110&shv=r20201112&cbv=r20190131&ptt=5&saldr=sa&correlator=2283660471199&frm=23&ife=1&pv=1&ga_vid=2142255762.1606172677&ga_sid=1606172678&ga_hid=45244294&ga_fc=1&iag=3&icsg=41558&nhd=1&dssz=10&mdo=0&mso=64&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=276&ady=660&biw=1600&bih=1200&isw=160&ish=600&ifk=919583899&scr_x=0&scr_y=0&oid=3&pvsid=3982386425682452&pem=758&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.n8txz7ajttmo&fsb=1&dtd=117
Frame ID: 40E1F20131642B7DB7AB53EF2CA03EE7
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: B9C221A83139EB25088740F6C89C52A0
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-8349397313676385&output=html&h=90&slotname=4844265957&adk=3045226194&adf=2260553175&pi=t.ma~as.4844265957&w=728&url=https%3A%2F%2Fwww.emuparadise.me%2F&ea=0&flash=0&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1606172678593&bpp=7&bdt=1410&idt=92&shv=r20201112&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3D79355f254bae5e87-22ecc14f78a60024%3AT%3D1606172678%3ART%3D1606172678%3AS%3DALNI_MbJTR027-vbpYBalqYcpnBlx0AQxQ&correlator=2283660471199&frm=23&ife=1&pv=1&ga_vid=2142255762.1606172677&ga_sid=1606172679&ga_hid=572993466&ga_fc=1&iag=3&icsg=41558&nhd=1&dssz=10&mdo=0&mso=64&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=152&biw=1600&bih=1200&isw=728&ish=90&ifk=4260295749&scr_x=0&scr_y=0&eid=42530671%2C21068084&oid=3&pvsid=3768629073722840&pem=758&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.ns06hs5zlfpz&fsb=1&dtd=101
Frame ID: 9AF050B4D0BEC895BDFFD32BD422A764
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html
Frame ID: 55D3949922CA6DB6DB2F4E768671FFB7
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html
Frame ID: 8B4D138CF8B3DB5E7E45D3EC56DA3828
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html
Frame ID: DED7A1F835257F79DCD0F2E86DD02995
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://m.emuparadise.me/redirect/desktop/ HTTP 301
https://www.emuparadise.me/redirect/desktop/redirect/desktop/ HTTP 301
https://www.emuparadise.me/redirect/desktop/ HTTP 301
https://www.emuparadise.me/ Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Varnish (Cache Tools) Expand

Overall confidence: 100%
Detected patterns

headers via /varnish(?: $Varnish\/([\d.]+)$)?/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

html /<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
script /\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

98
Requests

99 %
HTTPS

28 %
IPv6

19
Domains

26
Subdomains

19
IPs

2
Countries

997 kB
Transfer

2756 kB
Size

9
Cookies

12 Outgoing links

These are links going to different origins than the main page.

URL: http://www.epforums.org/
Title: Emuparadise forums

Search URL Search Domain Scan URL

URL: https://www.facebook.com/groups/emuparadise/

Search URL Search Domain Scan URL

URL: http://twitter.com/emuparadise

Search URL Search Domain Scan URL

URL: http://feeds.feedburner.com/Emuparadise

Search URL Search Domain Scan URL

URL: http://www.epforums.org/showthread.php?threadid=131773
Title: Looking for a list of PS3 hybrid blu-ray releases

Search URL Search Domain Scan URL

URL: http://www.epforums.org/showthread.php?threadid=131474
Title: Pokémon related questions

Search URL Search Domain Scan URL

URL: http://www.epforums.org/showthread.php?threadid=111223
Title: What are some of your favorite horror games?

Search URL Search Domain Scan URL

URL: http://www.epforums.org/showthread.php?threadid=131797
Title: 3D Tetris / BlockOut

Search URL Search Domain Scan URL

URL: http://www.epforums.org/showthread.php?threadid=131776
Title: Clock Tower reference in new anime.

Search URL Search Domain Scan URL

URL: https://www.youtube.com/embed/BuDXgyh8HuI
Title: Portuguese

Search URL Search Domain Scan URL

URL: https://www.youtube.com/embed/vE_9TKFvV44
Title: Spanish

Search URL Search Domain Scan URL

URL: https://www.youtube.com/embed/glogoOTKw0Q
Title: French

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://m.emuparadise.me/redirect/desktop/ HTTP 301
https://www.emuparadise.me/redirect/desktop/redirect/desktop/ HTTP 301
https://www.emuparadise.me/redirect/desktop/ HTTP 301
https://www.emuparadise.me/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 26

https://sb.scorecardresearch.com/b?c1=2&c2=17084928&ns__t=1606172677308&ns_c=UTF-8&cv=3.5&c8=Play%20classic%20video%20games%20on%20your%20computer%20or%20mobile%20device%20%7C%20Emuparadise&c7=https%3A%2F%2Fwww.emuparadise.me%2F&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=17084928&ns__t=1606172677308&ns_c=UTF-8&cv=3.5&c8=Play%20classic%20video%20games%20on%20your%20computer%20or%20mobile%20device%20%7C%20Emuparadise&c7=https%3A%2F%2Fwww.emuparadise.me%2F&c9=&cs_ak_ss=1

98 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.emuparadise.me/
Redirect Chain

https://m.emuparadise.me/redirect/desktop/
https://www.emuparadise.me/redirect/desktop/redirect/desktop/
https://www.emuparadise.me/redirect/desktop/
https://www.emuparadise.me/

50 KB
12 KB

47ms
47ms

Document
text/html

151.101.194.109
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.emuparadise.me/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.109 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx/1.12.0 / PHP/5.4.16

Resource Hash

a48eb46264733177d5630c38ddcda43d3c2344ba13733ec65d2319ecf6ed93e1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

:method: GET
:authority: www.emuparadise.me
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

server: nginx/1.12.0
content-type: text/html; charset=UTF-8
x-powered-by: PHP/5.4.16
content-encoding: gzip
cache-control: max-age=0
expires: Mon, 23 Nov 2020 13:54:46 GMT
content-security-policy: upgrade-insecure-requests
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 23 Nov 2020 23:04:36 GMT
age: 32991
x-served-by: cache-sin18050-SIN, cache-hhn4032-HHN
x-cache: HIT, HIT
x-cache-hits: 1, 1
x-timer: S1606172677.532146,VS0,VE1
vary: Accept-Encoding
content-length: 11822

Redirect headers

server: nginx/1.12.0
content-type: text/html
location: https://www.emuparadise.me/
cache-control: private, no-cache, no-store, proxy-revalidate, no-transform
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
date: Mon, 23 Nov 2020 23:04:36 GMT
x-served-by: cache-sin18041-SIN, cache-hhn4032-HHN
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1606172676.323420,VS0,VE162
content-length: 185

GET
H/1.1 200
OK emuparadise-1537970211.css
b64459531885200b3efb-5206a7b3a50a3f5974248375cd863061.ssl.cf1.rackcdn.com/comp/ 56 KB
11 KB 217ms
67ms Stylesheet
text/css 104.108.144.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://b64459531885200b3efb-5206a7b3a50a3f5974248375cd863061.ssl.cf1.rackcdn.com/comp/emuparadise-1537970211.css
Requested by: Host: www.emuparadise.me
URL: https://www.emuparadise.me/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.144.152 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-144-152.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 4bb12d70c666a520e92ce5323623ef456da29d874de55b2900f6938b860ce458

Request headers

Referer: https://www.emuparadise.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 23 Nov 2020 23:04:36 GMT
Content-Encoding: gzip
Origin: https://mycloud.rackspace.com
Last-Modified: Wed, 26 Sep 2018 13:57:46 GMT
X-Trans-Id: tx70025dde3c8a4d8a82bf5-005f329356dfw1
ETag: 900ac5e6f75cfc609df8cf52aeb6e39f
Vary: Accept-Encoding
Content-Type: text/css
X-Timestamp: 1537970265.54513
Cache-Control: public, max-age=22513156
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11270
Expires: Wed, 11 Aug 2021 12:43:52 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.7/ 93 KB
33 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:81a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.7/jquery.min.js

Requested by

Host: www.emuparadise.me
URL: https://www.emuparadise.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.emuparadise.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 22 Nov 2020 17:08:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 107786
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33845
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 22 Nov 2021 17:08:10 GMT

GET
H/1.1 200
OK emuparadise-1537970211.js Show response
b64459531885200b3efb-5206a7b3a50a3f5974248375cd863061.ssl.cf1.rackcdn.com/comp/ 70 KB
24 KB 265ms
112ms Script
text/javascript 104.108.144.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://b64459531885200b3efb-5206a7b3a50a3f5974248375cd863061.ssl.cf1.rackcdn.com/comp/emuparadise-1537970211.js
Requested by: Host: www.emuparadise.me
URL: https://www.emuparadise.me/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.144.152 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-144-152.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0d6d87d86843ed0bc023cba55f7d1d2078ea087f968c8dc3e1cf65d59e26560b

Request headers

Referer: https://www.emuparadise.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 23 Nov 2020 23:04:36 GMT
Content-Encoding: gzip
Origin: https://mycloud.rackspace.com
Last-Modified: Wed, 26 Sep 2018 13:57:46 GMT
X-Trans-Id: txceeb5cd7eed8442e96e4e-005f3f4e86dfw1
ETag: c4a74b6b255adb234084b946f4081e75
Vary: Accept-Encoding
Content-Type: text/javascript
X-Timestamp: 1537970265.55555
Cache-Control: public, max-age=23347692
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 23613
Expires: Sat, 21 Aug 2021 04:32:48 GMT

GET
H/1.1 200
OK s1.png
b64459531885200b3efb-5206a7b3a50a3f5974248375cd863061.ssl.cf1.rackcdn.com/images/ 559 B
1 KB 62ms
62ms Image
image/png 104.108.144.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b64459531885200b3efb-5206a7b3a50a3f5974248375cd863061.ssl.cf1.rackcdn.com/images/s1.png
Requested by: Host: www.emuparadise.me
URL: https://www.emuparadise.me/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.144.152 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-144-152.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 7e915777546516e196d2b26c4eb393423c54174d61fbf7a98259c33a4efdefdc

Request headers

Referer: https://www.emuparadise.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 23 Nov 2020 23:04:37 GMT
X-Object-Meta-Cache-Control: public%2Cmax-age%3D31536000
Last-Modified: Sat, 17 Aug 2013 08:44:26 GMT
ETag: af3773561c7c44de0d60bfe13e830d96
X-Object-Meta-Expires: Mon%2C%2016%20Sep%202025%2009%3A43%3A47%20WEST
Content-Type: image/png
X-Timestamp: 1376729065.89558
Cache-Control: public, max-age=22513310
Content-Length: 559
Connection: keep-alive
Accept-Ranges: bytes
X-Trans-Id: txa19f7596b40e4d63b4ee0-005f329356dfw1
Expires: Wed, 11 Aug 2021 12:46:27 GMT

GET
H/1.1 200
OK eplogo-tag.jpg
b64459531885200b3efb-5206a7b3a50a3f5974248375cd863061.ssl.cf1.rackcdn.com/graphics/ 18 KB
19 KB 73ms
72ms Image
image/jpeg 104.108.144.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b64459531885200b3efb-5206a7b3a50a3f5974248375cd863061.ssl.cf1.rackcdn.com/graphics/eplogo-tag.jpg
Requested by: Host: www.emuparadise.me
URL: https://www.emuparadise.me/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.144.152 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-144-152.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6a2a699fa7e4ce101b9db469452f2631cc2ac7c887abe082617497274e243f0e

Request headers

Referer: https://www.emuparadise.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 23 Nov 2020 23:04:37 GMT
X-Object-Meta-Cache-Control: public%2Cmax-age%3D31536000
Last-Modified: Sat, 17 Aug 2013 08:52:18 GMT
ETag: 2cf73a9b2b593a3da2038ef33d25115c
X-Object-Meta-Expires: Mon%2C%2016%20Sep%202025%2009%3A52%3A13%20WEST
Content-Type: image/jpeg
X-Timestamp: 1376729537.73098
Cache-Control: public, max-age=22513303
Content-Length: 18720
Connection: keep-alive
Accept-Ranges: bytes
X-Trans-Id: tx97f3cb8e41844554b6afe-005f329356dfw1
Expires: Wed, 11 Aug 2021 12:46:20 GMT

GET
H/1.1 200
OK Facebook-icon.png
b64459531885200b3efb-5206a7b3a50a3f5974248375cd863061.ssl.cf1.rackcdn.com/ 2 KB
2 KB 64ms
62ms Image
image/png 104.108.144.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b64459531885200b3efb-5206a7b3a50a3f5974248375cd863061.ssl.cf1.rackcdn.com/Facebook-icon.png
Requested by: Host: www.emuparadise.me
URL: https://www.emuparadise.me/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.144.152 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-144-152.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 432c736872d32e23225a118a9ee55f26126de76a49be04adbf2ddba534bb717d

Request headers

Referer: https://www.emuparadise.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 23 Nov 2020 23:04:37 GMT
X-Object-Meta-Cache-Control: public%2Cmax-age%3D31536000
Last-Modified: Sat, 17 Aug 2013 08:37:46 GMT
ETag: 9d85c4d059a5276912b4e962849ef25e
X-Object-Meta-Expires: Mon%2C%2016%20Sep%202025%2009%3A37%3A11%20WEST
Content-Type: image/png
X-Timestamp: 1376728665.11557
Cache-Control: public, max-age=22513350
Content-Length: 1666
Connection: keep-alive
Accept-Ranges: bytes
X-Trans-Id: txa7eda24d299e44858f784-005f329356dfw1
Expires: Wed, 11 Aug 2021 12:47:07 GMT

GET
H/1.1 200
OK Twitter-icon.png
b64459531885200b3efb-5206a7b3a50a3f5974248375cd863061.ssl.cf1.rackcdn.com/images/ 2 KB
2 KB 200ms
70ms Image
image/png 104.108.144.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b64459531885200b3efb-5206a7b3a50a3f5974248375cd863061.ssl.cf1.rackcdn.com/images/Twitter-icon.png
Requested by: Host: www.emuparadise.me
URL: https://www.emuparadise.me/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.144.152 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-144-152.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e8fd36555511bebb4ea6f4520ab3eb3de4acb772452cd9d37f461dfd3b93e994

Request headers

Referer: https://www.emuparadise.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 23 Nov 2020 23:04:37 GMT
X-Object-Meta-Cache-Control: public%2Cmax-age%3D31536000
Last-Modified: Sat, 17 Aug 2013 08:44:32 GMT
ETag: cb49baac2cd813d139e9eb2cc46ecf18
X-Object-Meta-Expires: Mon%2C%2016%20Sep%202025%2009%3A43%3A47%20WEST
Content-Type: image/png
X-Timestamp: 1376729071.33081
Cache-Control: public, max-age=22513442
Content-Length: 1746
Connection: keep-alive
Accept-Ranges: bytes
X-Trans-Id: tx5188d2965c2644c58107f-005f329356dfw1
Expires: Wed, 11 Aug 2021 12:48:39 GMT

GET
H/1.1 200
OK rssicon.png
b64459531885200b3efb-5206a7b3a50a3f5974248375cd863061.ssl.cf1.rackcdn.com/ 3 KB
4 KB 214ms
66ms Image
image/png 104.108.144.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b64459531885200b3efb-5206a7b3a50a3f5974248375cd863061.ssl.cf1.rackcdn.com/rssicon.png
Requested by: Host: www.emuparadise.me
URL: https://www.emuparadise.me/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.144.152 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-144-152.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: a5d4be9135e0400a2357c358d9f967d4a7d5ccc13c272b657932aae568e2ca61

Request headers

Referer: https://www.emuparadise.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 23 Nov 2020 23:04:37 GMT
X-Object-Meta-Cache-Control: public%2Cmax-age%3D31536000
Last-Modified: Sat, 17 Aug 2013 08:46:12 GMT
ETag: b683c3bc3966e545d34439c152fcf921
X-Object-Meta-Expires: Mon%2C%2016%20Sep%202025%2009%3A46%3A07%20WEST
Content-Type: image/png
X-Timestamp: 1376729171.56505
Cache-Control: public, max-age=23347614
Content-Length: 3437
Connection: keep-alive
Accept-Ranges: bytes
X-Trans-Id: tx6cb33f4edfa74dd1be6c2-005f3f4e86dfw1
Expires: Sat, 21 Aug 2021 04:31:31 GMT

GET
H2 200 tags.js Show response
tags.expo9.exponential.com/tags/EmuParadiseorg/ATF/ 7 KB
3 KB 313ms
205ms Script
application/x-javascript 104.18.4.23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.expo9.exponential.com/tags/EmuParadiseorg/ATF/tags.js
Requested by: Host: www.emuparadise.me
URL: https://www.emuparadise.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.4.23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c0e84e667672bf1c1c675beab334b374919c2a76172ddf890e48ac57b182f5ee

Request headers

Referer: https://www.emuparadise.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 23:04:37 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
p3p: CP="NOI DEVo TAIa OUR BUS"
content-length: 2306
cf-request-id: 0698f32b2d00001ec28ca48000000001
x-function: 151
last-modified: Fri, 21 Jun 2013 00:18:47 GMT
server: cloudflare
x-reuse-index: 211
etag: 5909443542969422214
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=3600, public
cf-ray: 5f6e87beae661ec2-AMS
expires: Tue, 24 Nov 2020 00:04:36 GMT

GET
H/1.1 200
OK mascot.gif
b64459531885200b3efb-5206a7b3a50a3f5974248375cd863061.ssl.cf1.rackcdn.com/graphics/ 8 KB
8 KB 216ms
68ms Image
image/gif 104.108.144.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b64459531885200b3efb-5206a7b3a50a3f5974248375cd863061.ssl.cf1.rackcdn.com/graphics/mascot.gif
Requested by: Host: www.emuparadise.me
URL: https://www.emuparadise.me/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.144.152 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-144-152.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: dcdc6d08c55dacf94f6a80c70f33a211542ae3d54755efa8a6f27c2fef7b7e18

Request headers

Referer: https://www.emuparadise.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 23 Nov 2020 23:04:37 GMT
X-Object-Meta-Cache-Control: public%2Cmax-age%3D31536000
Last-Modified: Sat, 17 Aug 2013 08:52:30 GMT
ETag: 8f86ea0a1b02b3628e80a2ae5fa42f3e
X-Object-Meta-Expires: Mon%2C%2016%20Sep%202025%2009%3A52%3A13%20WEST
Content-Type: image/gif
X-Timestamp: 1376729549.01511
Cache-Control: public, max-age=22513443
Content-Length: 8065
Connection: keep-alive
Accept-Ranges: bytes
X-Trans-Id: tx2458c21dfbd64821b80cf-005f329357dfw1
Expires: Wed, 11 Aug 2021 12:48:40 GMT

GET
H/1.1 200
OK open-quote.png
b64459531885200b3efb-5206a7b3a50a3f5974248375cd863061.ssl.cf1.rackcdn.com/graphics/ 2 KB
2 KB 236ms
59ms Image
image/png 104.108.144.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b64459531885200b3efb-5206a7b3a50a3f5974248375cd863061.ssl.cf1.rackcdn.com/graphics/open-quote.png
Requested by: Host: www.emuparadise.me
URL: https://www.emuparadise.me/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.144.152 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-144-152.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: cd2890594b4584d2735dd78049aea9ebc7c395cb5cc97bee9e3ab6176a0c299d

Request headers

Referer: https://www.emuparadise.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 23 Nov 2020 23:04:37 GMT
Origin: https://mycloud.rackspace.com
Last-Modified: Sun, 08 Oct 2017 15:44:01 GMT
X-Trans-Id: tx9d2b1cb596124ebca1c0c-005f3b7a51dfw1
ETag: 75d85f6988cebba8a1ae04864a177ba3
Content-Type: image/png
X-Timestamp: 1507477440.86806
Cache-Control: public, max-age=23096932
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1972
Expires: Wed, 18 Aug 2021 06:53:29 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
18 KB 7ms
5ms Script
text/javascript 2a00:1450:4001:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: b64459531885200b3efb-5206a7b3a50a3f5974248375cd863061.ssl.cf1.rackcdn.com
URL: https://b64459531885200b3efb-5206a7b3a50a3f5974248375cd863061.ssl.cf1.rackcdn.com/comp/emuparadise-1537970211.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.emuparadise.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 6529
date: Mon, 23 Nov 2020 21:15:48 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Mon, 23 Nov 2020 23:15:48 GMT

GET
H/1.1 200
OK beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 153ms
51ms Script
application/x-javascript 172.226.219.188
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: b64459531885200b3efb-5206a7b3a50a3f5974248375cd863061.ssl.cf1.rackcdn.com
URL: https://b64459531885200b3efb-5206a7b3a50a3f5974248375cd863061.ssl.cf1.rackcdn.com/comp/emuparadise-1537970211.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 172.226.219.188 , United States, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a172-226-219-188.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: https://www.emuparadise.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 23 Nov 2020 23:04:37 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=86400
Connection: keep-alive
Content-Length: 884
Expires: Tue, 24 Nov 2020 23:04:37 GMT

GET post-widget.js
i.po.st/static/v4/ 0
0

GET
H2 200 rciv.js Show response
cdn.tynt.com/ 15 KB
6 KB 165ms
60ms Script
application/javascript 104.16.87.26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.tynt.com/rciv.js
Requested by: Host: www.emuparadise.me
URL: https://www.emuparadise.me/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.87.26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9e3b9ecf3258afd899081e6cf645e09ae51a031aeac11a0d0f59ea3b5ff8595b

Request headers

Referer: https://www.emuparadise.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 23:04:37 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 21 Aug 2020 18:27:45 GMT
server: cloudflare
age: 152193
etag: W/"5f401221-3dbe"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 5f6e87c10f120c15-AMS
cf-request-id: 0698f32ca700000c151e0fc000000001
expires: Thu, 26 Nov 2020 23:04:37 GMT

GET
H/1.1 200
OK toprepeat.gif
b64459531885200b3efb-5206a7b3a50a3f5974248375cd863061.ssl.cf1.rackcdn.com/graphics/ 120 B
647 B 123ms
79ms Image
image/gif 104.108.144.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b64459531885200b3efb-5206a7b3a50a3f5974248375cd863061.ssl.cf1.rackcdn.com/graphics/toprepeat.gif
Requested by: Host: b64459531885200b3efb-5206a7b3a50a3f5974248375cd863061.ssl.cf1.rackcdn.com
URL: https://b64459531885200b3efb-5206a7b3a50a3f5974248375cd863061.ssl.cf1.rackcdn.com/comp/emuparadise-1537970211.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.144.152 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-144-152.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: d6da0ca764e8868359ebf6451c2c650a06163d1112c9dc8378bf88ce5e486895

Request headers

Referer: https://b64459531885200b3efb-5206a7b3a50a3f5974248375cd863061.ssl.cf1.rackcdn.com/comp/emuparadise-1537970211.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 23 Nov 2020 23:04:37 GMT
X-Object-Meta-Cache-Control: public%2Cmax-age%3D31536000
Last-Modified: Sat, 17 Aug 2013 08:52:33 GMT
ETag: d20d7a1416d33c4bdaf9670564b58a40
X-Object-Meta-Expires: Mon%2C%2016%20Sep%202025%2009%3A52%3A13%20WEST
Content-Type: image/gif
X-Timestamp: 1376729552.28827
Cache-Control: public, max-age=16401894
Content-Length: 120
Connection: keep-alive
Accept-Ranges: bytes
X-Trans-Id: txec4d64b585bb4bdc82cdb-005ed551f6dfw1
Expires: Tue, 01 Jun 2021 19:09:31 GMT

GET
H/1.1 200
OK search-icon.png
b64459531885200b3efb-5206a7b3a50a3f5974248375cd863061.ssl.cf1.rackcdn.com/images/ 5 KB
5 KB 105ms
65ms Image
image/png 104.108.144.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b64459531885200b3efb-5206a7b3a50a3f5974248375cd863061.ssl.cf1.rackcdn.com/images/search-icon.png
Requested by: Host: b64459531885200b3efb-5206a7b3a50a3f5974248375cd863061.ssl.cf1.rackcdn.com
URL: https://b64459531885200b3efb-5206a7b3a50a3f5974248375cd863061.ssl.cf1.rackcdn.com/comp/emuparadise-1537970211.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.144.152 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-144-152.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 51b5cb15f29ab4955072d1c18f479b57df59a8da4113b1d41d889a49b84a9e0d

Request headers

Referer: https://b64459531885200b3efb-5206a7b3a50a3f5974248375cd863061.ssl.cf1.rackcdn.com/comp/emuparadise-1537970211.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 23 Nov 2020 23:04:37 GMT
X-Object-Meta-Cache-Control: public%2Cmax-age%3D31536000
Last-Modified: Sat, 17 Aug 2013 08:44:28 GMT
ETag: 77ebe1cb74c0ab78ffb356b4e990ef63
X-Object-Meta-Expires: Mon%2C%2016%20Sep%202025%2009%3A43%3A47%20WEST
Content-Type: image/png
X-Timestamp: 1376729067.70369
Cache-Control: public, max-age=23348284
Content-Length: 4794
Connection: keep-alive
Accept-Ranges: bytes
X-Trans-Id: tx8f9ff092a8294be296164-005f3f50badfw1
Expires: Sat, 21 Aug 2021 04:42:41 GMT

GET
H2 200 tags.js Show response
s.tribalfusion.com/real/tags/EmuParadiseorg/ATF/ Frame 185C 59 KB
14 KB 322ms
206ms Script
application/x-javascript 104.18.13.5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/real/tags/EmuParadiseorg/ATF/tags.js
Requested by: Host: tags.expo9.exponential.com
URL: https://tags.expo9.exponential.com/tags/EmuParadiseorg/ATF/tags.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.13.5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 67d2378e075a6aa948b9f85b1e92bef2da82ceb91f0f402c4e09a7e2d9c992f1

Request headers

Referer: https://www.emuparadise.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 23:04:37 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
p3p: CP="NOI DEVo TAIa OUR BUS"
content-length: 14058
cf-request-id: 0698f32cd50000c791dcbe2000000001
x-function: 151
last-modified: Wed, 29 Apr 2020 03:44:15 GMT
server: cloudflare
x-reuse-index: 410
etag: 15166795143937619838
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=3600, private
cf-ray: 5f6e87c15f82c791-AMS
expires: Tue, 24 Nov 2020 00:04:37 GMT

GET
H/1.1 200
OK smallpalm.gif
b64459531885200b3efb-5206a7b3a50a3f5974248375cd863061.ssl.cf1.rackcdn.com/graphics/ 204 B
731 B 131ms
59ms Image
image/gif 104.108.144.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b64459531885200b3efb-5206a7b3a50a3f5974248375cd863061.ssl.cf1.rackcdn.com/graphics/smallpalm.gif
Requested by: Host: b64459531885200b3efb-5206a7b3a50a3f5974248375cd863061.ssl.cf1.rackcdn.com
URL: https://b64459531885200b3efb-5206a7b3a50a3f5974248375cd863061.ssl.cf1.rackcdn.com/comp/emuparadise-1537970211.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.144.152 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-144-152.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: ddccee94532e36265390e5c93503c8bc30525834a36ec19fd8aef385d3e842d9

Request headers

Referer: https://b64459531885200b3efb-5206a7b3a50a3f5974248375cd863061.ssl.cf1.rackcdn.com/comp/emuparadise-1537970211.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 23 Nov 2020 23:04:37 GMT
X-Object-Meta-Cache-Control: public%2Cmax-age%3D31536000
Last-Modified: Sat, 17 Aug 2013 08:52:31 GMT
ETag: 0ce532e3d8ad76216db9cbc429e97689
X-Object-Meta-Expires: Mon%2C%2016%20Sep%202025%2009%3A52%3A13%20WEST
Content-Type: image/gif
X-Timestamp: 1376729550.70383
Cache-Control: public, max-age=22635310
Content-Length: 204
Connection: keep-alive
Accept-Ranges: bytes
X-Trans-Id: tx0986b50b64d94bbfb6ec5-005f346fb1dfw1
Expires: Thu, 12 Aug 2021 22:39:47 GMT

GET
H2 200 tags.js Show response
s.tribalfusion.com/real/tags/EmuParadiseorg/ATF/ Frame E063 59 KB
14 KB 330ms
231ms Script
application/x-javascript 104.18.13.5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/real/tags/EmuParadiseorg/ATF/tags.js
Requested by: Host: tags.expo9.exponential.com
URL: https://tags.expo9.exponential.com/tags/EmuParadiseorg/ATF/tags.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.13.5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 67d2378e075a6aa948b9f85b1e92bef2da82ceb91f0f402c4e09a7e2d9c992f1

Request headers

Referer: https://www.emuparadise.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 23:04:37 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
p3p: CP="NOI DEVo TAIa OUR BUS"
content-length: 14058
cf-request-id: 0698f32cd60000c7918826c000000001
x-function: 151
last-modified: Wed, 29 Apr 2020 03:44:15 GMT
server: cloudflare
x-reuse-index: 56
etag: 15166795143937619838
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=3600, private
cf-ray: 5f6e87c15f83c791-AMS
expires: Tue, 24 Nov 2020 00:04:37 GMT

GET
H/1.1 200
OK heart.png
b64459531885200b3efb-5206a7b3a50a3f5974248375cd863061.ssl.cf1.rackcdn.com/images/ 2 KB
2 KB 136ms
62ms Image
image/png 104.108.144.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b64459531885200b3efb-5206a7b3a50a3f5974248375cd863061.ssl.cf1.rackcdn.com/images/heart.png
Requested by: Host: b64459531885200b3efb-5206a7b3a50a3f5974248375cd863061.ssl.cf1.rackcdn.com
URL: https://b64459531885200b3efb-5206a7b3a50a3f5974248375cd863061.ssl.cf1.rackcdn.com/comp/emuparadise-1537970211.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.144.152 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-144-152.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 34a83b5deedbc6b2c2739d8189b62f5e9af1a46ebc75ec4e1b50a0a81c301f43

Request headers

Referer: https://b64459531885200b3efb-5206a7b3a50a3f5974248375cd863061.ssl.cf1.rackcdn.com/comp/emuparadise-1537970211.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 23 Nov 2020 23:04:37 GMT
X-Object-Meta-Cache-Control: public%2Cmax-age%3D31536000
Last-Modified: Sat, 17 Aug 2013 08:44:21 GMT
ETag: 056b237483e2aa9886ee508ee7d31516
X-Object-Meta-Expires: Mon%2C%2016%20Sep%202025%2009%3A43%3A47%20WEST
Content-Type: image/png
X-Timestamp: 1376729060.07849
Cache-Control: public, max-age=21850404
Content-Length: 1767
Connection: keep-alive
Accept-Ranges: bytes
X-Trans-Id: txb50054b53a8b4715a3ef0-005f2875bbdfw1
Expires: Tue, 03 Aug 2021 20:38:01 GMT

GET
H2 200 tags.js Show response
s.tribalfusion.com/real/tags/EmuParadiseorg/ATF/ Frame 0462 59 KB
14 KB 330ms
239ms Script
application/x-javascript 104.18.13.5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/real/tags/EmuParadiseorg/ATF/tags.js
Requested by: Host: tags.expo9.exponential.com
URL: https://tags.expo9.exponential.com/tags/EmuParadiseorg/ATF/tags.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.13.5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 67d2378e075a6aa948b9f85b1e92bef2da82ceb91f0f402c4e09a7e2d9c992f1

Request headers

Referer: https://www.emuparadise.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 23:04:37 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
p3p: CP="NOI DEVo TAIa OUR BUS"
content-length: 14058
cf-request-id: 0698f32cd60000c7917e2c5000000001
x-function: 151
last-modified: Wed, 29 Apr 2020 03:44:15 GMT
server: cloudflare
x-reuse-index: 369
etag: 15166795143937619838
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=3600, private
cf-ray: 5f6e87c15f84c791-AMS
expires: Tue, 24 Nov 2020 00:04:37 GMT

GET
H2 200 UZMBXSqGIEY
www.youtube.com/embed/ Frame C2F4 0
0 96ms
95ms Document
text/html 2a00:1450:4001:814::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/UZMBXSqGIEY

Requested by

Host: www.emuparadise.me
URL: https://www.emuparadise.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

YouTube Frontend Proxy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/UZMBXSqGIEY
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.emuparadise.me/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.emuparadise.me/

Response headers

expires: Tue, 27 Apr 1971 19:44:06 GMT
cache-control: no-cache
content-type: text/html; charset=utf-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 20271
date: Mon, 23 Nov 2020 23:04:37 GMT
server: YouTube Frontend Proxy
x-xss-protection: 0
set-cookie: VISITOR_INFO1_LIVE=TIZ1apHZAE4; path=/; domain=.youtube.com; secure; expires=Sat, 22-May-2021 23:04:37 GMT; httponly; samesite=None YSC=a7OhMu_9rfA; path=/; domain=.youtube.com; secure; httponly; samesite=None GPS=1; path=/; domain=.youtube.com; expires=Mon, 23-Nov-2020 23:34:37 GMT VISITOR_INFO1_LIVE=TIZ1apHZAE4; path=/; domain=.youtube.com; secure; expires=Sat, 22-May-2021 23:04:37 GMT; httponly; samesite=None
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK rotd1.png
b64459531885200b3efb-5206a7b3a50a3f5974248375cd863061.ssl.cf1.rackcdn.com/images/ 3 KB
3 KB 101ms
63ms Image
image/png 104.108.144.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b64459531885200b3efb-5206a7b3a50a3f5974248375cd863061.ssl.cf1.rackcdn.com/images/rotd1.png
Requested by: Host: b64459531885200b3efb-5206a7b3a50a3f5974248375cd863061.ssl.cf1.rackcdn.com
URL: https://b64459531885200b3efb-5206a7b3a50a3f5974248375cd863061.ssl.cf1.rackcdn.com/comp/emuparadise-1537970211.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.144.152 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-144-152.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 9272deaba258052abfdca7f8a720c98f972e76dfbff62b73d8411c76c3e5088c

Request headers

Referer: https://b64459531885200b3efb-5206a7b3a50a3f5974248375cd863061.ssl.cf1.rackcdn.com/comp/emuparadise-1537970211.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 23 Nov 2020 23:04:37 GMT
X-Object-Meta-Cache-Control: public%2Cmax-age%3D31536000
Last-Modified: Sat, 17 Aug 2013 08:44:24 GMT
ETag: 3f52a8f58f072e8fe3f2c9d76dfb3b12
X-Object-Meta-Expires: Mon%2C%2016%20Sep%202025%2009%3A43%3A47%20WEST
Content-Type: image/png
X-Timestamp: 1376729063.60991
Cache-Control: public, max-age=22481855
Content-Length: 2921
Connection: keep-alive
Accept-Ranges: bytes
X-Trans-Id: tx86733566d5d64df291a38-005f3217d1dfw1
Expires: Wed, 11 Aug 2021 04:02:12 GMT

GET
H/1.1 200
OK ui-bg_flat_75_6b91a4_40x100.png
b64459531885200b3efb-5206a7b3a50a3f5974248375cd863061.ssl.cf1.rackcdn.com/images/ 213 B
740 B 293ms
292ms Image
image/png 104.108.144.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b64459531885200b3efb-5206a7b3a50a3f5974248375cd863061.ssl.cf1.rackcdn.com/images/ui-bg_flat_75_6b91a4_40x100.png
Requested by: Host: b64459531885200b3efb-5206a7b3a50a3f5974248375cd863061.ssl.cf1.rackcdn.com
URL: https://b64459531885200b3efb-5206a7b3a50a3f5974248375cd863061.ssl.cf1.rackcdn.com/comp/emuparadise-1537970211.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.144.152 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-144-152.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 9835a69ecb524330162090fbfdd3c070e4598540584312915b1bfe547e258717

Request headers

Referer: https://b64459531885200b3efb-5206a7b3a50a3f5974248375cd863061.ssl.cf1.rackcdn.com/comp/emuparadise-1537970211.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 23 Nov 2020 23:04:37 GMT
X-Object-Meta-Cache-Control: public%2Cmax-age%3D31536000
Last-Modified: Sat, 17 Aug 2013 08:44:47 GMT
ETag: 24cf03d9d2bc0538549d1237f451c2a5
X-Object-Meta-Expires: Mon%2C%2016%20Sep%202025%2009%3A43%3A47%20WEST
Content-Type: image/png
X-Timestamp: 1376729086.72329
Cache-Control: public, max-age=22480047
Content-Length: 213
Connection: keep-alive
Accept-Ranges: bytes
X-Trans-Id: tx5793e37ef18a4b8bb513d-005f321135dfw1
Expires: Wed, 11 Aug 2021 03:32:04 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
70 B 13ms
13ms XHR
text/plain 2a00:1450:4001:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&a=1547554368&t=pageview&_s=1&dl=https%3A%2F%2Fwww.emuparadise.me%2F&ul=en-us&de=UTF-8&dt=Play%20classic%20video%20games%20on%20your%20computer%20or%20mobile%20device%20%7C%20Emuparadise&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IGBACEABBAAAAC~&jid=1252402742&gjid=723140219&cid=2142255762.1606172677&tid=UA-311943-2&_gid=62386739.1606172677&_r=1&_slc=1&z=1571624779

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.emuparadise.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 23 Nov 2020 23:04:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.emuparadise.me
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

204
No Content

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=17084928&ns__t=1606172677308&ns_c=UTF-8&cv=3.5&c8=Play%20classic%20video%20games%20on%20your%20computer%20or%20mobile%20device%20%7C%20Emuparadise&c7=http...
https://sb.scorecardresearch.com/b2?c1=2&c2=17084928&ns__t=1606172677308&ns_c=UTF-8&cv=3.5&c8=Play%20classic%20video%20games%20on%20your%20computer%20or%20mobile%20device%20%7C%20Emuparadise&c7=htt...

0
528 B

64ms
62ms

Image
text/plain

172.226.219.188
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=17084928&ns__t=1606172677308&ns_c=UTF-8&cv=3.5&c8=Play%20classic%20video%20games%20on%20your%20computer%20or%20mobile%20device%20%7C%20Emuparadise&c7=https%3A%2F%2Fwww.emuparadise.me%2F&c9=&cs_ak_ss=1
Requested by: Host: www.emuparadise.me
URL: https://www.emuparadise.me/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 172.226.219.188 , United States, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a172-226-219-188.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.emuparadise.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 23 Nov 2020 23:04:37 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://sb.scorecardresearch.com/b2?c1=2&c2=17084928&ns__t=1606172677308&ns_c=UTF-8&cv=3.5&c8=Play%20classic%20video%20games%20on%20your%20computer%20or%20mobile%20device%20%7C%20Emuparadise&c7=https%3A%2F%2Fwww.emuparadise.me%2F&c9=&cs_ak_ss=1
Pragma: no-cache
Date: Mon, 23 Nov 2020 23:04:37 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 aIXlJ0wPOr6ijYaKlId8sQ.js Show response
sc.tynt.com/script/sc/ 2 KB
1 KB 64ms
57ms Script
text/javascript 104.16.87.26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sc.tynt.com/script/sc/aIXlJ0wPOr6ijYaKlId8sQ.js

Requested by

Host: cdn.tynt.com
URL: https://cdn.tynt.com/rciv.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.16.87.26 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c725a3df28f1e5ee7df6d08047f98c58c4e1d29c1a7aa698244bedf4b82e69a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.emuparadise.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 23:04:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 366065
status: 200 OK
x-xss-protection: 1; mode=block
x-request-id: 7a5c25fc-decc-4b8c-8b02-249c823aeece
x-runtime: 0.002222
x-content-digest: f5b1ab5a3d5c41184c1272bb272d6cb98c953bab
last-modified: Wed, 18 Nov 2020 15:08:00 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600, public, s-maxage=172800
cf-request-id: 0698f32cf000000c157830a000000001
cf-ray: 5f6e87c18ffc0c15-AMS
x-rack-cache: fresh
expires: Thu, 19 Nov 2020 07:49:20 GMT

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 426ms
140ms Image
text/plain 67.202.110.31
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=aIXlJ0wPOr6ijYaKlId8sQ&lm=0&ts=1606172677323&dn=RCIV&iso=0&t=Play%20classic%20video%20games%20on%20your%20computer%20or%20mobile%20device%20%7C%20Emuparadise
Requested by: Host: www.emuparadise.me
URL: https://www.emuparadise.me/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.110.31 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.emuparadise.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 23:04:37 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 200 sic.js Show response
cdn-sic.33across.com/1/javascripts/ 376 KB
118 KB 167ms
57ms Script
application/javascript 104.16.38.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-sic.33across.com/1/javascripts/sic.js
Requested by: Host: cdn.tynt.com
URL: https://cdn.tynt.com/rciv.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.38.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Love
Resource Hash: c615d9eabf373b8665ba9e9d418c8aad5e54d93f7ce190522a02799aabc2c4e6

Request headers

Referer: https://www.emuparadise.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 23:04:37 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 18 Nov 2020 23:37:34 GMT
server: cloudflare
age: 361399
x-powered-by: Love
etag: W/"5fb5b03e-5e015"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=3600
cf-ray: 5f6e87c28f8f2074-AMS
cf-request-id: 0698f32d9a00002074b2097000000001
expires: Tue, 24 Nov 2020 00:04:37 GMT

GET
H2 200 displayAd.js Show response
s.tribalfusion.com/ Frame 185C 680 B
767 B 240ms
240ms Script
application/x-javascript 104.18.13.5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/displayAd.js?dver=0.8&th=9174587802
Requested by: Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/real/tags/EmuParadiseorg/ATF/tags.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.13.5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f0bbfc2b332136b057e1a35ad5469920eb5b4fefa1fadd310d97e64e24debc86

Request headers

Referer: https://www.emuparadise.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 23:04:37 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
p3p: CP="NOI DEVo TAIa OUR BUS"
content-length: 333
cf-request-id: 0698f32dd80000c7915d00f000000001
x-function: 153
last-modified: Tue, 04 Apr 2017 05:09:56 GMT
server: cloudflare
x-reuse-index: 1019
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: private
cf-ray: 5f6e87c2f961c791-AMS
expires: Sun, 21 Feb 2021 23:04:37 GMT

GET
H2 200 displayAd.js Show response
s.tribalfusion.com/ Frame E063 678 B
717 B 227ms
226ms Script
application/x-javascript 104.18.13.5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/displayAd.js?dver=0.8&th=9174587802
Requested by: Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/real/tags/EmuParadiseorg/ATF/tags.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.13.5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f2062656f89b2d9e099f19c904fe368516a7fa6ac64ac8289f84c0c7dcf3b71b

Request headers

Referer: https://www.emuparadise.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 23:04:37 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
p3p: CP="NOI DEVo TAIa OUR BUS"
content-length: 331
cf-request-id: 0698f32df10000c7910119e000000001
x-function: 153
last-modified: Tue, 04 Apr 2017 05:09:56 GMT
server: cloudflare
x-reuse-index: 271
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: private
cf-ray: 5f6e87c3198bc791-AMS
expires: Sun, 21 Feb 2021 23:04:37 GMT

GET
H2 200 displayAd.js Show response
s.tribalfusion.com/ Frame 0462 678 B
698 B 228ms
228ms Script
application/x-javascript 104.18.13.5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/displayAd.js?dver=0.8&th=9174587802
Requested by: Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/real/tags/EmuParadiseorg/ATF/tags.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.13.5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eea758cf13005d106cc1059de8be055e0cb7ff6cfd5654ed227cffd66390dfd

Request headers

Referer: https://www.emuparadise.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 23:04:37 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
p3p: CP="NOI DEVo TAIa OUR BUS"
content-length: 330
cf-request-id: 0698f32df10000c791e3baa000000001
x-function: 153
last-modified: Tue, 04 Apr 2017 05:09:56 GMT
server: cloudflare
x-reuse-index: 69
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: private
cf-ray: 5f6e87c3198cc791-AMS
expires: Sun, 21 Feb 2021 23:04:37 GMT

GET
H2 200 v2 Show response
de.tynt.com/deb/ 4 B
202 B 429ms
142ms Script
application/javascript 208.100.17.184
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://de.tynt.com/deb/v2?id=aIXlJ0wPOr6ijYaKlId8sQ&dn=RCIV&cc=1&r=
Requested by: Host: cdn.tynt.com
URL: https://cdn.tynt.com/rciv.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.100.17.184 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS
Software: /
Resource Hash: d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179

Request headers

Referer: https://www.emuparadise.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 23:04:37 GMT
cache-control: max-age=86400
content-type: application/javascript
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
content-length: 4
expires: Tue, 24 Nov 2020 23:04:37 GMT

GET
H2 200 sic.css
cdn-sic.33across.com/1/stylesheets/ 7 KB
2 KB 54ms
53ms Stylesheet
text/css 104.16.38.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-sic.33across.com/1/stylesheets/sic.css
Requested by: Host: cdn-sic.33across.com
URL: https://cdn-sic.33across.com/1/javascripts/sic.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.38.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Love
Resource Hash: 144ccbf730ec71818fae810e659d64064f4f6a783d5730c5f468eff5ac57828c

Request headers

Referer: https://www.emuparadise.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 23:04:37 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 18 Nov 2020 23:34:04 GMT
server: cloudflare
age: 361400
x-powered-by: Love
etag: W/"5fb5af6c-1c86"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=3600
cf-ray: 5f6e87c399672074-AMS
cf-request-id: 0698f32e4000002074b3a0b000000001
expires: Tue, 24 Nov 2020 00:04:37 GMT

GET
H/1.1 200
OK ast.js Show response
acdn.adnxs.com/ast/ Frame 3B09 87 KB
31 KB 194ms
68ms Script
application/javascript 104.108.144.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/ast/ast.js
Requested by: Host: cdn-sic.33across.com
URL: https://cdn-sic.33across.com/1/javascripts/sic.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.144.200 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-144-200.deploy.static.akamaitechnologies.com
Software: nginx/1.13.10 /
Resource Hash: fd2f1a6371998635e3fbeb44a1639b2754944d9cd4f856fd95f31de178287744

Request headers

Referer: https://www.emuparadise.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 23 Nov 2020 23:04:37 GMT
Content-Encoding: gzip
Last-Modified: Thu, 19 Nov 2020 15:33:56 GMT
Server: nginx/1.13.10
ETag: "5fb69064-15b6e"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Length: 30882
Expires: Tue, 24 Nov 2020 23:04:39 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ Frame B1D8 114 KB
30 KB 183ms
65ms Script
application/javascript 65.9.7.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: cdn-sic.33across.com
URL: https://cdn-sic.33across.com/1/javascripts/sic.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.7.126 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: c7714be5150899442faf570cab4e7846a794e81d6b420300148d1f5a9a405c7a

Request headers

Referer: https://www.emuparadise.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 22:50:06 GMT
content-encoding: gzip
server: Server
age: 870
etag: 14b87a812615d68493a97e70b7b323fb
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 4f114016fe4d6c05531b0486ec2868be.cloudfront.net (CloudFront)
cache-control: public, max-age=900
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: YIpYdGPe2F0Sajrvj-q3tvMGlJJ7MjKzXOLvnX-FtcYYWMmgGD1WPQ==

GET
H2 200 authorize Show response
sic.33across.com/ 2 KB
1 KB 481ms
159ms Script
text/javascript 208.100.17.171
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL

https://sic.33across.com/authorize?usPrivacy=&version=3.9.1&agent=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F83.0.4103.61%20Safari%2F537.36&product=inview&userId=&sessionId=&publisherURL=https%3A%2F%2Fwww.emuparadise.me%2F&referrerURL=&publisherId=aIXlJ0wPOr6ijYaKlId8sQ&publisher=emuparadise.me&maxTouchPoints=0&navigatorPropsCount=54&viewportWidth=1600&viewportHeight=1200&screenWidth=1600&screenHeight=1200&screenAvailHeight=1200&devicePixelRatio=1&scrollX=0&scrollY=0&pageVisibility=visible&pageWidth=1600&pageHeight=2444&_=1606172677678&callback=_tynt_jp.agthbw17k

Requested by

Host: cdn-sic.33across.com
URL: https://cdn-sic.33across.com/1/javascripts/sic.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

208.100.17.171 Chicago, United States, ASN32748 (STEADFAST, US),

Reverse DNS

ip171.208-100-17.static.steadfastdns.net

Software

/ Love

Resource Hash

5d8899650637d2a94f757ad2056d371f116308e11ef7790e03921d46053376c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.emuparadise.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 23:04:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-powered-by: Love
etag: W/"645-k/Th5P3SG5K3R/lI6/DxvHIg/pA"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
access-control-allow-origin: *
access-control-allow-credentials: true
content-type: text/javascript; charset=utf-8
access-control-allow-headers: X-Requested-With, Authorization

GET
H2 200 v2 Show response
de.tynt.com/deb/ 4 B
202 B 365ms
144ms Script
application/javascript 208.100.17.184
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://de.tynt.com/deb/v2?m=xch&id=aIXlJ0wPOr6ijYaKlId8sQ&dn=RCIV&cc=1&r=
Requested by: Host: cdn.tynt.com
URL: https://cdn.tynt.com/rciv.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.100.17.184 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS
Software: /
Resource Hash: d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179

Request headers

Referer: https://www.emuparadise.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 23:04:37 GMT
cache-control: max-age=86400
content-type: application/javascript
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
content-length: 4
expires: Tue, 24 Nov 2020 23:04:37 GMT

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 140ms
140ms Image
text/plain 67.202.110.31
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=aIXlJ0wPOr6ijYaKlId8sQ&lm=0&ts=1606172677323&dn=RCIV&iso=0&t=Play%20classic%20video%20games%20on%20your%20computer%20or%20mobile%20device%20%7C%20Emuparadise
Requested by: Host: www.emuparadise.me
URL: https://www.emuparadise.me/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.110.31 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.emuparadise.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 23:04:37 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 200 j.ad Show response
s.tribalfusion.com/ Frame 185C 826 B
1 KB 786ms
786ms Script
application/x-javascript 104.18.13.5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/j.ad?flashVer=0&ver=1.28&th=9174587802&tagKey=2548689138&loaderVer=0.1&site=emuparadiseorg&adSpace=atf&center=1&json=1&callback=e9Manager.setSingleAdResponse&env=display&size=970x250,728x90&busted=1&url=https%3A%2F%2Fwww.emuparadise.me%2F&f=0&p=12600568&tKey=aSmneM3WYZbQsvA56FZdotErXaZbPQPXSDU&a=1&adContainerId=richmedia_2&rnd=12604996
Requested by: Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/real/tags/EmuParadiseorg/ATF/tags.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.13.5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 20164f6639aa5891538ef0ee7e61eaab008c4306312952d73738d1e106bec2b0

Request headers

Referer: https://www.emuparadise.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 23:04:38 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
p3p: CP="NOI DEVo TAIa OUR BUS"
content-length: 586
cf-request-id: 0698f32eb30000c79158353000000001
pragma: no-cache
x-function: 101
server: cloudflare
x-reuse-index: 1
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: private, no-cache, no-store, proxy-revalidate
cf-ray: 5f6e87c45b05c791-AMS
expires: 0

GET
H2 200 j.ad Show response
s.tribalfusion.com/ Frame E063 9 KB
4 KB 215ms
214ms Script
application/x-javascript 104.18.13.5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/j.ad?flashVer=0&ver=1.28&th=9174587802&tagKey=2548689138&loaderVer=0.1&site=emuparadiseorg&adSpace=atf&center=1&json=1&callback=e9Manager.setSingleAdResponse&env=display&size=160x600&busted=1&url=https%3A%2F%2Fwww.emuparadise.me%2F&f=0&p=12600568&tKey=aQmneMQPBI2dBp1HZbIntAxSS38QPXFxO&a=3&adContainerId=richmedia_4&rnd=12599325
Requested by: Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/real/tags/EmuParadiseorg/ATF/tags.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.13.5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3fe925f3c2370cc17a5c9c17cc5e1c4243b9319d90383d361245242fcaa3ce90

Request headers

Referer: https://www.emuparadise.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 23:04:37 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
p3p: CP="NOI DEVo TAIa OUR BUS"
content-length: 3893
cf-request-id: 0698f32ec00000c791e68ce000000001
pragma: no-cache
x-function: 101
server: cloudflare
x-reuse-index: 617
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: private, no-cache, no-store, proxy-revalidate
cf-ray: 5f6e87c46b2ac791-AMS
expires: 0

GET
H2 200 j.ad Show response
s.tribalfusion.com/ Frame 0462 3 KB
2 KB 207ms
206ms Script
application/x-javascript 104.18.13.5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/j.ad?flashVer=0&ver=1.28&th=9174587802&tagKey=2548689138&loaderVer=0.1&site=emuparadiseorg&adSpace=atf&center=1&json=1&callback=e9Manager.setSingleAdResponse&env=display&size=300x250&busted=1&url=https%3A%2F%2Fwww.emuparadise.me%2F&f=0&p=12600568&tKey=a9mneMUVrlWVnkSAJwUtYTYG7hQPXGaZd&a=5&adContainerId=richmedia_6&rnd=12605602
Requested by: Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/real/tags/EmuParadiseorg/ATF/tags.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.13.5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f131d6276874fcccbfd5949765af9193c00a6d0b99bdc12ecd3237e3cd5f8c8

Request headers

Referer: https://www.emuparadise.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 23:04:37 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
p3p: CP="NOI DEVo TAIa OUR BUS"
content-length: 1781
cf-request-id: 0698f32ec40000c791ff892000000001
pragma: no-cache
x-function: 101
server: cloudflare
x-reuse-index: 593
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: private, no-cache, no-store, proxy-revalidate
cf-ray: 5f6e87c46b33c791-AMS
expires: 0

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame B1D8 6 KB
3 KB 176ms
59ms XHR
application/javascript 65.9.7.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.7.126 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer: https://www.emuparadise.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 18:20:42 GMT
content-encoding: gzip
vary: Origin
age: 17037
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Wed, 30 Sep 2020 05:43:29 GMT
server: AmazonS3
etag: "a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 4874e0c922f34c928345f4c183ea11b4.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: t4EljE-12J_-Z2phPu5rts9tVPW9l5KT-MTrK4FlqhE8d5XJpxpOOw==

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 140ms
140ms Image
text/plain 67.202.110.31
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=aIXlJ0wPOr6ijYaKlId8sQ&lm=0&ts=1606172677323&dn=RCIV&iso=0&t=Play%20classic%20video%20games%20on%20your%20computer%20or%20mobile%20device%20%7C%20Emuparadise
Requested by: Host: www.emuparadise.me
URL: https://www.emuparadise.me/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.110.31 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.emuparadise.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 23:04:37 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame 0462 90 KB
32 KB 37ms
17ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/real/tags/EmuParadiseorg/ATF/tags.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0b54ef0645d382df73c0d53c8cc9217c1145c102bf51ec70ab321782343d1852

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.emuparadise.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 23:04:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 32285
x-xss-protection: 0
server: cafe
etag: 16266954004979377396
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 23 Nov 2020 23:04:38 GMT

GET
H2 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame E063 90 KB
32 KB 39ms
24ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/real/tags/EmuParadiseorg/ATF/tags.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0b54ef0645d382df73c0d53c8cc9217c1145c102bf51ec70ab321782343d1852

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.emuparadise.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 23:04:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 32285
x-xss-protection: 0
server: cafe
etag: 16266954004979377396
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 23 Nov 2020 23:04:38 GMT

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 140ms
140ms Image
text/plain 67.202.110.31
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=aIXlJ0wPOr6ijYaKlId8sQ&lm=0&ts=1606172677323&dn=RCIV&iso=0
Requested by: Host: www.emuparadise.me
URL: https://www.emuparadise.me/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.110.31 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.emuparadise.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 23:04:38 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H3-Q050 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/ Frame 0462 231 KB
87 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ad7386d16a056df5c235702a97a5fa4cee68e302d71041aa35df96151f756f48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.emuparadise.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 23:04:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 88601
x-xss-protection: 0
server: cafe
etag: 4353532171737760018
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 23 Nov 2020 23:04:38 GMT

GET
H3-Q050 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20201112/r20190131/ Frame 3666 0
0 7ms
6ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20201112/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20201112/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.emuparadise.me/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUm0DaZtXWqvxOeLBOV6HG4LoMOIzOn71AC7f5td4HvDVahO3i2HMC5n5jlm
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.emuparadise.me/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 23 Nov 2020 01:05:46 GMT
expires: Mon, 07 Dec 2020 01:05:46 GMT
content-type: text/html; charset=UTF-8
etag: 5228831996244654541
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4745
x-xss-protection: 0
age: 79132
cache-control: public, max-age=1209600
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2 200 p.media
s.tribalfusion.com/ Frame 9A2E 0
0 216ms
215ms Document
text/html 104.18.13.5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/p.media?clickID=ajmTR85U3WTFfFV6f5PEnXScvoSdjM0HBuTmUy3V3UXrYKUm2m2PMdQmJB2WYO0tJCntEw36U13cr6TcJdVcBlP6UxWWrWWrr55b6uVTUvVEJdSEnZaRGFZbRravRt7bVVrS2FPtmdaq0qqp3WQBSV7H5AJZbot6nTHbbXbfa1UB90qqsPbMZbTrQ2WtQ5nUQnPbrnXqZbt3abg2TnXmafI1rUfWHMSt6rwpubRCE&mediaDataID=6347136&mediaName=frame.html
Requested by: Host: www.emuparadise.me
URL: https://www.emuparadise.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.13.5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: s.tribalfusion.com
:scheme: https
:path: /p.media?clickID=ajmTR85U3WTFfFV6f5PEnXScvoSdjM0HBuTmUy3V3UXrYKUm2m2PMdQmJB2WYO0tJCntEw36U13cr6TcJdVcBlP6UxWWrWWrr55b6uVTUvVEJdSEnZaRGFZbRravRt7bVVrS2FPtmdaq0qqp3WQBSV7H5AJZbot6nTHbbXbfa1UB90qqsPbMZbTrQ2WtQ5nUQnPbrnXqZbt3abg2TnXmafI1rUfWHMSt6rwpubRCE&mediaDataID=6347136&mediaName=frame.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.emuparadise.me/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: ANON_ID=aEntPKRZdySNAIUMnYFxo9X3uvb4j6jfO8i0qIlZapNNnHZbfxmqkmbPaKaTaRI90WTwWb98jVGY1qqJKOKJjtVYdtR3xTZc
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.emuparadise.me/

Response headers

date: Mon, 23 Nov 2020 23:04:38 GMT
content-type: text/html; charset=utf-8
set-cookie: __cfduid=d5b2c760fe397e2d41d98a3de82e0bfe01606172678; expires=Wed, 23-Dec-20 23:04:38 GMT; path=/; domain=.tribalfusion.com; HttpOnly; SameSite=Lax
p3p: CP="NOI DEVo TAIa OUR BUS"
x-function: 102
x-reuse-index: 17
pragma: no-cache
cache-control: private, no-cache, no-store, proxy-revalidate
vary: Accept-Encoding
expires: 0
cf-cache-status: DYNAMIC
cf-request-id: 0698f32fdd0000c7915b139000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5f6e87c62da0c791-AMS
content-encoding: gzip

GET
H2 200 p.media
s.tribalfusion.com/ Frame 5F09 0
0 214ms
213ms Document
text/html 104.18.13.5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/p.media?clickID=almTR8Wrb15bEpUavrTEFcSTrIQGJZdQrAvPWQ9Vsv54bqondEr0qXy3tQEQGbZa4PBFotAqVWFf0rnaYUYf1aImPUYEWbn0TtBXorjxQrZbNYTFp5aZbg5Ef3oT7IYFU6THjToAYZbnGnnmHrJ2qvl5dar4mvZanb3JXV3TYcF2XG7nnEvU5Un2WbJBV6YVQab1QVZboPH3NYHJsTPrv2GUU0UZbDVminYmQStZbpwSW&mediaDataID=6546596&mediaName=frame.html
Requested by: Host: www.emuparadise.me
URL: https://www.emuparadise.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.13.5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: s.tribalfusion.com
:scheme: https
:path: /p.media?clickID=almTR8Wrb15bEpUavrTEFcSTrIQGJZdQrAvPWQ9Vsv54bqondEr0qXy3tQEQGbZa4PBFotAqVWFf0rnaYUYf1aImPUYEWbn0TtBXorjxQrZbNYTFp5aZbg5Ef3oT7IYFU6THjToAYZbnGnnmHrJ2qvl5dar4mvZanb3JXV3TYcF2XG7nnEvU5Un2WbJBV6YVQab1QVZboPH3NYHJsTPrv2GUU0UZbDVminYmQStZbpwSW&mediaDataID=6546596&mediaName=frame.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.emuparadise.me/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: ANON_ID=aEntPKRZdySNAIUMnYFxo9X3uvb4j6jfO8i0qIlZapNNnHZbfxmqkmbPaKaTaRI90WTwWb98jVGY1qqJKOKJjtVYdtR3xTZc
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.emuparadise.me/

Response headers

date: Mon, 23 Nov 2020 23:04:38 GMT
content-type: text/html; charset=utf-8
set-cookie: __cfduid=d5b2c760fe397e2d41d98a3de82e0bfe01606172678; expires=Wed, 23-Dec-20 23:04:38 GMT; path=/; domain=.tribalfusion.com; HttpOnly; SameSite=Lax
p3p: CP="NOI DEVo TAIa OUR BUS"
x-function: 102
x-reuse-index: 5
pragma: no-cache
cache-control: private, no-cache, no-store, proxy-revalidate
vary: Accept-Encoding
expires: 0
cf-cache-status: DYNAMIC
cf-request-id: 0698f32fe40000c791e68df000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5f6e87c63daac791-AMS
content-encoding: gzip

GET
H2 200 p.media
s.tribalfusion.com/ Frame 390D 0
0 213ms
212ms Document
text/html 104.18.13.5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/p.media?clickID=aBmTR8TtQ2orJmPUjM1qnr3Tfi4EQPnTFI1bbcTd7Xm6MImGQmmHYG2Tvg3taN56nEnbMZa0GMX1s320GvxmTFS5bUUTrBGUAf1REYQPGrMQdUM1WBwVmQy4s3UXbZbKUmys2PMaP6jB4WQO1drZcptIv4PBS5cUdTsM9WcMePP3oUtFVWrJP2UAsVTMxWqJbQaBKRcYJRFItPtncWcn52F6xodqq5TqInb7sSP&mediaDataID=4056396&mediaName=frame.html
Requested by: Host: www.emuparadise.me
URL: https://www.emuparadise.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.13.5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: s.tribalfusion.com
:scheme: https
:path: /p.media?clickID=aBmTR8TtQ2orJmPUjM1qnr3Tfi4EQPnTFI1bbcTd7Xm6MImGQmmHYG2Tvg3taN56nEnbMZa0GMX1s320GvxmTFS5bUUTrBGUAf1REYQPGrMQdUM1WBwVmQy4s3UXbZbKUmys2PMaP6jB4WQO1drZcptIv4PBS5cUdTsM9WcMePP3oUtFVWrJP2UAsVTMxWqJbQaBKRcYJRFItPtncWcn52F6xodqq5TqInb7sSP&mediaDataID=4056396&mediaName=frame.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.emuparadise.me/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: ANON_ID=aEntPKRZdySNAIUMnYFxo9X3uvb4j6jfO8i0qIlZapNNnHZbfxmqkmbPaKaTaRI90WTwWb98jVGY1qqJKOKJjtVYdtR3xTZc
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.emuparadise.me/

Response headers

date: Mon, 23 Nov 2020 23:04:38 GMT
content-type: text/html; charset=utf-8
set-cookie: __cfduid=d5b2c760fe397e2d41d98a3de82e0bfe01606172678; expires=Wed, 23-Dec-20 23:04:38 GMT; path=/; domain=.tribalfusion.com; HttpOnly; SameSite=Lax
p3p: CP="NOI DEVo TAIa OUR BUS"
x-function: 102
x-reuse-index: 359
pragma: no-cache
cache-control: private, no-cache, no-store, proxy-revalidate
vary: Accept-Encoding
expires: 0
cf-cache-status: DYNAMIC
cf-request-id: 0698f32fe10000c7919ab72000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5f6e87c63dabc791-AMS
content-encoding: gzip

GET
H3-Q050 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/ Frame E063 231 KB
87 KB 33ms
32ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ad7386d16a056df5c235702a97a5fa4cee68e302d71041aa35df96151f756f48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.emuparadise.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 23:04:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 88601
x-xss-protection: 0
server: cafe
etag: 4353532171737760018
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 23 Nov 2020 23:04:38 GMT

GET
H2 200 p.media
s.tribalfusion.com/ Frame C45B 0
0 207ms
206ms Document
text/html 104.18.13.5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/p.media?clickID=aYmTR82mQZamdAqUtJa0rMd1UQg1TErSbnZbWFn2WWUWmUFoQUFq1Erp4E7l4arRmqrKYbZb7WHf0oPnLnG7mpHUE5q3e5HIs3AnJprYEYcQ0YsFY1srunqrQ5UY2VrnHVAnXREU3Qc3sStJr0HZbsTmnu3GB5XFrZcT6Xq4PZb8R6bK2HZbqXWrAptEM3PZbP4Vj6TVJ8VVrfP6ryWWUWUFfP5b2uUqjoQqUTu1jFZa4&mediaDataID=9148826&mediaName=frame.html
Requested by: Host: www.emuparadise.me
URL: https://www.emuparadise.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.13.5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: s.tribalfusion.com
:scheme: https
:path: /p.media?clickID=aYmTR82mQZamdAqUtJa0rMd1UQg1TErSbnZbWFn2WWUWmUFoQUFq1Erp4E7l4arRmqrKYbZb7WHf0oPnLnG7mpHUE5q3e5HIs3AnJprYEYcQ0YsFY1srunqrQ5UY2VrnHVAnXREU3Qc3sStJr0HZbsTmnu3GB5XFrZcT6Xq4PZb8R6bK2HZbqXWrAptEM3PZbP4Vj6TVJ8VVrfP6ryWWUWUFfP5b2uUqjoQqUTu1jFZa4&mediaDataID=9148826&mediaName=frame.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.emuparadise.me/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: ANON_ID=aEntPKRZdySNAIUMnYFxo9X3uvb4j6jfO8i0qIlZapNNnHZbfxmqkmbPaKaTaRI90WTwWb98jVGY1qqJKOKJjtVYdtR3xTZc
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.emuparadise.me/

Response headers

date: Mon, 23 Nov 2020 23:04:38 GMT
content-type: text/html; charset=utf-8
set-cookie: __cfduid=d5b2c760fe397e2d41d98a3de82e0bfe01606172678; expires=Wed, 23-Dec-20 23:04:38 GMT; path=/; domain=.tribalfusion.com; HttpOnly; SameSite=Lax
p3p: CP="NOI DEVo TAIa OUR BUS"
x-function: 102
x-reuse-index: 848
pragma: no-cache
cache-control: private, no-cache, no-store, proxy-revalidate
vary: Accept-Encoding
expires: 0
cf-cache-status: DYNAMIC
cf-request-id: 0698f32ff40000c7915b13b000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5f6e87c65dc9c791-AMS
content-encoding: gzip

GET
H2 200 p.media
s.tribalfusion.com/ Frame 87C1 0
0 216ms
215ms Document
text/html 104.18.13.5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/p.media?clickID=a1mTR83A7ZbprMZb0VvVYsn5XGrxmqFT2bM2TUBBV6MTPanXPcMtStbw0dZbpV6rp2VJWXFULVmuu2AU8P6MA3WnoXdQJpWaO36JV3sQgUGnjWsMjRPYMTWQRWr7P3U2nVqMrTTv9QTQZcQVZbCQFZatPWrdVcbU4UXsmtAnXqev4dMZdQVrH2mMHmWEqVHfcYFfaYbYi1TysPUvDWbQYVH3WorQxRUrr4aYHv57wOZb&mediaDataID=8039566&mediaName=frame.html
Requested by: Host: www.emuparadise.me
URL: https://www.emuparadise.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.13.5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: s.tribalfusion.com
:scheme: https
:path: /p.media?clickID=a1mTR83A7ZbprMZb0VvVYsn5XGrxmqFT2bM2TUBBV6MTPanXPcMtStbw0dZbpV6rp2VJWXFULVmuu2AU8P6MA3WnoXdQJpWaO36JV3sQgUGnjWsMjRPYMTWQRWr7P3U2nVqMrTTv9QTQZcQVZbCQFZatPWrdVcbU4UXsmtAnXqev4dMZdQVrH2mMHmWEqVHfcYFfaYbYi1TysPUvDWbQYVH3WorQxRUrr4aYHv57wOZb&mediaDataID=8039566&mediaName=frame.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.emuparadise.me/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: ANON_ID=aEntPKRZdySNAIUMnYFxo9X3uvb4j6jfO8i0qIlZapNNnHZbfxmqkmbPaKaTaRI90WTwWb98jVGY1qqJKOKJjtVYdtR3xTZc
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.emuparadise.me/

Response headers

date: Mon, 23 Nov 2020 23:04:38 GMT
content-type: text/html; charset=utf-8
set-cookie: __cfduid=d5b2c760fe397e2d41d98a3de82e0bfe01606172678; expires=Wed, 23-Dec-20 23:04:38 GMT; path=/; domain=.tribalfusion.com; HttpOnly; SameSite=Lax
p3p: CP="NOI DEVo TAIa OUR BUS"
x-function: 102
x-reuse-index: 970
pragma: no-cache
cache-control: private, no-cache, no-store, proxy-revalidate
vary: Accept-Encoding
expires: 0
cf-cache-status: DYNAMIC
cf-request-id: 0698f32ff90000c791d6a4f000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5f6e87c65dcfc791-AMS
content-encoding: gzip

GET
H2 200 p.media
s.tribalfusion.com/ Frame 52E3 0
0 207ms
207ms Document
text/html 104.18.13.5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/p.media?clickID=a3mTR836YR3sr6TGMcVcFhPPnmTWZbVUbFP5ritVTnvVq3cPTnZdQV7ZbQbZaoRHriWsj34Uupod6M0amv2dbFPGJB2AYZcmW6NVWYa0bUkXr790qqoRUvFTrM2TtUWmFQoQUbo1Erm5TFl2aMRnaJG1bB8TtMRmPQZanVUqoHfD5EU73dmr3AZbGmUfZdYGUWXGF20svNmanU5brRTr7EWmrTREbQScZbsVWJZctn3mAT&mediaDataID=6807466&mediaName=frame.html
Requested by: Host: www.emuparadise.me
URL: https://www.emuparadise.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.13.5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: s.tribalfusion.com
:scheme: https
:path: /p.media?clickID=a3mTR836YR3sr6TGMcVcFhPPnmTWZbVUbFP5ritVTnvVq3cPTnZdQV7ZbQbZaoRHriWsj34Uupod6M0amv2dbFPGJB2AYZcmW6NVWYa0bUkXr790qqoRUvFTrM2TtUWmFQoQUbo1Erm5TFl2aMRnaJG1bB8TtMRmPQZanVUqoHfD5EU73dmr3AZbGmUfZdYGUWXGF20svNmanU5brRTr7EWmrTREbQScZbsVWJZctn3mAT&mediaDataID=6807466&mediaName=frame.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.emuparadise.me/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: ANON_ID=aEntPKRZdySNAIUMnYFxo9X3uvb4j6jfO8i0qIlZapNNnHZbfxmqkmbPaKaTaRI90WTwWb98jVGY1qqJKOKJjtVYdtR3xTZc
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.emuparadise.me/

Response headers

date: Mon, 23 Nov 2020 23:04:38 GMT
content-type: text/html; charset=utf-8
set-cookie: __cfduid=d5b2c760fe397e2d41d98a3de82e0bfe01606172678; expires=Wed, 23-Dec-20 23:04:38 GMT; path=/; domain=.tribalfusion.com; HttpOnly; SameSite=Lax
p3p: CP="NOI DEVo TAIa OUR BUS"
x-function: 102
x-reuse-index: 263
pragma: no-cache
cache-control: private, no-cache, no-store, proxy-revalidate
vary: Accept-Encoding
expires: 0
cf-cache-status: DYNAMIC
cf-request-id: 0698f32ff90000c7915d02b000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5f6e87c65dd0c791-AMS
content-encoding: gzip

GET
H2 200 p.media
s.tribalfusion.com/ Frame 8FBA 0
0 488ms
487ms Document
text/html 104.18.13.5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/p.media?clickID=a5mTR8VWJ60bnaYFF61T6qPbMZcUrQ2VHnWob7qQrfNYaQr4Tbk2aQ3nEJDYrFfUdr0mPnJpGrumWnD3EZbh2tZap3mfZdpFQZc0G7U1cvV1cBnnEvQ3bv5WrbBUAMTPqbXPc3nStbv1tfpT6vp3Gr10FYIUAim4ArbPmJE2WZbrXWYAnt2v36rY4VYfTVQ7VGMeR6FMTWZbVWFZb45UZaoWEvvTTJlSTBZcTsZbvrt3Zc8y&mediaDataID=6680176&mediaName=frame.html
Requested by: Host: www.emuparadise.me
URL: https://www.emuparadise.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.13.5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: s.tribalfusion.com
:scheme: https
:path: /p.media?clickID=a5mTR8VWJ60bnaYFF61T6qPbMZcUrQ2VHnWob7qQrfNYaQr4Tbk2aQ3nEJDYrFfUdr0mPnJpGrumWnD3EZbh2tZap3mfZdpFQZc0G7U1cvV1cBnnEvQ3bv5WrbBUAMTPqbXPc3nStbv1tfpT6vp3Gr10FYIUAim4ArbPmJE2WZbrXWYAnt2v36rY4VYfTVQ7VGMeR6FMTWZbVWFZb45UZaoWEvvTTJlSTBZcTsZbvrt3Zc8y&mediaDataID=6680176&mediaName=frame.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.emuparadise.me/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: ANON_ID=aEntPKRZdySNAIUMnYFxo9X3uvb4j6jfO8i0qIlZapNNnHZbfxmqkmbPaKaTaRI90WTwWb98jVGY1qqJKOKJjtVYdtR3xTZc
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.emuparadise.me/

Response headers

date: Mon, 23 Nov 2020 23:04:38 GMT
content-type: text/html; charset=utf-8
set-cookie: __cfduid=d5b2c760fe397e2d41d98a3de82e0bfe01606172678; expires=Wed, 23-Dec-20 23:04:38 GMT; path=/; domain=.tribalfusion.com; HttpOnly; SameSite=Lax
p3p: CP="NOI DEVo TAIa OUR BUS"
x-function: 102
x-reuse-index: 304
pragma: no-cache
cache-control: private, no-cache, no-store, proxy-revalidate
vary: Accept-Encoding
expires: 0
cf-cache-status: DYNAMIC
cf-request-id: 0698f32ffa0000c791e68e1000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5f6e87c65dd2c791-AMS
content-encoding: gzip

GET
H2 200 p.media
s.tribalfusion.com/ Frame DBE0 0
0 204ms
204ms Document
text/html 104.18.13.5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/p.media?clickID=a8mTR80bnb1UBf0qAqSFrEWUrPWW3XnFfxRFFnXaYy5qBj5aQXoTZbHXb78UHjXm67DnVvomHML5TUh3tmq4AFLpFrZb0s3R1cZbYXGFnmqB43FFSVrJAVPr1REvQQVZbqPtFvYtJqV6ru4s3UYbvZbV6un56Zb8PmFH2Hvn0WBKpdEo5mBR3sYgUGvdUsZbjSmFuUWFRTFr15UisUEMpVa3lSTBFQVQJWUaCqQNu1B&mediaDataID=6719746&mediaName=frame.html
Requested by: Host: www.emuparadise.me
URL: https://www.emuparadise.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.13.5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: s.tribalfusion.com
:scheme: https
:path: /p.media?clickID=a8mTR80bnb1UBf0qAqSFrEWUrPWW3XnFfxRFFnXaYy5qBj5aQXoTZbHXb78UHjXm67DnVvomHML5TUh3tmq4AFLpFrZb0s3R1cZbYXGFnmqB43FFSVrJAVPr1REvQQVZbqPtFvYtJqV6ru4s3UYbvZbV6un56Zb8PmFH2Hvn0WBKpdEo5mBR3sYgUGvdUsZbjSmFuUWFRTFr15UisUEMpVa3lSTBFQVQJWUaCqQNu1B&mediaDataID=6719746&mediaName=frame.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.emuparadise.me/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: ANON_ID=aEntPKRZdySNAIUMnYFxo9X3uvb4j6jfO8i0qIlZapNNnHZbfxmqkmbPaKaTaRI90WTwWb98jVGY1qqJKOKJjtVYdtR3xTZc
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.emuparadise.me/

Response headers

date: Mon, 23 Nov 2020 23:04:38 GMT
content-type: text/html; charset=utf-8
set-cookie: __cfduid=d5b2c760fe397e2d41d98a3de82e0bfe01606172678; expires=Wed, 23-Dec-20 23:04:38 GMT; path=/; domain=.tribalfusion.com; HttpOnly; SameSite=Lax
p3p: CP="NOI DEVo TAIa OUR BUS"
x-function: 102
x-reuse-index: 11
pragma: no-cache
cache-control: private, no-cache, no-store, proxy-revalidate
vary: Accept-Encoding
expires: 0
cf-cache-status: DYNAMIC
cf-request-id: 0698f32fff0000c791cb3e4000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5f6e87c66de0c791-AMS
content-encoding: gzip

GET
H2 200 p.media
s.tribalfusion.com/ Frame 0F70 0
0 256ms
255ms Document
text/html 104.18.13.5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/p.media?clickID=aamTR81c33XG7upEfS5FJUTFBCUPU0PT3QSsMoPWJr1WjnW6Uv4sn0YFvITmuw4mFgPmbC4WYMXHYKnd2u46MT3GM9VVM6UcrjPPvoTHM3UbM53FZaxVq3sTTUlQaBZaRVBZcRrIrRHndUVv55rTrot6qYEev2t3CQVBC4mJZbmdAyTHQ60b3kXUjk1qIOSFJHUbB2WHB2oF7rRbbqYqQy3TUa2a7Ytq7ptKWCsA&mediaDataID=7665496&mediaName=frame.html
Requested by: Host: www.emuparadise.me
URL: https://www.emuparadise.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.13.5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: s.tribalfusion.com
:scheme: https
:path: /p.media?clickID=aamTR81c33XG7upEfS5FJUTFBCUPU0PT3QSsMoPWJr1WjnW6Uv4sn0YFvITmuw4mFgPmbC4WYMXHYKnd2u46MT3GM9VVM6UcrjPPvoTHM3UbM53FZaxVq3sTTUlQaBZaRVBZcRrIrRHndUVv55rTrot6qYEev2t3CQVBC4mJZbmdAyTHQ60b3kXUjk1qIOSFJHUbB2WHB2oF7rRbbqYqQy3TUa2a7Ytq7ptKWCsA&mediaDataID=7665496&mediaName=frame.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.emuparadise.me/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: ANON_ID=aEntPKRZdySNAIUMnYFxo9X3uvb4j6jfO8i0qIlZapNNnHZbfxmqkmbPaKaTaRI90WTwWb98jVGY1qqJKOKJjtVYdtR3xTZc
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.emuparadise.me/

Response headers

date: Mon, 23 Nov 2020 23:04:38 GMT
content-type: text/html; charset=utf-8
set-cookie: __cfduid=d5b2c760fe397e2d41d98a3de82e0bfe01606172678; expires=Wed, 23-Dec-20 23:04:38 GMT; path=/; domain=.tribalfusion.com; HttpOnly; SameSite=Lax
p3p: CP="NOI DEVo TAIa OUR BUS"
x-function: 102
x-reuse-index: 2
pragma: no-cache
cache-control: private, no-cache, no-store, proxy-revalidate
vary: Accept-Encoding
expires: 0
cf-cache-status: DYNAMIC
cf-request-id: 0698f3302a0000c79158364000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5f6e87c6ae2fc791-AMS
content-encoding: gzip

GET
H2 200 p.media
s.tribalfusion.com/ Frame 0326 0
0 254ms
253ms Document
text/html 104.18.13.5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/p.media?clickID=acmTR8UcbfPP3wUdMPTbnY5barWaMmWEnlSEnKRsZbCPUimSHQcUVUP5UTmmd6OXT6n2tMHSG7Zc26QZbodXsUWjc0Uvd1bjlXayoPbrZbTrvSVdJ5nrFsPFjn1EYy5aUj5an4oTZbEYrF8WH7Xnm3ZdpVrnptfD3Tri3dEm5AvZaprMEXVfQ1cnV1VFvmqFW2rFVVrnBVmf5RqU5SV3tQHBrYtvuT6bu1V3kp2UJyL&mediaDataID=5436426&mediaName=frame.html
Requested by: Host: www.emuparadise.me
URL: https://www.emuparadise.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.13.5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: s.tribalfusion.com
:scheme: https
:path: /p.media?clickID=acmTR8UcbfPP3wUdMPTbnY5barWaMmWEnlSEnKRsZbCPUimSHQcUVUP5UTmmd6OXT6n2tMHSG7Zc26QZbodXsUWjc0Uvd1bjlXayoPbrZbTrvSVdJ5nrFsPFjn1EYy5aUj5an4oTZbEYrF8WH7Xnm3ZdpVrnptfD3Tri3dEm5AvZaprMEXVfQ1cnV1VFvmqFW2rFVVrnBVmf5RqU5SV3tQHBrYtvuT6bu1V3kp2UJyL&mediaDataID=5436426&mediaName=frame.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.emuparadise.me/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: ANON_ID=aEntPKRZdySNAIUMnYFxo9X3uvb4j6jfO8i0qIlZapNNnHZbfxmqkmbPaKaTaRI90WTwWb98jVGY1qqJKOKJjtVYdtR3xTZc
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.emuparadise.me/

Response headers

date: Mon, 23 Nov 2020 23:04:38 GMT
content-type: text/html; charset=utf-8
set-cookie: __cfduid=d5b2c760fe397e2d41d98a3de82e0bfe01606172678; expires=Wed, 23-Dec-20 23:04:38 GMT; path=/; domain=.tribalfusion.com; HttpOnly; SameSite=Lax
p3p: CP="NOI DEVo TAIa OUR BUS"
x-function: 102
x-reuse-index: 733
pragma: no-cache
cache-control: private, no-cache, no-store, proxy-revalidate
vary: Accept-Encoding
expires: 0
cf-cache-status: DYNAMIC
cf-request-id: 0698f3302a0000c791c62c2000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5f6e87c6ae32c791-AMS
content-encoding: gzip

GET
H2 200 p.media
s.tribalfusion.com/ Frame 48AB 0
0 818ms
818ms Document
text/html 104.18.13.5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/p.media?clickID=aemTR8XaisPbQGWFY0VtY4orbsQUBqXEMy3Ebh5EMRmqfBXrb9WHZbWnP3KnGnwod7L3TUf5tay3P7ZanrbZcYGUW1VU5XsZbopTnQ5Uv2WbJZcWP71PqMXPVMoStJr1HvnW6rO4snYXU3IVmmw56vcRmfB3dZbr0HvZbntey56BS3srgTsJcUcJ8SmMwUWZbUTUM03U2tVEboTav7SaQZdScFCRruvPH7dPsvarNp38p&mediaDataID=6530936&mediaName=frame.html
Requested by: Host: www.emuparadise.me
URL: https://www.emuparadise.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.13.5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: s.tribalfusion.com
:scheme: https
:path: /p.media?clickID=aemTR8XaisPbQGWFY0VtY4orbsQUBqXEMy3Ebh5EMRmqfBXrb9WHZbWnP3KnGnwod7L3TUf5tay3P7ZanrbZcYGUW1VU5XsZbopTnQ5Uv2WbJZcWP71PqMXPVMoStJr1HvnW6rO4snYXU3IVmmw56vcRmfB3dZbr0HvZbntey56BS3srgTsJcUcJ8SmMwUWZbUTUM03U2tVEboTav7SaQZdScFCRruvPH7dPsvarNp38p&mediaDataID=6530936&mediaName=frame.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.emuparadise.me/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: ANON_ID=aEntPKRZdySNAIUMnYFxo9X3uvb4j6jfO8i0qIlZapNNnHZbfxmqkmbPaKaTaRI90WTwWb98jVGY1qqJKOKJjtVYdtR3xTZc
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.emuparadise.me/

Response headers

date: Mon, 23 Nov 2020 23:04:38 GMT
content-type: text/html; charset=utf-8
set-cookie: __cfduid=d5b2c760fe397e2d41d98a3de82e0bfe01606172678; expires=Wed, 23-Dec-20 23:04:38 GMT; path=/; domain=.tribalfusion.com; HttpOnly; SameSite=Lax
p3p: CP="NOI DEVo TAIa OUR BUS"
x-function: 102
x-reuse-index: 1
pragma: no-cache
cache-control: private, no-cache, no-store, proxy-revalidate
vary: Accept-Encoding
expires: 0
cf-cache-status: DYNAMIC
cf-request-id: 0698f3302c0000c791c62c3000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5f6e87c6ae33c791-AMS
content-encoding: gzip

GET
H2 200 p.media
s.tribalfusion.com/ Frame 2BAB 0
0 254ms
254ms Document
text/html 104.18.13.5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/p.media?clickID=agmTR8pT7U5U3VVbFZaV6f3REr0PVvnSHjrYdJtWAvp2VU2YUMJVm2r5Av9P6fK2tFM0HYIpdIm3mYS5sj6Ucr6UVjhP6nmWdZbRWrBP2FauWajmVT3cQEUKQVZbCPFumSHn6UVUS4FmmodeOYE2M4tnEPsrG46nKotioTWQ70bnkYFYeXaAMRFvHUUn1WWJ3mFQqQbMr1qro3aFk4TrRoTMI1rU8Rd79rf8hC7&mediaDataID=2713736&mediaName=frame.html
Requested by: Host: www.emuparadise.me
URL: https://www.emuparadise.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.13.5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: s.tribalfusion.com
:scheme: https
:path: /p.media?clickID=agmTR8pT7U5U3VVbFZaV6f3REr0PVvnSHjrYdJtWAvp2VU2YUMJVm2r5Av9P6fK2tFM0HYIpdIm3mYS5sj6Ucr6UVjhP6nmWdZbRWrBP2FauWajmVT3cQEUKQVZbCPFumSHn6UVUS4FmmodeOYE2M4tnEPsrG46nKotioTWQ70bnkYFYeXaAMRFvHUUn1WWJ3mFQqQbMr1qro3aFk4TrRoTMI1rU8Rd79rf8hC7&mediaDataID=2713736&mediaName=frame.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.emuparadise.me/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: ANON_ID=aEntPKRZdySNAIUMnYFxo9X3uvb4j6jfO8i0qIlZapNNnHZbfxmqkmbPaKaTaRI90WTwWb98jVGY1qqJKOKJjtVYdtR3xTZc
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.emuparadise.me/

Response headers

date: Mon, 23 Nov 2020 23:04:38 GMT
content-type: text/html; charset=utf-8
set-cookie: __cfduid=d5b2c760fe397e2d41d98a3de82e0bfe01606172678; expires=Wed, 23-Dec-20 23:04:38 GMT; path=/; domain=.tribalfusion.com; HttpOnly; SameSite=Lax
p3p: CP="NOI DEVo TAIa OUR BUS"
x-function: 102
x-reuse-index: 436
pragma: no-cache
cache-control: private, no-cache, no-store, proxy-revalidate
vary: Accept-Encoding
expires: 0
cf-cache-status: DYNAMIC
cf-request-id: 0698f3302b0000c791a3816000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5f6e87c6ae35c791-AMS
content-encoding: gzip

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame 0462 204 B
262 B 166ms
59ms Script
text/javascript 172.217.18.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.emuparadise.me&callback=_gfp_s_&client=ca-pub-8349397313676385

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s29-in-f2.1e100.net

Software

cafe /

Resource Hash

f82510f132509276c651fc5c5170d05c9171ed075e95c1bdef067400507ee28e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.emuparadise.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 23:04:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 193
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 0462 109 B
803 B 34ms
14ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.emuparadise.me

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.emuparadise.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 23 Nov 2020 23:04:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 0462 109 B
803 B 34ms
14ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.emuparadise.me

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.emuparadise.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 23 Nov 2020 23:04:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame 5A05 0
0 347ms
346ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-8349397313676385&output=html&h=250&slotname=7797732353&adk=1624638799&adf=1923364441&pi=t.ma~as.7797732353&w=300&url=https%3A%2F%2Fwww.emuparadise.me%2F&ea=0&flash=0&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1606172678052&bpp=17&bdt=843&idt=112&shv=r20201112&cbv=r20190131&ptt=5&saldr=sa&correlator=2283660471199&frm=23&ife=1&pv=2&ga_vid=2142255762.1606172677&ga_sid=1606172678&ga_hid=314828876&ga_fc=1&iag=3&icsg=41558&nhd=1&dssz=10&mdo=0&mso=64&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1060&ady=447&biw=1600&bih=1200&isw=300&ish=250&ifk=2323582349&scr_x=0&scr_y=0&eid=21066429&oid=3&pvsid=1192835452081720&pem=758&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.c83kdj4bzrst&fsb=1&dtd=133

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14716746733404753348/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14716746733404753348/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMP6ur_jme0CFRP2dwodQZYJ_g&gqi=BkC8X4KFDIXW-gbe977YCA&layout=/sadbundle/%24csp%253Der3%24/14716746733404753348/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-8349397313676385&output=html&h=250&slotname=7797732353&adk=1624638799&adf=1923364441&pi=t.ma~as.7797732353&w=300&url=https%3A%2F%2Fwww.emuparadise.me%2F&ea=0&flash=0&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1606172678052&bpp=17&bdt=843&idt=112&shv=r20201112&cbv=r20190131&ptt=5&saldr=sa&correlator=2283660471199&frm=23&ife=1&pv=2&ga_vid=2142255762.1606172677&ga_sid=1606172678&ga_hid=314828876&ga_fc=1&iag=3&icsg=41558&nhd=1&dssz=10&mdo=0&mso=64&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1060&ady=447&biw=1600&bih=1200&isw=300&ish=250&ifk=2323582349&scr_x=0&scr_y=0&eid=21066429&oid=3&pvsid=1192835452081720&pem=758&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.c83kdj4bzrst&fsb=1&dtd=133
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.emuparadise.me/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUm0DaZtXWqvxOeLBOV6HG4LoMOIzOn71AC7f5td4HvDVahO3i2HMC5n5jlm
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.emuparadise.me/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14716746733404753348/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14716746733404753348/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMP6ur_jme0CFRP2dwodQZYJ_g&gqi=BkC8X4KFDIXW-gbe977YCA&layout=/sadbundle/%24csp%253Der3%24/14716746733404753348/index.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 23 Nov 2020 23:04:38 GMT
server: cafe
content-length: 32014
x-xss-protection: 0
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0462 73 KB
28 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d56ee6a2ba915ad87e2dc9b49d9199563f3b35f9e048938e84d1a033e5c2b1c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.emuparadise.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 23:04:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1605702985553312"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28207
x-xss-protection: 0
expires: Mon, 23 Nov 2020 23:04:38 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame E063 204 B
640 B 140ms
58ms Script
text/javascript 172.217.18.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.emuparadise.me&callback=_gfp_s_&client=ca-pub-8349397313676385

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s29-in-f2.1e100.net

Software

cafe /

Resource Hash

ee05dbc4505c5f758fec5dba52ed164048f2d2448088e842a160fbeb79401932

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.emuparadise.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 23:04:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 192
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame E063 109 B
169 B 14ms
14ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.emuparadise.me

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.emuparadise.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 23 Nov 2020 23:04:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame E063 109 B
169 B 14ms
14ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.emuparadise.me

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.emuparadise.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 23 Nov 2020 23:04:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame 40E1 0
0 357ms
356ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-8349397313676385&output=html&h=600&slotname=1751198753&adk=1179831814&adf=2638734761&pi=t.ma~as.1751198753&w=160&url=https%3A%2F%2Fwww.emuparadise.me%2F&ea=0&flash=0&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1606172678087&bpp=12&bdt=886&idt=110&shv=r20201112&cbv=r20190131&ptt=5&saldr=sa&correlator=2283660471199&frm=23&ife=1&pv=1&ga_vid=2142255762.1606172677&ga_sid=1606172678&ga_hid=45244294&ga_fc=1&iag=3&icsg=41558&nhd=1&dssz=10&mdo=0&mso=64&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=276&ady=660&biw=1600&bih=1200&isw=160&ish=600&ifk=919583899&scr_x=0&scr_y=0&oid=3&pvsid=3982386425682452&pem=758&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.n8txz7ajttmo&fsb=1&dtd=117

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17642495044548810185/patientjourneymapping-160-600.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17642495044548810185/patientjourneymapping-160-600.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLT2u7_jme0CFaOAgwcd8-wN-Q&gqi=BkC8X72QDcPTgAfStqvABQ&layout=/sadbundle/%24csp%253Der3%24/17642495044548810185/patientjourneymapping-160-600.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-8349397313676385&output=html&h=600&slotname=1751198753&adk=1179831814&adf=2638734761&pi=t.ma~as.1751198753&w=160&url=https%3A%2F%2Fwww.emuparadise.me%2F&ea=0&flash=0&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1606172678087&bpp=12&bdt=886&idt=110&shv=r20201112&cbv=r20190131&ptt=5&saldr=sa&correlator=2283660471199&frm=23&ife=1&pv=1&ga_vid=2142255762.1606172677&ga_sid=1606172678&ga_hid=45244294&ga_fc=1&iag=3&icsg=41558&nhd=1&dssz=10&mdo=0&mso=64&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=276&ady=660&biw=1600&bih=1200&isw=160&ish=600&ifk=919583899&scr_x=0&scr_y=0&oid=3&pvsid=3982386425682452&pem=758&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.n8txz7ajttmo&fsb=1&dtd=117
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.emuparadise.me/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUm0DaZtXWqvxOeLBOV6HG4LoMOIzOn71AC7f5td4HvDVahO3i2HMC5n5jlm
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.emuparadise.me/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17642495044548810185/patientjourneymapping-160-600.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17642495044548810185/patientjourneymapping-160-600.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLT2u7_jme0CFaOAgwcd8-wN-Q&gqi=BkC8X72QDcPTgAfStqvABQ&layout=/sadbundle/%24csp%253Der3%24/17642495044548810185/patientjourneymapping-160-600.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 23 Nov 2020 23:04:38 GMT
server: cafe
content-length: 31864
x-xss-protection: 0
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame E063 73 KB
28 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d56ee6a2ba915ad87e2dc9b49d9199563f3b35f9e048938e84d1a033e5c2b1c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.emuparadise.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 23:04:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1605702985553312"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28207
x-xss-protection: 0
expires: Mon, 23 Nov 2020 23:04:38 GMT

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 374ms
370ms Image
text/plain 67.202.110.31
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=aIXlJ0wPOr6ijYaKlId8sQ&lm=0&ts=1606172677323&dn=RCIV&iso=0
Requested by: Host: www.emuparadise.me
URL: https://www.emuparadise.me/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.110.31 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.emuparadise.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 23:04:38 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame B9C2 54 KB
18 KB 179ms
79ms Script
text/javascript 172.217.18.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn-sic.33across.com
URL: https://cdn-sic.33across.com/1/javascripts/sic.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s29-in-f2.1e100.net

Software

sffe /

Resource Hash

b9ba39b5cbc0e5d0c08c16b14acaf33f297c0a854b7e22f376af3e9050f2d553

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.emuparadise.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 23:04:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "703 / 802 of 1000 / last-modified: 1606134076"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18520
x-xss-protection: 0
expires: Mon, 23 Nov 2020 23:04:38 GMT

GET
H3-Q050 200 pubads_impl_2020111701.js Show response
securepubads.g.doubleclick.net/gpt/ Frame B9C2 277 KB
98 KB 133ms
84ms Script
text/javascript 172.217.18.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111701.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.18.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s29-in-f2.1e100.net

Software

sffe /

Resource Hash

68963209b16bd2a387c310495d51021d2fc57e5df9cb87ac98a0505c0daeca43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.emuparadise.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 23:04:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 17 Nov 2020 09:43:24 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 99766
x-xss-protection: 0
expires: Mon, 23 Nov 2020 23:04:38 GMT

GET
H3-Q050 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame 185C 90 KB
32 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/real/tags/EmuParadiseorg/ATF/tags.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0b54ef0645d382df73c0d53c8cc9217c1145c102bf51ec70ab321782343d1852

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.emuparadise.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 23:04:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 32285
x-xss-protection: 0
server: cafe
etag: 16266954004979377396
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 23 Nov 2020 23:04:38 GMT

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 179ms
178ms Image
text/plain 67.202.110.31
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=aIXlJ0wPOr6ijYaKlId8sQ&lm=0&ts=1606172677323&dn=RCIV&iso=0
Requested by: Host: www.emuparadise.me
URL: https://www.emuparadise.me/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.110.31 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.emuparadise.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 23:04:38 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H3-Q050 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/ Frame 185C 231 KB
87 KB 66ms
65ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ad7386d16a056df5c235702a97a5fa4cee68e302d71041aa35df96151f756f48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.emuparadise.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 23:04:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 88601
x-xss-protection: 0
server: cafe
etag: 4353532171737760018
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 23 Nov 2020 23:04:38 GMT

GET
H3-Q050 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame 185C 12 B
205 B 76ms
75ms Script
text/javascript 172.217.18.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.emuparadise.me&callback=_gfp_s_&client=ca-pub-8349397313676385&cookie=ID%3D79355f254bae5e87-22ecc14f78a60024%3AT%3D1606172678%3ART%3D1606172678%3AS%3DALNI_MbJTR027-vbpYBalqYcpnBlx0AQxQ

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.18.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s29-in-f2.1e100.net

Software

cafe /

Resource Hash

daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.emuparadise.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 23:04:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.de/adsid/ Frame 185C 109 B
781 B 75ms
62ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.emuparadise.me

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.emuparadise.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 23 Nov 2020 23:04:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ Frame 185C 109 B
781 B 75ms
57ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.emuparadise.me

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.emuparadise.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 23 Nov 2020 23:04:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame 9AF0 0
0 388ms
325ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-8349397313676385&output=html&h=90&slotname=4844265957&adk=3045226194&adf=2260553175&pi=t.ma~as.4844265957&w=728&url=https%3A%2F%2Fwww.emuparadise.me%2F&ea=0&flash=0&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1606172678593&bpp=7&bdt=1410&idt=92&shv=r20201112&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3D79355f254bae5e87-22ecc14f78a60024%3AT%3D1606172678%3ART%3D1606172678%3AS%3DALNI_MbJTR027-vbpYBalqYcpnBlx0AQxQ&correlator=2283660471199&frm=23&ife=1&pv=1&ga_vid=2142255762.1606172677&ga_sid=1606172679&ga_hid=572993466&ga_fc=1&iag=3&icsg=41558&nhd=1&dssz=10&mdo=0&mso=64&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=152&biw=1600&bih=1200&isw=728&ish=90&ifk=4260295749&scr_x=0&scr_y=0&eid=42530671%2C21068084&oid=3&pvsid=3768629073722840&pem=758&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.ns06hs5zlfpz&fsb=1&dtd=101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5952546718982642713/DKB_Scoree_728x90_V2.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5952546718982642713/DKB_Scoree_728x90_V2.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJm23r_jme0CFeOFgwcdU6IBzw&gqi=BkC8X-nCL9XTgAer05eoBg&layout=/sadbundle/%24csp%253Der3%24/5952546718982642713/DKB_Scoree_728x90_V2.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-8349397313676385&output=html&h=90&slotname=4844265957&adk=3045226194&adf=2260553175&pi=t.ma~as.4844265957&w=728&url=https%3A%2F%2Fwww.emuparadise.me%2F&ea=0&flash=0&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1606172678593&bpp=7&bdt=1410&idt=92&shv=r20201112&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3D79355f254bae5e87-22ecc14f78a60024%3AT%3D1606172678%3ART%3D1606172678%3AS%3DALNI_MbJTR027-vbpYBalqYcpnBlx0AQxQ&correlator=2283660471199&frm=23&ife=1&pv=1&ga_vid=2142255762.1606172677&ga_sid=1606172679&ga_hid=572993466&ga_fc=1&iag=3&icsg=41558&nhd=1&dssz=10&mdo=0&mso=64&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=152&biw=1600&bih=1200&isw=728&ish=90&ifk=4260295749&scr_x=0&scr_y=0&eid=42530671%2C21068084&oid=3&pvsid=3768629073722840&pem=758&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.ns06hs5zlfpz&fsb=1&dtd=101
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.emuparadise.me/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUm0DaZtXWqvxOeLBOV6HG4LoMOIzOn71AC7f5td4HvDVahO3i2HMC5n5jlm
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.emuparadise.me/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5952546718982642713/DKB_Scoree_728x90_V2.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5952546718982642713/DKB_Scoree_728x90_V2.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJm23r_jme0CFeOFgwcdU6IBzw&gqi=BkC8X-nCL9XTgAer05eoBg&layout=/sadbundle/%24csp%253Der3%24/5952546718982642713/DKB_Scoree_728x90_V2.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 23 Nov 2020 23:04:39 GMT
server: cafe
content-length: 32918
x-xss-protection: 0
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 185C 73 KB
28 KB 103ms
38ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d56ee6a2ba915ad87e2dc9b49d9199563f3b35f9e048938e84d1a033e5c2b1c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.emuparadise.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 23:04:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1605702985553312"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28207
x-xss-protection: 0
expires: Mon, 23 Nov 2020 23:04:38 GMT

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 142ms
139ms Image
text/plain 67.202.110.31
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=aIXlJ0wPOr6ijYaKlId8sQ&lm=0&ts=1606172677323&dn=RCIV&iso=0
Requested by: Host: www.emuparadise.me
URL: https://www.emuparadise.me/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.110.31 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.emuparadise.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 23:04:38 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 0462 8 KB
6 KB 17ms
17ms XHR
application/json 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20201112&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d9375579a5238f74a2019178078f61e2d0661fa5c25160987a271aca0e11db2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.emuparadise.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 23 Nov 2020 23:04:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6412
x-xss-protection: 0

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 0462 16 KB
6 KB 69ms
69ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.emuparadise.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 23:04:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1603823857801521"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6015
x-xss-protection: 0
expires: Mon, 23 Nov 2020 23:04:39 GMT

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/219/ Frame 55D3 0
0 6ms
6ms Document
text/html 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/219/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.emuparadise.me/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.emuparadise.me/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4867
date: Mon, 23 Nov 2020 22:36:24 GMT
expires: Tue, 23 Nov 2021 22:36:24 GMT
last-modified: Mon, 05 Oct 2020 22:33:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1695
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 185C 8 KB
6 KB 18ms
17ms XHR
application/json 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20201112&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1460598b9fbb6cbc9b403a8df048da9bb9d79a7d079abf3de08bfe0e06490fe1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.emuparadise.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 23 Nov 2020 23:04:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6451
x-xss-protection: 0

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 185C 16 KB
6 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.emuparadise.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 23:04:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1603823857801521"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6015
x-xss-protection: 0
expires: Mon, 23 Nov 2020 23:04:39 GMT

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/219/ Frame 8B4D 0
0 6ms
5ms Document
text/html 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/219/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.emuparadise.me/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.emuparadise.me/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4867
date: Mon, 23 Nov 2020 22:36:24 GMT
expires: Tue, 23 Nov 2021 22:36:24 GMT
last-modified: Mon, 05 Oct 2020 22:33:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1695
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0462 0
265 B 14ms
14ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=219&t=2&li=gda_r20201112&jk=1192835452081720&bg=!gIOlg6PNAAUoamvQKFgxn7_EmfGGQQIAAAFXUgAAADJoAQcKAQ4IxPf521A-JomeznX6f_24fH9dWd8iC-X9soo9vbDo8c3tKEbBKlHPwdQQXmeaK7IX67wyGJiGcAkZq1rm-EA5XRms94Nz_SHtjYY21pBAKvcuCu3nbOWK2_SJtahIwDkBjH1pPNHrSsVVB24Y4Ydf-1_8iOneq0JHLvnO8CSSQcz5KD6NXq2CZN2MJ24Q4y8rluP-A6QywbEEZ3FSs0IAPC2U4ThC_bPEZhtBnDU2r21RCzVdZslPJngggQrfy2Jv6N9mSg7J0wNxKWvGGqFekD_MopJXoS7aG0-PnQIZqawOO00BGsVtwgN_PHwx-R8H5tp7uH9WNpgQID3QomGYL7e_7d8k-abT3Bs_0a2ZAddKfyPfjzMbi-nXJnRuonw21gj8WEOUcEz5afqLoLfLbNhm0_RkFt9mXnsHTKEUoiYJ_6D5eC_mmByGkMWXOSOzQ7IFginrTSh9O2sfMhQfY38IrrbnbtUl4Pgr0P7cHlcSlKm_-f11m3t_ObIXOOW8ZNI8Yzvd4WAn50SetKXY_YxOCnl9d7rl0hWyMAvX1ggifpdnmzxTI1f2qNqq4ySs8gcxrcUr-Y68WW-SkaX60YO_a3kqS_7rJqKFbx4WMLJgr8trzt625KaATPbmCbV-hvp0on089g9sOO4L0_I0xYzK-Jjsf_ZTqHcPqeyYJCaTJbsZH8xQ2qjsNAQomqlK-_5VN8PY7SVQLbtdLyHcdMQQfQilrgbVoN_m9W3sgxi1uKXHZfQhH9geTaZBo2jPlnu6GQUVcytCFC0rVVXHAFnJ8XPL-QXQ197sgYl4ij9TJ0WRKqsbqrubYeURI05AaXydYfIsYMtiFnlvdotzaiXaCOsp4KeNQUgyw0G3UWwHtecCVYXe6t2-Kp9Goy0S9q56GVx-WLBRWHYYgnktB6WIbAya-1xfjdlqE6jJ82jABTPeuB6QmB0x8LMT3RoD8G3sPCMH6EBYaZZwdgPcKk-3QDaxo9g

Requested by

Host: www.emuparadise.me
URL: https://www.emuparadise.me/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.emuparadise.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 Nov 2020 23:04:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 185C 0
411 B 15ms
14ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=219&t=2&li=gda_r20201112&jk=3768629073722840&bg=!j4yljKzNAAVGySeIRljiM5ZK3CImawIAAAC9UgAAABJoAQcKAKdKI7LG2cb9xDMtKE8bt16Wd2NfuReQDa-XPCgH5_r46fVAl0mJMYf3_KpNbXVVBpik-wuoTqV-QLtRypDu51Q8FCZmcD2ldaugKNc1qGIMFeqxwXYGv2xWl6Bl2oTxJgEJrHa3vojwyKQlHSJPViYtgt7volIawjWEBJCbFcbbEfKVVvrpj00Pe_eATXA9Vyq92_DkZSkj4BT3_SFnUh_AQwzaZXMPU5kB11Qy0SjHSY9D7WyhbxZmflN1G_OC_lVztZKc_lj7bSUTlVcy0ovlETa7e3-4rVFavCfTeMFSmeHByjkwvPjOhtXbiPwex4iGHWNNQud44iUrTQjwFvqhjbE9mobkVrPsPqw9MqTMUEUy5BnE8WeSX0vpZxlZJLuU8m_Joh9p9l4Gkr0kMqxp7iwQbkG_hDWk74JPxX1eUV3KXoX9vkHLcBHLHWfxXdLz7cUeFKXFrtUi1jGS251X_TyHKz0TOy4Ez_ONNsnocmw662AAN0eQZwXmpzbEZoyjLdLBZDfPibInaXWLvWPAci1F1DhxTXJA4T7h5YSF-m7bwQA4gX-LNBz3XY9BsnF22tgLuyLRTA3dJdjeTOeRiMRprc_-Y44LWNZ3mP1hSGqsiWTYKAN5J10BI2iEV8bDS7dxQpv9K6s3uRnAT_Sb82pzImOzLugGKLSitHM2iEJlmM9PQwdxITWj8qyRp4nvsitv7EK1QjYWbPXbc5W5eINYSF6t_ntekkAEA9c47Tzle4izOxw4gEGK8OXVoGv3Dvo1gzRLe1QidtDdEJLpnqMxve3zHqYbcfMZsAC4el1_4hxfQrypNi-wBkjiMq18_s9eIw0jMGJSPJ-PCvd2VQ

Requested by

Host: www.emuparadise.me
URL: https://www.emuparadise.me/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.emuparadise.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 Nov 2020 23:04:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame E063 8 KB
6 KB 18ms
17ms XHR
application/json 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20201112&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2b8ee6fd56c3b123fdd34ccb2cf4c769ab34021c2f55950e5e6e0b8ff6ab6760

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.emuparadise.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 23 Nov 2020 23:04:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame E063 16 KB
6 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.emuparadise.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 23:04:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1603823857801521"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6015
x-xss-protection: 0
expires: Mon, 23 Nov 2020 23:04:39 GMT

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/219/ Frame DED7 0
0 6ms
5ms Document
text/html 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/219/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.emuparadise.me/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.emuparadise.me/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4867
date: Mon, 23 Nov 2020 22:36:24 GMT
expires: Tue, 23 Nov 2021 22:36:24 GMT
last-modified: Mon, 05 Oct 2020 22:33:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1695
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E063 0
112 B 15ms
15ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=219&t=2&li=gda_r20201112&jk=3982386425682452&bg=!HB-lHz_NAAUoamvQKFjsb8XnAjXYUQIAAADlUgAAABBoAQcKAZShRp-a3baPqaf2ahw7SsyQBfM7YnZNEKmexWXDnP4GNGYThuXT5VqlKz6pul8_uenxSLqcgQiAUZdKHTwuV6iseeHVQ7F_8oVClXgyXy7QMYf5pUH2nEBh6AsLSZERr59s2K8FdoCKliWrxSVMPjZvbGY6UVVBptgOHNMzb8dSTUEwu7ZNnpCcUdo3JJEHe6dea54Sw_NKqpV1lpVka6Pc2Bk0Y915d_fOx3VF9ERCoWue_l7k0LQ_VGxHgtqfdSbczaRd8QMxJz7baTZzl7JUmrDGeoyCp49AOnwmI1QRXQvCgAvd25YqNvNLT8EVYD5G5cp6Yy6EIbFCXctgXnJ7wTrq0ufnMk7jnV0-6ZDnHaCRC3W02CyFmS2cOL9UA0Rvc0P--oaAt3RqdC1oI0yqOqXWBgGJpEky2UT5NFX9F8fAHJGk-WESxiH98dvw5LfBjw7YcUPiGAHFLp2TVSt4tRnD9wXrInJRLuB_FTB_znJd0-3g-XrcuPRCppbVEIcGVIt7MUTxKL94xPXHHY85QxlbfZkB1-6yoKKkNhFEw1kw7Iq-3747q7DbiYHi2zKN8KPuIgaBz2OGDnGLBeHzHFLAWUbzjnCc1uixgz1w-6XbzCyO4ru9yqnzKoIk6uZZrUZGsBVuGU57Fn8gmtrWNcw6w9U2eF3BLBoo_3RLMXOao9VZfJSC2ToNfR4hoWQOqZUjvf7o-60G3ETkEqvBS7feoaGU-GEXi6nZLGtk3LGah31e4nDYNUDLBdXbkdg_s_Wnw1Qo1TtKFskvCuJL7Vg-aIMyDnEAoJIocJerDkg1akTef2Bd_7j-MMBKfxRxREmslx87uHdD9lAUlc0bQWbkLdfpYgRoYUrIG2ggGbVQwDgtvOPybYZCOKLf5mLs9TWdHbvhRfTT5F-Q6eJLG-h2GryCWIl58DPdY2dhOq8J-41LLOKuZg_X_KIrdSiERyCY49CUUGHJWszCj41fErwDi-NM00tJ46mxNkVSzjNaUf-sVGPVC5Cw4dMKs9vc-0TyDf1RpTePdXbghq275kT1AH0UpHjPucL_nAELCdvU0qY4-lWUaQvY9IhRA5_vTPZPU7XOc6gAgzwRg9QodE89dPcN_2LUj9q0QKZ6bnp9b1XPpOBK3xkTAmGv4iQ9YHbhqDCIHvNJC7xAXw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.emuparadise.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 Nov 2020 23:04:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: i.po.st
URL: https://i.po.st/static/v4/post-widget.js

Verdicts & Comments Add Verdict or Comment

88 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-19 23:31:08	Name: IDE Value: AHWqTUm0DaZtXWqvxOeLBOV6HG4LoMOIzOn71AC7f5td4HvDVahO3i2HMC5n5jlm
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: a7OhMu_9rfA
.tribalfusion.com/	1970-01-19 16:19:08	Name: ANON_ID Value: aPnxJ5wZcF18oXarpfswVOxnxALwkZaZcel4hVciTcWpCRab4282qxVTRdcr733l8Ob0l8n4SQEO5sTOmUWHs0Wf8ZbrZdVhZdgDnnA7vUsNsGE3XQWCDlxtewxB4UpfmWbKMbFLR1MdZbZaXg2t
.youtube.com/	1970-01-19 18:28:44	Name: VISITOR_INFO1_LIVE Value: TIZ1apHZAE4
.emuparadise.me/	1970-01-19 23:31:08	Name: __gads Value: ID=79355f254bae5e87-22ecc14f78a60024:T=1606172678:RT=1606172678:S=ALNI_MbJTR027-vbpYBalqYcpnBlx0AQxQ
.emuparadise.me/	1970-01-19 14:09:32	Name: _gat Value: 1
.emuparadise.me/	1970-01-19 14:10:59	Name: _gid Value: GA1.2.62386739.1606172677
.doubleclick.net/	1970-01-19 14:09:36	Name: DSID Value: NO_DATA
.emuparadise.me/	1970-01-20 07:40:44	Name: _ga Value: GA1.2.2142255762.1606172677

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	info	URL: https://acdn.adnxs.com/ast/ast.js(Line 1) Message: AST library loaded: 0.34.0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acdn.adnxs.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
b64459531885200b3efb-5206a7b3a50a3f5974248375cd863061.ssl.cf1.rackcdn.com
c.amazon-adsystem.com
cdn-sic.33across.com
cdn.tynt.com
de.tynt.com
googleads.g.doubleclick.net
i.po.st
ic.tynt.com
m.emuparadise.me
pagead2.googlesyndication.com
partner.googleadservices.com
s.tribalfusion.com
sb.scorecardresearch.com
sc.tynt.com
securepubads.g.doubleclick.net
sic.33across.com
tags.expo9.exponential.com
tpc.googlesyndication.com
www.emuparadise.me
www.google-analytics.com
www.googletagservices.com
www.youtube.com
i.po.st
104.108.144.152
104.108.144.200
104.16.38.14
104.16.87.26
104.18.13.5
104.18.4.23
151.101.194.109
172.217.18.162
172.226.219.188
208.100.17.171
208.100.17.184
2a00:1450:4001:801::2002
2a00:1450:4001:814::200e
2a00:1450:4001:816::2001
2a00:1450:4001:81a::200a
2a00:1450:4001:824::200e
65.9.7.126
67.202.110.31
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0b54ef0645d382df73c0d53c8cc9217c1145c102bf51ec70ab321782343d1852
0d6d87d86843ed0bc023cba55f7d1d2078ea087f968c8dc3e1cf65d59e26560b
144ccbf730ec71818fae810e659d64064f4f6a783d5730c5f468eff5ac57828c
1460598b9fbb6cbc9b403a8df048da9bb9d79a7d079abf3de08bfe0e06490fe1
20164f6639aa5891538ef0ee7e61eaab008c4306312952d73738d1e106bec2b0
2b8ee6fd56c3b123fdd34ccb2cf4c769ab34021c2f55950e5e6e0b8ff6ab6760
2eea758cf13005d106cc1059de8be055e0cb7ff6cfd5654ed227cffd66390dfd
34a83b5deedbc6b2c2739d8189b62f5e9af1a46ebc75ec4e1b50a0a81c301f43
3fe925f3c2370cc17a5c9c17cc5e1c4243b9319d90383d361245242fcaa3ce90
432c736872d32e23225a118a9ee55f26126de76a49be04adbf2ddba534bb717d
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4
4bb12d70c666a520e92ce5323623ef456da29d874de55b2900f6938b860ce458
4f131d6276874fcccbfd5949765af9193c00a6d0b99bdc12ecd3237e3cd5f8c8
51b5cb15f29ab4955072d1c18f479b57df59a8da4113b1d41d889a49b84a9e0d
5d8899650637d2a94f757ad2056d371f116308e11ef7790e03921d46053376c3
66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd
67d2378e075a6aa948b9f85b1e92bef2da82ceb91f0f402c4e09a7e2d9c992f1
68963209b16bd2a387c310495d51021d2fc57e5df9cb87ac98a0505c0daeca43
6a2a699fa7e4ce101b9db469452f2631cc2ac7c887abe082617497274e243f0e
7e915777546516e196d2b26c4eb393423c54174d61fbf7a98259c33a4efdefdc
8d9375579a5238f74a2019178078f61e2d0661fa5c25160987a271aca0e11db2
9272deaba258052abfdca7f8a720c98f972e76dfbff62b73d8411c76c3e5088c
9835a69ecb524330162090fbfdd3c070e4598540584312915b1bfe547e258717
9e3b9ecf3258afd899081e6cf645e09ae51a031aeac11a0d0f59ea3b5ff8595b
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a48eb46264733177d5630c38ddcda43d3c2344ba13733ec65d2319ecf6ed93e1
a5d4be9135e0400a2357c358d9f967d4a7d5ccc13c272b657932aae568e2ca61
ad7386d16a056df5c235702a97a5fa4cee68e302d71041aa35df96151f756f48
b9ba39b5cbc0e5d0c08c16b14acaf33f297c0a854b7e22f376af3e9050f2d553
c0e84e667672bf1c1c675beab334b374919c2a76172ddf890e48ac57b182f5ee
c615d9eabf373b8665ba9e9d418c8aad5e54d93f7ce190522a02799aabc2c4e6
c725a3df28f1e5ee7df6d08047f98c58c4e1d29c1a7aa698244bedf4b82e69a9
c7714be5150899442faf570cab4e7846a794e81d6b420300148d1f5a9a405c7a
cd2890594b4584d2735dd78049aea9ebc7c395cb5cc97bee9e3ab6176a0c299d
d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179
d56ee6a2ba915ad87e2dc9b49d9199563f3b35f9e048938e84d1a033e5c2b1c5
d6da0ca764e8868359ebf6451c2c650a06163d1112c9dc8378bf88ce5e486895
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
dcdc6d08c55dacf94f6a80c70f33a211542ae3d54755efa8a6f27c2fef7b7e18
ddccee94532e36265390e5c93503c8bc30525834a36ec19fd8aef385d3e842d9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e8fd36555511bebb4ea6f4520ab3eb3de4acb772452cd9d37f461dfd3b93e994
ee05dbc4505c5f758fec5dba52ed164048f2d2448088e842a160fbeb79401932
f0bbfc2b332136b057e1a35ad5469920eb5b4fefa1fadd310d97e64e24debc86
f2062656f89b2d9e099f19c904fe368516a7fa6ac64ac8289f84c0c7dcf3b71b
f82510f132509276c651fc5c5170d05c9171ed075e95c1bdef067400507ee28e
fd2f1a6371998635e3fbeb44a1639b2754944d9cd4f856fd95f31de178287744

www.emuparadise.me Open in urlscan Pro 151.101.194.109 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

98 Requests

99 %HTTPS

28 %IPv6

19 Domains

26 Subdomains

19 IPs

2 Countries

997 kBTransfer

2756 kBSize

9 Cookies

12 Outgoing links

Page URL History

Redirected requests

98 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

www.emuparadise.me Open in urlscan Pro
151.101.194.109 Public Scan

Screenshot
Live screenshot

Full Image

98
Requests

99 %
HTTPS

28 %
IPv6

19
Domains

26
Subdomains

19
IPs

2
Countries

997 kB
Transfer

2756 kB
Size

9
Cookies

98 HTTP transactions
0 data transactions