urlscan.io logo urlscan.io
SecurityTrails logo

www.emuparadise.me Open in urlscan Pro
151.101.2.109  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://m.emuparadise.me/biosfiles/bios.html
Effective URL: https://www.emuparadise.me/biosfiles/bios.html
Submission Tags: falconsandbox
Submission: On October 28 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 30 IPs in 8 countries across 30 domains to perform 151 HTTP transactions. The main IP is 151.101.2.109, located in United States and belongs to FASTLY, US. The main domain is www.emuparadise.me. The Cisco Umbrella rank of the primary domain is 461403.
TLS certificate: Issued by GlobalSign Atlas R3 DV TLS CA 2022 Q3 on September 27th 2022. Valid for: a year.
This is the only time www.emuparadise.me was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 151.101.66.109 54113 (FASTLY)
1 2 151.101.2.109 54113 (FASTLY)
14 23.35.236.143 16625 (AKAMAI-AS)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
2 13.32.121.17 16509 (AMAZON-02)
2 104.18.18.39 13335 (CLOUDFLAR...)
2 104.18.22.45 13335 (CLOUDFLAR...)
7 67.202.105.33 32748 (STEADFAST)
1 151.101.1.108 54113 (FASTLY)
2 18.66.108.49 16509 (AMAZON-02)
1 67.202.105.21 32748 (STEADFAST)
3 32 2606:4700::68... 13335 (CLOUDFLAR...)
2 67.202.105.31 32748 (STEADFAST)
3 2a00:1450:400... 15169 (GOOGLE)
24 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
11 2a00:1450:400... 15169 (GOOGLE)
2 2 3.126.56.137 16509 (AMAZON-02)
1 188.65.124.66 41690 (DAILYMOTI...)
2 2 142.250.184.226 15169 (GOOGLE)
1 35.244.159.8 15169 (GOOGLE)
2 2 185.80.39.216 27381 (CASALE-MEDIA)
1 69.173.144.138 26667 (RUBICONPR...)
1 1 2.18.232.236 16625 (AKAMAI-AS)
1 1 3.120.204.36 16509 (AMAZON-02)
1 18.202.59.106 16509 (AMAZON-02)
2 2 185.94.180.126 35220 (SPOTX-AMS)
2 2 185.64.189.115 62713 (AS-PUBMATIC)
1 1 185.64.189.110 62713 (AS-PUBMATIC)
2 2 54.155.40.229 16509 (AMAZON-02)
23 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 5 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
151 30
1    151.101.66.109 (United States)

ASN54113 (FASTLY, US)
m.emuparadise.me
2    151.101.2.109 (United States)

ASN54113 (FASTLY, US)
www.emuparadise.me
14    23.35.236.143 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-143.deploy.static.akamaitechnologies.com
b64459531885200b3efb-5206a7b3a50a3f5974248375cd863061.ssl.cf1.rackcdn.com
1    2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    2606:4700::6812:cdb (United States)

ASN13335 (CLOUDFLARENET, US)
tags.expo9.exponential.com
2    2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    13.32.121.17 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-17.fra60.r.cloudfront.net
sb.scorecardresearch.com
2    104.18.18.39 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
cdn.tynt.com
sc.tynt.com
2    104.18.22.45 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
cdn-sic.33across.com
7    67.202.105.33 (Tinley Park, United States)

ASN32748 (STEADFAST, US)
PTR: ip33.67-202-105.static.steadfastdns.net
ic.tynt.com
1    151.101.1.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
2    18.66.108.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-108-49.fra56.r.cloudfront.net
c.amazon-adsystem.com
1    67.202.105.21 (Tinley Park, United States)

ASN32748 (STEADFAST, US)
PTR: ip21.67-202-105.static.steadfastdns.net
sic.33across.com
32    2606:4700::6812:18ad (United States)

ASN13335 (CLOUDFLARENET, US)
s.tribalfusion.com
a.tribalfusion.com
2    67.202.105.31 (Tinley Park, United States)

ASN32748 (STEADFAST, US)
PTR: ip31.67-202-105.static.steadfastdns.net
de.tynt.com
3    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
24    2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
3    2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
partner.googleadservices.com
5    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
www.googletagservices.com
3    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
11    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.de
2    3.126.56.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    188.65.124.66 (Paris, France)

ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR)
PTR: ingress-03-pub-prod-ix7.vip.dailymotion.com
public-prod-dspcookiematching.dmxleo.com
2    142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net
cm.g.doubleclick.net
1    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
us-u.openx.net
2    185.80.39.216 (Canada)

ASN27381 (CASALE-MEDIA, CA)
dsum-sec.casalemedia.com
1    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
1    2.18.232.236 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-236.deploy.static.akamaitechnologies.com
tags.bluekai.com
1    3.120.204.36 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-204-36.eu-central-1.compute.amazonaws.com
aa.agkn.com
1    18.202.59.106 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-202-59-106.eu-west-1.compute.amazonaws.com
beacon.krxd.net
2    185.94.180.126 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)
sync.search.spotxchange.com
2    185.64.189.115 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
1    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
2    54.155.40.229 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-155-40-229.eu-west-1.compute.amazonaws.com
dpm.demdex.net
23    2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
5    2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
47 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 100
tpc.googlesyndication.com — Cisco Umbrella Rank: 135
754 KB
32 tribalfusion.com
s.tribalfusion.com — Cisco Umbrella Rank: 2171
a.tribalfusion.com — Cisco Umbrella Rank: 822
65 KB
15 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 182
googleads.g.doubleclick.net — Cisco Umbrella Rank: 35
cm.g.doubleclick.net — Cisco Umbrella Rank: 213
249 KB
14 rackcdn.com
b64459531885200b3efb-5206a7b3a50a3f5974248375cd863061.ssl.cf1.rackcdn.com
85 KB
11 tynt.com
cdn.tynt.com — Cisco Umbrella Rank: 9748
sc.tynt.com — Cisco Umbrella Rank: 11458
ic.tynt.com — Cisco Umbrella Rank: 6219
de.tynt.com — Cisco Umbrella Rank: 1438
9 KB
8 google.com
adservice.google.com — Cisco Umbrella Rank: 71
www.google.com — Cisco Umbrella Rank: 2
3 KB
3 gstatic.com
www.gstatic.com
fonts.gstatic.com
56 KB
3 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 190
142 KB
3 pubmatic.com
image6.pubmatic.com — Cisco Umbrella Rank: 668
simage2.pubmatic.com — Cisco Umbrella Rank: 696
1 KB
3 google.de
adservice.google.de — Cisco Umbrella Rank: 9167
1 KB
3 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 869
1 KB
3 33across.com
cdn-sic.33across.com — Cisco Umbrella Rank: 12006
sic.33across.com — Cisco Umbrella Rank: 11157
119 KB
3 emuparadise.me
m.emuparadise.me — Cisco Umbrella Rank: 908523
www.emuparadise.me — Cisco Umbrella Rank: 461403
12 KB
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 202
2 KB
2 spotxchange.com
sync.search.spotxchange.com — Cisco Umbrella Rank: 575
1 KB
2 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 516
2 KB
2 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 286
563 B
2 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 300
47 KB
2 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 150
2 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 29
20 KB
2 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 293
fonts.googleapis.com — Cisco Umbrella Rank: 36
35 KB
1 krxd.net
beacon.krxd.net — Cisco Umbrella Rank: 555
338 B
1 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 467
478 B
1 bluekai.com
tags.bluekai.com — Cisco Umbrella Rank: 514
470 B
1 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 338
239 B
1 openx.net
us-u.openx.net — Cisco Umbrella Rank: 414
304 B
1 dmxleo.com
public-prod-dspcookiematching.dmxleo.com — Cisco Umbrella Rank: 2073
122 B
1 adnxs.com
acdn.adnxs.com — Cisco Umbrella Rank: 595
32 KB
1 exponential.com
tags.expo9.exponential.com — Cisco Umbrella Rank: 9582
3 KB
0 po.st Failed
i.po.st Failed
151 30
Domain Requested by
24 pagead2.googlesyndication.com s.tribalfusion.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.emuparadise.me
www.googletagservices.com
23 tpc.googlesyndication.com googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
www.emuparadise.me
21 s.tribalfusion.com tags.expo9.exponential.com
s.tribalfusion.com
www.emuparadise.me
14 b64459531885200b3efb-5206a7b3a50a3f5974248375cd863061.ssl.cf1.rackcdn.com www.emuparadise.me
b64459531885200b3efb-5206a7b3a50a3f5974248375cd863061.ssl.cf1.rackcdn.com
11 a.tribalfusion.com 3 redirects s.tribalfusion.com
10 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
7 ic.tynt.com www.emuparadise.me
5 www.google.com 2 redirects tpc.googlesyndication.com
3 www.googletagservices.com googleads.g.doubleclick.net
3 adservice.google.com pagead2.googlesyndication.com
3 adservice.google.de pagead2.googlesyndication.com
3 partner.googleadservices.com pagead2.googlesyndication.com
3 securepubads.g.doubleclick.net cdn-sic.33across.com
securepubads.g.doubleclick.net
2 www.gstatic.com googleads.g.doubleclick.net
2 dpm.demdex.net 2 redirects
2 image6.pubmatic.com 2 redirects
2 sync.search.spotxchange.com 2 redirects
2 dsum-sec.casalemedia.com 2 redirects
2 cm.g.doubleclick.net 2 redirects
2 ups.analytics.yahoo.com 2 redirects
2 de.tynt.com cdn.tynt.com
2 c.amazon-adsystem.com cdn-sic.33across.com
c.amazon-adsystem.com
2 cdn-sic.33across.com cdn.tynt.com
cdn-sic.33across.com
2 sb.scorecardresearch.com b64459531885200b3efb-5206a7b3a50a3f5974248375cd863061.ssl.cf1.rackcdn.com
www.emuparadise.me
2 www.google-analytics.com b64459531885200b3efb-5206a7b3a50a3f5974248375cd863061.ssl.cf1.rackcdn.com
www.google-analytics.com
2 www.emuparadise.me 1 redirects
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com googleads.g.doubleclick.net
1 simage2.pubmatic.com 1 redirects
1 beacon.krxd.net s.tribalfusion.com
1 aa.agkn.com 1 redirects
1 tags.bluekai.com 1 redirects
1 pixel.rubiconproject.com s.tribalfusion.com
1 us-u.openx.net s.tribalfusion.com
1 public-prod-dspcookiematching.dmxleo.com s.tribalfusion.com
1 sic.33across.com cdn-sic.33across.com
1 acdn.adnxs.com cdn-sic.33across.com
1 sc.tynt.com cdn.tynt.com
1 cdn.tynt.com www.emuparadise.me
1 tags.expo9.exponential.com www.emuparadise.me
1 ajax.googleapis.com www.emuparadise.me
1 m.emuparadise.me 1 redirects
0 i.po.st Failed b64459531885200b3efb-5206a7b3a50a3f5974248375cd863061.ssl.cf1.rackcdn.com
151 43

This site contains links to these domains. Also see Links.

Domain
www.epforums.org
www.facebook.com
twitter.com
feeds.feedburner.com
Subject Issuer Validity Valid
www.emuparadise.me
GlobalSign Atlas R3 DV TLS CA 2022 Q3		 2022-09-27 -
2023-10-29		 a year crt.sh
*.ssl.cf1.rackcdn.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-05-09 -
2023-05-10		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
exponential.com
Cloudflare Inc ECC CA-3		 2022-03-21 -
2023-03-21		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.scorecardresearch.com
Amazon		 2022-01-29 -
2023-02-27		 a year crt.sh
*.tynt.com
Sectigo RSA Domain Validation Secure Server CA		 2022-09-07 -
2023-09-30		 a year crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2022-09-06 -
2023-09-30		 a year crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2022-03-11 -
2023-04-11		 a year crt.sh
c.amazon-adsystem.com
Amazon		 2022-05-09 -
2023-04-18		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-07 -
2023-06-06		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh

This page contains 33 frames:

Primary Page: https://www.emuparadise.me/biosfiles/bios.html
Frame ID: 48E2F7D277B184E161A4921E9CE524AF
Requests: 36 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ast/ast.js
Frame ID: 7DD8B0A8C1381DA0F28B6E6D3D323168
Requests: 1 HTTP requests in this frame

Frame: https://c.amazon-adsystem.com/aax2/apstag.js
Frame ID: 512D359054590569895EC6873886DC39
Requests: 2 HTTP requests in this frame

Frame: https://s.tribalfusion.com/real/tags/EmuParadiseorg/ATF/tags.js
Frame ID: 0C67E37A2EBF8DF76D7962675BB8D9EF
Requests: 11 HTTP requests in this frame

Frame: https://s.tribalfusion.com/real/tags/EmuParadiseorg/ATF/tags.js
Frame ID: B4757DC7D03AA3BE872D88C5ACA24039
Requests: 11 HTTP requests in this frame

Frame: https://s.tribalfusion.com/real/tags/EmuParadiseorg/ATF/tags.js
Frame ID: 1AF213286E584B96A8EAD35673D7DF2A
Requests: 11 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: B13862EF511640212F25D0FC34250DBB
Requests: 3 HTTP requests in this frame

Frame: https://s.tribalfusion.com/p.media?clickID=akmURgWUYYTtQ2nUYmPU7t1Enp3Eji5TYRoEZbHXUJfUdfQnAYLpGQrpW3C3EY73Wuy5P7ZcprnG0VnPYcF20cfonqbW3rYVTFvBUA3TQa3QQsZbrSdby0djtT6vp2GB5XrBJVmau4mYePPMC4HYp0tMAndix3mv04GYeVcQjWsMePPYoTHFPUrB23rZarUqroTTncPaYGQc7BPUInPt7iUVb52Fy4mWqOOQQyM8EGtFftpZc7CQl&mediaDataID=6347136&mediaName=frame.html
Frame ID: 6EFC388C45B751D83122C756D495FE50
Requests: 2 HTTP requests in this frame

Frame: https://s.tribalfusion.com/p.media?clickID=aAmURgTFfEUAv3RTr3QsvqStYO0WFoWP3p4cn0YrQDTPup5PM8R6ZbF3Hvq0WQAnHTm5mYQ3sveVsQdWcMeRmUnUHYTUU7Y5bTtUqQvWqnlQEBKSVZbZbQFisPHMiWcbU4binodyMXTyp2WbHSV7A4PrHoderVHfeYU3i1UB90qqtPbUZbTrBPVHYUnbbsRUjr1EMr4aZbd2TQQmqZbA1FUfWHMXoArans7wU8PGyBiexqiFnetjXO&mediaDataID=8039566&mediaName=frame.html
Frame ID: 911F37593335921849C84D1908D30CAA
Requests: 2 HTTP requests in this frame

Frame: https://s.tribalfusion.com/p.media?clickID=aCmURg5bEoUqroVTQiSarZaQVjKPUIxSHYiUGUP5byxmH6sYqXv4dUAPVBH4m3HoHPNTHJ90bMi1FBf0aqtRFYZcUr30VWUXorYqRUJNXaMy5EUi4EYPmEJH1rJfUtMRm6bLpGfuodMJ3qZbf5dao56FGnrUZb0VQYXVnTXG7nnEvT5UY2WbnBWmYYPEj2ScUsStjy0H7xTPUm2Vn30bZbDVmiw2PQZbPPMKxoqmxR6JWaAJnPygPO&mediaDataID=4056396&mediaName=frame.html
Frame ID: F1BC6555253CCDAB0A21D0F67AB4EF34
Requests: 2 HTTP requests in this frame

Frame: https://s.tribalfusion.com/p.media?clickID=aomURgT6Mv4sY40FYZdV66p2PvbRmbH3WrOXHnZdmHAo5AUP4s36Vcv8VsJfRPUoUHZb5UbbX5bIwUarpVTJbQqQGSsZbLPbqoPHf9UVY55bXxmtqmXEmM3HjASGfZa4AJZboHTsVWYfXFMkYbYhXq6nRFrZbUUn0TdnTnFbvRUjNYTFs3TJa5E75nEBFXb3aWHbSoAQImsvvmtYK3aMf5HmN3AvGprv7Xsf0NDyYxDXuWWbbuerUtb&mediaDataID=6546596&mediaName=frame.html
Frame ID: 263BB89E5D56E9C464C45F63F1E422A8
Requests: 2 HTTP requests in this frame

Frame: https://s.tribalfusion.com/p.media?clickID=aqmURgPHvcUVMW4FXsntus0qPN2trGPVZbZa26vIpHEyTtF8YbYa1Ufi1qAsRb3ZbUrJQVdQ5orFvRFjqYEFs5qFd4EM1mEnC1r3cWHBXn6QBnV7opHME3TUk5tiN5mvZanUfZc0G7XYGQV0svvpEjR3rv2VFBHUPYWQqQSScUMQdUOYtbuWAbM3GQXYbYZcVmqn2Pr7QPbJ4dMy0tnIpW2o36BY3snZdTVJjmDEjpUaxpaYcNgLkZaJ&mediaDataID=5436426&mediaName=frame.html
Frame ID: 72D0A422A4B2452D1FC7D66883709F16
Requests: 2 HTTP requests in this frame

Frame: https://s.tribalfusion.com/p.media?clickID=asmURg1rZb9WHbSoPnInGnpmH3E2Evh2tIN3PJJmUvEXcMSXcr2XGJNmEZbU3UU2VbvZaWPv2REnSSsUtQtUO1WfxVAvw2cZb20UFZaVmPw5mrePmMF2dUs1dnZdpdAo5PBS5V76VcBlWGf8R6FwWtQQUUBP3binUaUwWaMjSTYFSGQIRravSd77VGrT2Umsodiq0qPw3WMZaSsFZd4PvZdmWXyVWQh0brLYbY9MBZbop6eEpV3exYAwmf&mediaDataID=6530936&mediaName=frame.html
Frame ID: 056F13BBD876256269D33A9F69B3EF60
Requests: 2 HTTP requests in this frame

Frame: https://s.tribalfusion.com/p.media?clickID=aumURg0UUJVmqm4mvgQArD4W3q1drZapWao3mnV4VngTG3aVcZbePPrMTtnVUrfP3FTwWarnTT3jSEYZdSVQIPUewRdMbWGfW2FeqodIOYTPp2tbGQG7F463ImdEyTdQ7XFba1UQ70E6MRUJFWFU5VWrWmr7oRFZbMXqnN3TZba4q7XoT7IXUU6THbPnAvZapGvnmHQA2qU85HAM56JZcpFbE0Gf01cYp0svnVnAQyPaUmGjrOZdW0I3&mediaDataID=2713736&mediaName=frame.html
Frame ID: 17514FF1E0F849B917E431D192EAC534
Requests: 2 HTTP requests in this frame

Frame: https://s.tribalfusion.com/p.media?clickID=awmURg2Funodis0auN4tfGSGFA26MJot6yVH7aYFrkYrZbg1aEtPbvCTFrXVt3WmUYvPFjs1EQN3EZbk4a7XmqjLYUJ6UWnWoA7ZcpG3wpdQJ3TZbk3W6M4AJJprvEXsfPYGJ2XGnpnqj43bFTTUbCW63TPEUXSsrNPH7tYt7uVmbv4s3UYrZbZdUPXq56FbR6bB4Wrs1dYDpWin5AnQ3GjgVcJjUc7HR6FooCyRqm2YxcADxORhWK&mediaDataID=7665496&mediaName=frame.html
Frame ID: 0D3FE2484FF8C52A8E61F07CB7B6724F
Requests: 2 HTTP requests in this frame

Frame: https://s.tribalfusion.com/p.media?clickID=aymVgFoAnLpGvrotbC2TMe5tIo4mrZbmb3E0VYUXGYV0cjumTJT5UrSWUFFWArTPajSQsUrStBtYd7oV6bv2VQVXrQKT66q2PFdR6BK3trO0HBImdiM5AQV3svfUcF7Usn8SPUwTtrQWrbY5UEuUabmVqJaSTQHSs7LQFunSHrkVGfP5bexmtqr0qmp2WbCSGZbC5mFZdpWiyTHZbhYrM7YFU61auqSbYZcWUBSTtJWmErmRUq1yPumuPAERWMfDZbQOl7&mediaDataID=5578346&mediaName=frame.html
Frame ID: 231DC38AD74F7E83EC8494851DF0EBB9
Requests: 2 HTTP requests in this frame

Frame: https://s.tribalfusion.com/p.media?clickID=aNmURg2PU8R6bA2tvq1WvJpdem4PJR5cUgVsv8VG78RmQxTdrWWrZb52repWqvvVqBjQEYZbQVFARb6pRH7cWsr24byomtuo0q6y4dYZdPcZbZa46JIoWeqUtja0brkYbYf0EutPbBZdUrUSVHJ5obFtPrJNYErr3Ejd5TUPoTbIYbU9WH7Xn6fZapsMspt3E5EUg5tIt4m7FpFUHXcYR1VFVXGvnpTbx3bF2n6IBsFA3sHvgtVUgLZc&mediaDataID=6807466&mediaName=frame.html
Frame ID: 2DD37C09FDE995FBCE27B274B2D88EC6
Requests: 2 HTTP requests in this frame

Frame: https://s.tribalfusion.com/p.media?clickID=aPmURg0qmv4dMHPcjD263ZcmdPrUd79YbQk1Ffi1EeMRF3ETUnYTtvXnbbmPU7NYaZbN5EZbi2arPoEbCYrU9Udj1m6rInVjsmH7G5En72WIN5PvJmFfZbXcbU1cYV0svxnqrT5UZb4VbbZcWm72RTn3QGnMQtbyYdBxWPQn4sYUXFZbJVmmw5mZbgPmBJ4dYoXWYLpdax4PY03G3fTGvbUVM8PPFoWdYuUFMPwAbtsnZammWUTviJ9PX&mediaDataID=9148826&mediaName=frame.html
Frame ID: 6D2F367B8C8466A6BCAB43E5859D27A3
Requests: 2 HTTP requests in this frame

Frame: https://s.tribalfusion.com/p.media?clickID=aSmURg4dMFSGjG46MZcpHarVWbeYFM7Xb79XqEoSFUZbUrU0Wtv3or7qQFBrYEUy5q3c4qv0oTfK1bZb9UHMRm6vCncMpoWbK5EFk5tZaN46BGnbbLXsQTXsQYXGbnnavT3rJVTFvZaW6rTPqbYSsYnQWfr1tJnTm3m3GrW0UUDT6im2PQeQAMH3WUM1WMZbpdEv36vP4GrfVVvkWGZbgP6FoWdF3Wr7r3U2umQTstQectW3NusNHuJ&mediaDataID=6719746&mediaName=frame.html
Frame ID: 07E141B39C4EB4DECEB8C9F863114862
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8349397313676385&output=html&h=250&slotname=7797732353&adk=1624002602&adf=2260553171&pi=t.ma~as.7797732353&w=300&lmt=1667000947&url=https%3A%2F%2Fwww.emuparadise.me%2Fbiosfiles%2Fbios.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667000947546&bpp=9&bdt=675&idt=105&shv=r20221026&mjsv=m202210250101&ptt=5&saldr=sa&correlator=4795295021170&frm=23&ife=1&pv=2&ga_vid=991856031.1667000947&ga_sid=1667000948&ga_hid=181595690&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=287&biw=1600&bih=1200&isw=300&ish=250&ifk=1690533163&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31070590%2C44775017&oid=2&pvsid=472105881715648&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.vk0nj8bv4j5k&fsb=1&dtd=121
Frame ID: 0E724DAD87B141BE92640343BF43CDFF
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8349397313676385&output=html&h=600&slotname=1751198753&adk=1181575348&adf=1923364422&pi=t.ma~as.1751198753&w=160&lmt=1667000947&url=https%3A%2F%2Fwww.emuparadise.me%2Fbiosfiles%2Fbios.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667000947526&bpp=11&bdt=667&idt=153&shv=r20221026&mjsv=m202210250101&ptt=5&saldr=sa&correlator=4795295021170&frm=23&ife=1&pv=1&ga_vid=991856031.1667000947&ga_sid=1667000948&ga_hid=1115569118&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=276&ady=503&biw=1600&bih=1200&isw=160&ish=600&ifk=2515432399&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44775016&oid=2&pvsid=1052251170712819&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.gm5w1j5i41ja&fsb=1&dtd=166
Frame ID: AB21DC01A792BFB1CEC5EC5B1EDDE339
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8349397313676385&output=html&h=90&slotname=4844265957&adk=3045945892&adf=2638734760&pi=t.ma~as.4844265957&w=728&lmt=1667000947&url=https%3A%2F%2Fwww.emuparadise.me%2Fbiosfiles%2Fbios.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667000947626&bpp=10&bdt=775&idt=101&shv=r20221026&mjsv=m202210260101&ptt=5&saldr=sa&correlator=4795295021170&frm=23&ife=1&pv=1&ga_vid=991856031.1667000947&ga_sid=1667000948&ga_hid=1414900580&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=152&biw=1600&bih=1200&isw=728&ish=90&ifk=1996258855&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070591%2C44774292%2C44775016%2C44776450&oid=2&pvsid=305668297579728&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.xyx10969wmyg&fsb=1&dtd=114
Frame ID: 70998BBD87E3DBAC78583DB2A988FDF5
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 0B0FD9DA970946E3437BBA2F1C06CE45
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 30FDEFB3D19BC1D2801ADD8E40CA18E1
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/nOAuMeOBpF9evwNFXVQkLuXNj92N0OJ7uU_f3Vfdro8.js
Frame ID: 3DB2B452B90AD6CE1C690DCFE990A8F9
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 438E44882DC71A4F61A87F2137619E50
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A747F4ED81B08C82F086F69FFF571B2F
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/nOAuMeOBpF9evwNFXVQkLuXNj92N0OJ7uU_f3Vfdro8.js
Frame ID: 95D4BC70066814267707F951840A5084
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/nOAuMeOBpF9evwNFXVQkLuXNj92N0OJ7uU_f3Vfdro8.js
Frame ID: 170041C12D9A0910EA0AF13F3663042E
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 923130250FB553652FF88FE8B142D910
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 16B7819C47220AD8B9637569F7C20A44
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: FB07795EC498CEF74C74F44EC720846E
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 787FCA602B7908C48D93B45E1B8A6358
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Play classic video games on your computer or mobile device | Emuparadise

Page URL History Show full URLs

  1. https://m.emuparadise.me/biosfiles/bios.html HTTP 301
    https://www.emuparadise.me/redirect/desktop/biosfiles/bios.html HTTP 301
    https://www.emuparadise.me/biosfiles/bios.html Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/pagead/show_ads\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • <iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

151
Requests

92 %
HTTPS

38 %
IPv6

30
Domains

43
Subdomains

30
IPs

8
Countries

1632 kB
Transfer

4588 kB
Size

25
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://m.emuparadise.me/biosfiles/bios.html HTTP 301
    https://www.emuparadise.me/redirect/desktop/biosfiles/bios.html HTTP 301
    https://www.emuparadise.me/biosfiles/bios.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 76
  • https://ups.analytics.yahoo.com/ups/57628/sync?uid=18072662283319307903&_origin=1&redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/57628/sync?uid=18072662283319307903&_origin=1&redir=true&verify=true HTTP 302
  • https://a.tribalfusion.com/i.match?p=b17&u=y-TjG9QkpE2uhXBLPFuEQlwubCK.BhUmk-~A
Request Chain 77
  • https://a.tribalfusion.com/i.match?p=b24&u=18072662283319307903&redirect=https%3A%2F%2Fpublic-prod-dspcookiematching.dmxleo.com%2Fdspreply%3FdspId%3D15%26dspUserId%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://public-prod-dspcookiematching.dmxleo.com/dspreply?dspId=15&dspUserId=18072662283319307903
Request Chain 78
  • https://cm.g.doubleclick.net/pixel?google_nid=exp&google_cm&google_sc&google_ula=2786954&google_hm=18072662283319307903 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=exp&google_cm=&google_sc=&google_ula=2786954&google_hm=18072662283319307903&google_tc= HTTP 302
  • https://a.tribalfusion.com/i.match?p=b6&u=adx&google_gid=CAESEDtsYQvp0OSmmK4-_Rfrjug&google_cver=1&google_ula=2786954,0
Request Chain 84
  • https://dsum-sec.casalemedia.com/rrum?cm_dsp_id=131&external_user_id=18072662283319307903&cb=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db20%26u%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db20%26u%3D&cm_dsp_id=131&external_user_id=18072662283319307903&C=1 HTTP 302
  • https://a.tribalfusion.com/i.match?p=b20&u=Y1xqc2uj.juubyjF5-Oa9QAA
Request Chain 85
  • https://a.tribalfusion.com/i.match?p=b10&u=18072662283319307903&redirect=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D111756%26nid%3D3856%26put%3D%24TF_USER_ID_ENC%24%26expires%3D180 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=111756&nid=3856&put=18072662283319307903&expires=180
Request Chain 86
  • https://tags.bluekai.com/site/4229?id=18072662283319307903&redir=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db3%26u%3D%24_BK_UUID HTTP 302
  • https://a.tribalfusion.com/i.match?p=b3&u=$_BK_UUID
Request Chain 87
  • https://aa.agkn.com/adscores/g.pixel?sid=9212295768&_puid=18072662283319307903 HTTP 302
  • https://a.tribalfusion.com/i.match?p=b23&u=217403104318004077117
Request Chain 88
  • https://a.tribalfusion.com/i.match?p=b22&u=18072662283319307903&redirect=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dexponential%26partner_uid%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?partner=exponential&partner_uid=18072662283319307903
Request Chain 89
  • https://sync.search.spotxchange.com/partner?adv_id=8731&uid=18072662283319307903&redir=https%3A//a.tribalfusion.com/i.match%3Fp%3Db19%26u%3D$SPOTX_USER_ID HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=8731&uid=18072662283319307903&redir=https%3A//a.tribalfusion.com/i.match%3Fp%3Db19%26u%3D$SPOTX_USER_ID&__user_check__=1&sync_id=1ce481b8-571b-11ed-86b0-19da87bf0406 HTTP 302
  • https://a.tribalfusion.com/i.match?p=b19&u=1ce4813b-571b-11ed-86b0-19da87bf0406
Request Chain 90
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%253A//simage2.pubmatic.com/AdServer/Pug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%2526piggybackCookie%253D18072662283319307903%2526r%253Dhttps%25253A//a.tribalfusion.com/i.match%25253Fp%25253Db11%252526u%25253D%252524%25257BPUBMATIC_UID%25257D HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%253A//simage2.pubmatic.com/AdServer/Pug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%2526piggybackCookie%253D18072662283319307903%2526r%253Dhttps%25253A//a.tribalfusion.com/i.match%25253Fp%25253Db11%252526u%25253D%252524%25257BPUBMATIC_UID%25257D&rdf=1 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw&piggybackCookie=18072662283319307903&r=https%3A//a.tribalfusion.com/i.match%3Fp%3Db11%26u%3D%24%7BPUBMATIC_UID%7D HTTP 302
  • https://a.tribalfusion.com/i.match?p=b11&u=7F2DFD46-4F32-48E2-BEA8-A746F5193486
Request Chain 91
  • https://dpm.demdex.net/ibs:dpid=22054&dpuuid=18072662283319307903&redir=https%3A//a.tribalfusion.com/i.match%3Fp%3Db13%26u%3D%24%7BDD_UUID%7D HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22054&dpuuid=18072662283319307903&redir=https%3A//a.tribalfusion.com/i.match%3Fp%3Db13%26u%3D%24%7BDD_UUID%7D HTTP 302
  • https://a.tribalfusion.com/i.match?p=b13&u=62143095164925549483668007840757056425
Request Chain 121
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 122
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

151 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request bios.html
www.emuparadise.me/biosfiles/
Redirect Chain
  • https://m.emuparadise.me/biosfiles/bios.html
  • https://www.emuparadise.me/redirect/desktop/biosfiles/bios.html
  • https://www.emuparadise.me/biosfiles/bios.html
59 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.emuparadise.me/biosfiles/bios.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.109 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.12.0 / PHP/5.4.16
Resource Hash
7848b7839dfa976ed478cb6617ca0c2123e7a3db7c2345ccb0206bee5ec60529
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2071515
cache-control
max-age=0
content-encoding
gzip
content-length
11433
content-security-policy
upgrade-insecure-requests
content-type
text/html; charset=UTF-8
date
Fri, 28 Oct 2022 23:49:06 GMT
expires
Wed, 05 Oct 2022 07:49:02 GMT
server
nginx/1.12.0
vary
Accept-Encoding
via
1.1 varnish, 1.1 varnish
x-cache
HIT, HIT
x-cache-hits
454, 1
x-powered-by
PHP/5.4.16
x-served-by
cache-qpg1248-QPG, cache-hhn4055-HHN
x-timer
S1667000947.512602,VS0,VE1

Redirect headers

accept-ranges
bytes
cache-control
private, no-cache, no-store, proxy-revalidate, no-transform
content-length
185
content-type
text/html
date
Fri, 28 Oct 2022 23:49:06 GMT
location
https://www.emuparadise.me/biosfiles/bios.html
server
nginx/1.12.0
via
1.1 varnish, 1.1 varnish
x-cache
MISS, MISS
x-cache-hits
0, 0
x-served-by
cache-qpg1229-QPG, cache-hhn4055-HHN
x-timer
S1667000946.183925,VS0,VE321
emuparadise-1537970211.css
b64459531885200b3efb-5206a7b3a50a3f5974248375cd863061.ssl.cf1.rackcdn.com/comp/ 		56 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://b64459531885200b3efb-5206a7b3a50a3f5974248375cd863061.ssl.cf1.rackcdn.com/comp/emuparadise-1537970211.css
Requested by
Host: www.emuparadise.me
URL: https://www.emuparadise.me/biosfiles/bios.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.143 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-143.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
4bb12d70c666a520e92ce5323623ef456da29d874de55b2900f6938b860ce458

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.emuparadise.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Unused62
8096267
Date
Fri, 28 Oct 2022 23:49:06 GMT
Content-Encoding
gzip
Origin
https://mycloud.rackspace.com
Last-Modified
Wed, 26 Sep 2018 13:57:46 GMT
ETag
900ac5e6f75cfc609df8cf52aeb6e39f
Vary
Accept-Encoding
Content-Type
text/css
X-Timestamp
1537970265.54513
Cache-Control
public, max-age=4630040
Connection
keep-alive
Accept-Ranges
bytes
X-Trans-Id
txafb4249941314d63af6b8-005e75f65adfw1
Content-Length
11270
Expires
Wed, 21 Dec 2022 13:56:26 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.7/ 		93 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.7/jquery.min.js
Requested by
Host: www.emuparadise.me
URL: https://www.emuparadise.me/biosfiles/bios.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.emuparadise.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 05:59:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
323397
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33845
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 25 Oct 2023 05:59:09 GMT
emuparadise-1537970211.js
b64459531885200b3efb-5206a7b3a50a3f5974248375cd863061.ssl.cf1.rackcdn.com/comp/ 		70 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://b64459531885200b3efb-5206a7b3a50a3f5974248375cd863061.ssl.cf1.rackcdn.com/comp/emuparadise-1537970211.js
Requested by
Host: www.emuparadise.me
URL: https://www.emuparadise.me/biosfiles/bios.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.143 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-143.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0d6d87d86843ed0bc023cba55f7d1d2078ea087f968c8dc3e1cf65d59e26560b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.emuparadise.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Unused62
8096267
Date
Fri, 28 Oct 2022 23:49:06 GMT
Content-Encoding
gzip
Origin
https://mycloud.rackspace.com
Last-Modified
Wed, 26 Sep 2018 13:57:46 GMT
ETag
c4a74b6b255adb234084b946f4081e75
Vary
Accept-Encoding
Content-Type
text/javascript
X-Timestamp
1537970265.55555
Cache-Control
public, max-age=27632111
Connection
keep-alive
Accept-Ranges
bytes
X-Trans-Id
tx8d6a79f9a5e44f859c9bc-005f638066dfw1
Content-Length
23613
Expires
Wed, 13 Sep 2023 19:24:17 GMT
s1.png
b64459531885200b3efb-5206a7b3a50a3f5974248375cd863061.ssl.cf1.rackcdn.com/images/ 		559 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b64459531885200b3efb-5206a7b3a50a3f5974248375cd863061.ssl.cf1.rackcdn.com/images/s1.png
Requested by
Host: www.emuparadise.me
URL: https://www.emuparadise.me/biosfiles/bios.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.143 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-143.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
7e915777546516e196d2b26c4eb393423c54174d61fbf7a98259c33a4efdefdc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.emuparadise.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Unused62
8096267
Date
Fri, 28 Oct 2022 23:49:06 GMT
X-Object-Meta-Cache-Control
public%2Cmax-age%3D31536000
Last-Modified
Sat, 17 Aug 2013 08:44:26 GMT
ETag
af3773561c7c44de0d60bfe13e830d96
X-Object-Meta-Expires
Mon%2C%2016%20Sep%202025%2009%3A43%3A47%20WEST
Content-Type
image/png
X-Timestamp
1376729065.89558
Cache-Control
public, max-age=27774756
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
559
X-Trans-Id
tx160f9583dd2c45b881fc2-005fe17ae0dfw1
Expires
Fri, 15 Sep 2023 11:01:42 GMT
eplogo-tag.jpg
b64459531885200b3efb-5206a7b3a50a3f5974248375cd863061.ssl.cf1.rackcdn.com/graphics/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b64459531885200b3efb-5206a7b3a50a3f5974248375cd863061.ssl.cf1.rackcdn.com/graphics/eplogo-tag.jpg
Requested by
Host: www.emuparadise.me
URL: https://www.emuparadise.me/biosfiles/bios.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.143 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-143.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a2a699fa7e4ce101b9db469452f2631cc2ac7c887abe082617497274e243f0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.emuparadise.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Unused62
8096267
Date
Fri, 28 Oct 2022 23:49:06 GMT
X-Object-Meta-Cache-Control
public%2Cmax-age%3D31536000
Last-Modified
Sat, 17 Aug 2013 08:52:18 GMT
ETag
2cf73a9b2b593a3da2038ef33d25115c
X-Object-Meta-Expires
Mon%2C%2016%20Sep%202025%2009%3A52%3A13%20WEST
Content-Type
image/jpeg
X-Timestamp
1376729537.73098
Cache-Control
public, max-age=27129898
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
18720
X-Trans-Id
tx43157160777d4cb58e333-005fe17ae0dfw1
Expires
Thu, 07 Sep 2023 23:54:04 GMT
Facebook-icon.png
b64459531885200b3efb-5206a7b3a50a3f5974248375cd863061.ssl.cf1.rackcdn.com/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b64459531885200b3efb-5206a7b3a50a3f5974248375cd863061.ssl.cf1.rackcdn.com/Facebook-icon.png
Requested by
Host: www.emuparadise.me
URL: https://www.emuparadise.me/biosfiles/bios.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.143 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-143.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
432c736872d32e23225a118a9ee55f26126de76a49be04adbf2ddba534bb717d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.emuparadise.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Unused62
8096267
Date
Fri, 28 Oct 2022 23:49:06 GMT
X-Object-Meta-Cache-Control
public%2Cmax-age%3D31536000
Last-Modified
Sat, 17 Aug 2013 08:37:46 GMT
ETag
9d85c4d059a5276912b4e962849ef25e
X-Object-Meta-Expires
Mon%2C%2016%20Sep%202025%2009%3A37%3A11%20WEST
Content-Type
image/png
X-Timestamp
1376728665.11557
Cache-Control
public, max-age=27774736
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1666
X-Trans-Id
tx338017b2e2ed456a922cb-005fe17ae0dfw1
Expires
Fri, 15 Sep 2023 11:01:22 GMT
Twitter-icon.png
b64459531885200b3efb-5206a7b3a50a3f5974248375cd863061.ssl.cf1.rackcdn.com/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b64459531885200b3efb-5206a7b3a50a3f5974248375cd863061.ssl.cf1.rackcdn.com/images/Twitter-icon.png
Requested by
Host: www.emuparadise.me
URL: https://www.emuparadise.me/biosfiles/bios.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.143 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-143.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e8fd36555511bebb4ea6f4520ab3eb3de4acb772452cd9d37f461dfd3b93e994

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.emuparadise.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Unused62
8096267
Date
Fri, 28 Oct 2022 23:49:06 GMT
X-Object-Meta-Cache-Control
public%2Cmax-age%3D31536000
Last-Modified
Sat, 17 Aug 2013 08:44:32 GMT
ETag
cb49baac2cd813d139e9eb2cc46ecf18
X-Object-Meta-Expires
Mon%2C%2016%20Sep%202025%2009%3A43%3A47%20WEST
Content-Type
image/png
X-Timestamp
1376729071.33081
Cache-Control
public, max-age=21656284
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1746
X-Trans-Id
txa5c42a0002104528b9d85-005f638067dfw1
Expires
Thu, 06 Jul 2023 15:27:10 GMT
rssicon.png
b64459531885200b3efb-5206a7b3a50a3f5974248375cd863061.ssl.cf1.rackcdn.com/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b64459531885200b3efb-5206a7b3a50a3f5974248375cd863061.ssl.cf1.rackcdn.com/rssicon.png
Requested by
Host: www.emuparadise.me
URL: https://www.emuparadise.me/biosfiles/bios.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.143 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-143.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a5d4be9135e0400a2357c358d9f967d4a7d5ccc13c272b657932aae568e2ca61

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.emuparadise.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Unused62
8096267
Date
Fri, 28 Oct 2022 23:49:06 GMT
X-Object-Meta-Cache-Control
public%2Cmax-age%3D31536000
Last-Modified
Sat, 17 Aug 2013 08:46:12 GMT
ETag
b683c3bc3966e545d34439c152fcf921
X-Object-Meta-Expires
Mon%2C%2016%20Sep%202025%2009%3A46%3A07%20WEST
Content-Type
image/png
X-Timestamp
1376729171.56505
Cache-Control
public, max-age=27128223
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3437
X-Trans-Id
tx1259c100dc3d464e8f174-005fe17ae0dfw1
Expires
Thu, 07 Sep 2023 23:26:09 GMT
tags.js
tags.expo9.exponential.com/tags/EmuParadiseorg/ATF/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.expo9.exponential.com/tags/EmuParadiseorg/ATF/tags.js
Requested by
Host: www.emuparadise.me
URL: https://www.emuparadise.me/biosfiles/bios.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:cdb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c0e84e667672bf1c1c675beab334b374919c2a76172ddf890e48ac57b182f5ee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.emuparadise.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 23:49:06 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
p3p
CP="NOI DEVo TAIa OUR BUS"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2306
x-function
151
last-modified
Wed, 11 Aug 2021 04:08:51 GMT
server
cloudflare
x-reuse-index
565
etag
5909443542969422214
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=3600, public
cf-ray
761790ec5961993f-FRA
expires
Sat, 29 Oct 2022 00:49:06 GMT
mascot.gif
b64459531885200b3efb-5206a7b3a50a3f5974248375cd863061.ssl.cf1.rackcdn.com/graphics/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b64459531885200b3efb-5206a7b3a50a3f5974248375cd863061.ssl.cf1.rackcdn.com/graphics/mascot.gif
Requested by
Host: www.emuparadise.me
URL: https://www.emuparadise.me/biosfiles/bios.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.143 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-143.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
dcdc6d08c55dacf94f6a80c70f33a211542ae3d54755efa8a6f27c2fef7b7e18

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.emuparadise.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Unused62
8096267
Date
Fri, 28 Oct 2022 23:49:06 GMT
X-Object-Meta-Cache-Control
public%2Cmax-age%3D31536000
Last-Modified
Sat, 17 Aug 2013 08:52:30 GMT
ETag
8f86ea0a1b02b3628e80a2ae5fa42f3e
X-Object-Meta-Expires
Mon%2C%2016%20Sep%202025%2009%3A52%3A13%20WEST
Content-Type
image/gif
X-Timestamp
1376729549.01511
Cache-Control
public, max-age=29801091
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8065
X-Trans-Id
txa7e02b5543aa4f8cb5c33-005fe17ae0dfw1
Expires
Sun, 08 Oct 2023 21:53:57 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: b64459531885200b3efb-5206a7b3a50a3f5974248375cd863061.ssl.cf1.rackcdn.com
URL: https://b64459531885200b3efb-5206a7b3a50a3f5974248375cd863061.ssl.cf1.rackcdn.com/comp/emuparadise-1537970211.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.emuparadise.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 28 Oct 2022 23:01:58 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
2828
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Sat, 29 Oct 2022 01:01:58 GMT
beacon.js
sb.scorecardresearch.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: b64459531885200b3efb-5206a7b3a50a3f5974248375cd863061.ssl.cf1.rackcdn.com
URL: https://b64459531885200b3efb-5206a7b3a50a3f5974248375cd863061.ssl.cf1.rackcdn.com/comp/emuparadise-1537970211.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-17.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.emuparadise.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 04:25:32 GMT
content-encoding
gzip
via
1.1 c80fd33b8f8c4dff5488cc52ba797aa6.cloudfront.net (CloudFront)
last-modified
Tue, 28 Jun 2022 13:19:23 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
age
70999
x-amz-server-side-encryption
AES256
etag
W/"eaf85c1c6758e84acfe134efd70e9373"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
pb6He6Lfdn-GifOUOeuCeOmqh1Q2SrLeknX6bwjnBtjNakWe6RC2uQ==
post-widget.js
i.po.st/static/v4/ 		0
0
rciv.js
cdn.tynt.com/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.tynt.com/rciv.js
Requested by
Host: www.emuparadise.me
URL: https://www.emuparadise.me/biosfiles/bios.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.18.39 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
601459a3e208a28ad0efc45edd5dfe480785df1365f81fc45acec1231cd16674

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.emuparadise.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 23:49:06 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 21 Jul 2022 14:57:10 GMT
server
cloudflare
age
31722
etag
W/"62d96946-3fc5"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
761790ec8dca6901-FRA
expires
Mon, 31 Oct 2022 23:49:06 GMT
toprepeat.gif
b64459531885200b3efb-5206a7b3a50a3f5974248375cd863061.ssl.cf1.rackcdn.com/graphics/ 		120 B
666 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b64459531885200b3efb-5206a7b3a50a3f5974248375cd863061.ssl.cf1.rackcdn.com/graphics/toprepeat.gif
Requested by
Host: b64459531885200b3efb-5206a7b3a50a3f5974248375cd863061.ssl.cf1.rackcdn.com
URL: https://b64459531885200b3efb-5206a7b3a50a3f5974248375cd863061.ssl.cf1.rackcdn.com/comp/emuparadise-1537970211.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.143 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-143.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d6da0ca764e8868359ebf6451c2c650a06163d1112c9dc8378bf88ce5e486895

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b64459531885200b3efb-5206a7b3a50a3f5974248375cd863061.ssl.cf1.rackcdn.com/comp/emuparadise-1537970211.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Unused62
8096267
Date
Fri, 28 Oct 2022 23:49:06 GMT
X-Object-Meta-Cache-Control
public%2Cmax-age%3D31536000
Last-Modified
Sat, 17 Aug 2013 08:52:33 GMT
ETag
d20d7a1416d33c4bdaf9670564b58a40
X-Object-Meta-Expires
Mon%2C%2016%20Sep%202025%2009%3A52%3A13%20WEST
Content-Type
image/gif
X-Timestamp
1376729552.28827
Cache-Control
public, max-age=29793367
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
120
X-Trans-Id
tx0c61f7a96eaf484c82824-005fe4b3afdfw1
Expires
Sun, 08 Oct 2023 19:45:13 GMT
search-icon.png
b64459531885200b3efb-5206a7b3a50a3f5974248375cd863061.ssl.cf1.rackcdn.com/images/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b64459531885200b3efb-5206a7b3a50a3f5974248375cd863061.ssl.cf1.rackcdn.com/images/search-icon.png
Requested by
Host: b64459531885200b3efb-5206a7b3a50a3f5974248375cd863061.ssl.cf1.rackcdn.com
URL: https://b64459531885200b3efb-5206a7b3a50a3f5974248375cd863061.ssl.cf1.rackcdn.com/comp/emuparadise-1537970211.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.143 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-143.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
51b5cb15f29ab4955072d1c18f479b57df59a8da4113b1d41d889a49b84a9e0d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b64459531885200b3efb-5206a7b3a50a3f5974248375cd863061.ssl.cf1.rackcdn.com/comp/emuparadise-1537970211.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Unused62
8096267
Date
Fri, 28 Oct 2022 23:49:06 GMT
X-Object-Meta-Cache-Control
public%2Cmax-age%3D31536000
Last-Modified
Sat, 17 Aug 2013 08:44:28 GMT
ETag
77ebe1cb74c0ab78ffb356b4e990ef63
X-Object-Meta-Expires
Mon%2C%2016%20Sep%202025%2009%3A43%3A47%20WEST
Content-Type
image/png
X-Timestamp
1376729067.70369
Cache-Control
public, max-age=30039067
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4794
X-Trans-Id
tx9beb8d2c161541ff99f72-005fe4b3afdfw1
Expires
Wed, 11 Oct 2023 16:00:13 GMT
b
sb.scorecardresearch.com/ 		0
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b?c1=2&c2=17084928&cs_it=b3&cv=3.8.0.210223&ns__t=1667000946642&ns_c=UTF-8&c7=https%3A%2F%2Fwww.emuparadise.me%2Fbiosfiles%2Fbios.html&c8=Play%20classic%20video%20games%20on%20your%20computer%20or%20mobile%20device%20%7C%20Emuparadise&c9=
Requested by
Host: www.emuparadise.me
URL: https://www.emuparadise.me/biosfiles/bios.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-17.fra60.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.emuparadise.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 23:49:06 GMT
via
1.1 c80fd33b8f8c4dff5488cc52ba797aa6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
x-amz-cf-id
7p28ejHQiPO8Dvh19tl7GlEMOPKnwEl79VG3jiHjGF419PiO2vtvEA==
x-cache
Miss from cloudfront
collect
www.google-analytics.com/j/ 		2 B
209 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1643131713&t=pageview&_s=1&dl=https%3A%2F%2Fwww.emuparadise.me%2Fbiosfiles%2Fbios.html&ul=en-us&de=UTF-8&dt=Play%20classic%20video%20games%20on%20your%20computer%20or%20mobile%20device%20%7C%20Emuparadise&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IGBACEABBAAAACAAI~&jid=1066366296&gjid=1835648613&cid=991856031.1667000947&tid=UA-311943-2&_gid=2049919509.1667000947&_r=1&_slc=1&z=147816595
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.emuparadise.me/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 28 Oct 2022 23:49:06 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.emuparadise.me
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
aIXlJ0wPOr6ijYaKlId8sQ.js
sc.tynt.com/script/sc/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sc.tynt.com/script/sc/aIXlJ0wPOr6ijYaKlId8sQ.js
Requested by
Host: cdn.tynt.com
URL: https://cdn.tynt.com/rciv.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.18.39 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
69b03da6c9193013367a55a5d7abfe8d714b725ac4bd60afb3eec24b337028cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.emuparadise.me/biosfiles/bios.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 23:49:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
387350
status
200 OK
x-xss-protection
1; mode=block
x-request-id
96d86529-f914-4660-80a6-628c75a7dce1
x-runtime
0.003073
x-content-digest
cf78f00141fc9981dfd698bef8a8d0eb1a22b41c
last-modified
Sat, 22 Oct 2022 14:04:18 GMT
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
max-age=3600, public, s-maxage=172800
cf-ray
761790ecbe0e6901-FRA
x-rack-cache
fresh
expires
Sat, 22 Oct 2022 20:31:59 GMT
sic.js
cdn-sic.33across.com/1/javascripts/ 		442 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-sic.33across.com/1/javascripts/sic.js
Requested by
Host: cdn.tynt.com
URL: https://cdn.tynt.com/rciv.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.22.45 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Love
Resource Hash
4d429b34a4864bd33d77d0b240f13c196d4cc84784b33cedf242292c00768eb4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.emuparadise.me/biosfiles/bios.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 23:49:06 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 08 Jul 2022 20:20:02 GMT
server
cloudflare
age
365975
etag
W/"62c89172-6e9b3"
x-powered-by
Love
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=3600
cf-ray
761790ed1d099c0a-FRA
expires
Sat, 29 Oct 2022 00:49:06 GMT
p
ic.tynt.com/b/ 		0
227 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ic.tynt.com/b/p?id=aIXlJ0wPOr6ijYaKlId8sQ&lm=0&ts=1667000946714&dn=RCIV&iso=0&t=Play%20classic%20video%20games%20on%20your%20computer%20or%20mobile%20device%20%7C%20Emuparadise
Requested by
Host: www.emuparadise.me
URL: https://www.emuparadise.me/biosfiles/bios.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.33 Tinley Park, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip33.67-202-105.static.steadfastdns.net
Software
nginx/1.16.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.emuparadise.me/biosfiles/bios.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

expires
"Sat, 26 Jul 1997 05:00:00 GMT"
date
Fri, 28 Oct 2022 23:49:06 GMT
cache-control
"no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
server
nginx/1.16.1
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
sic.css
cdn-sic.33across.com/1/stylesheets/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn-sic.33across.com/1/stylesheets/sic.css
Requested by
Host: cdn-sic.33across.com
URL: https://cdn-sic.33across.com/1/javascripts/sic.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.22.45 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Love
Resource Hash
4c821f2d169369324022057e9948ed8f9d45794d18b6c8c3fbbba900bb65158c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.emuparadise.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 23:49:06 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 08 Jul 2022 20:20:02 GMT
server
cloudflare
age
578276
etag
W/"62c89172-1c90"
x-powered-by
Love
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=3600
cf-ray
761790edadc49c0a-FRA
expires
Sat, 29 Oct 2022 00:49:06 GMT
ast.js
acdn.adnxs.com/ast/ Frame 7DD8 		92 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/ast/ast.js
Requested by
Host: cdn-sic.33across.com
URL: https://cdn-sic.33across.com/1/javascripts/sic.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
90352cd429fceb3b816c9418248ab076c32d27239cc9bdf453287b07c952fe93

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.emuparadise.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Expires
Tue, 18 Oct 2022 12:32:40 GMT
Date
Fri, 28 Oct 2022 23:49:06 GMT
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Age
40566
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
32131
X-Served-By
cache-lga21942-LGA, cache-hhn4064-HHN
Last-Modified
Mon, 17 Oct 2022 12:28:46 GMT
Server
nginx/1.18.0 (Ubuntu)
X-Timer
S1667000947.872344,VS0,VE0
ETag
W/"634d4a7e-16e64"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Accept-Ranges
bytes
X-Cache-Hits
12, 11626
apstag.js
c.amazon-adsystem.com/aax2/ Frame 512D 		177 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: cdn-sic.33across.com
URL: https://cdn-sic.33across.com/1/javascripts/sic.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.108.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-108-49.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6952d75a2aaa80c38068102af0b81541c127ce80a62b183f9a6d4197a4c2e31f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.emuparadise.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 23:39:35 GMT
content-encoding
gzip
via
1.1 36cd2d0f34e25c2dc5099656a60bedac.cloudfront.net (CloudFront), 1.1 08d7dbeb0736051b46014fbaac0a421e.cloudfront.net (CloudFront)
last-modified
Wed, 26 Oct 2022 19:24:54 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, FRA56-P5
age
572
x-amz-server-side-encryption
AES256
etag
W/"95738dd931cd70a132d12a456f44b79f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
Yuw7klnpWO4NjMTBSM1AT7Ci4c0cBoeJLqvq_gI6QepoaQS4BxS9nA==
authorize
sic.33across.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sic.33across.com/authorize?usPrivacy=&version=3.23.0&agent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F107.0.5304.87%20Safari%2F537.36&product=inview&userId=&lexId=&sessionId=&publisherURL=https%3A%2F%2Fwww.emuparadise.me%2Fbiosfiles%2Fbios.html&referrerURL=&publisherId=aIXlJ0wPOr6ijYaKlId8sQ&publisher=emuparadise.me&maxTouchPoints=0&navigatorPropsCount=62&viewportWidth=1600&viewportHeight=1200&screenWidth=1600&screenHeight=1200&screenAvailHeight=1200&devicePixelRatio=1&scrollX=0&scrollY=0&pageVisibility=visible&pageWidth=1600&pageHeight=1200&_=1667000946849&callback=_tynt_jp.a8961fikt
Requested by
Host: cdn-sic.33across.com
URL: https://cdn-sic.33across.com/1/javascripts/sic.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.21 Tinley Park, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip21.67-202-105.static.steadfastdns.net
Software
/ Love
Resource Hash
3cec72a3524be478381f26b0c1b5975435c93c322d1b6b17c55de515a035bb0d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.emuparadise.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 23:49:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-powered-by
Love
etag
W/"634-1ZhH1oEZVVf8VR23YWxYOJVllEg"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE
content-type
text/javascript; charset=utf-8
status
200 OK
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Authorization
tags.js
s.tribalfusion.com/real/tags/EmuParadiseorg/ATF/ Frame 0C67 		59 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/real/tags/EmuParadiseorg/ATF/tags.js
Requested by
Host: tags.expo9.exponential.com
URL: https://tags.expo9.exponential.com/tags/EmuParadiseorg/ATF/tags.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
974f9ffb3f149633bffb217029cc4fb0cc1e40eeb2cc936054f55b98718e129b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.emuparadise.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 23:49:07 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
p3p
CP="NOI DEVo TAIa OUR BUS"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
14201
x-function
151
last-modified
Wed, 11 Aug 2021 04:08:51 GMT
server
cloudflare
x-reuse-index
189
etag
361907809931094916
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=3600, private
cf-ray
761790edf9b591f3-FRA
expires
Sat, 29 Oct 2022 00:49:06 GMT
smallpalm.gif
b64459531885200b3efb-5206a7b3a50a3f5974248375cd863061.ssl.cf1.rackcdn.com/graphics/ 		204 B
750 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b64459531885200b3efb-5206a7b3a50a3f5974248375cd863061.ssl.cf1.rackcdn.com/graphics/smallpalm.gif
Requested by
Host: b64459531885200b3efb-5206a7b3a50a3f5974248375cd863061.ssl.cf1.rackcdn.com
URL: https://b64459531885200b3efb-5206a7b3a50a3f5974248375cd863061.ssl.cf1.rackcdn.com/comp/emuparadise-1537970211.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.143 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-143.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ddccee94532e36265390e5c93503c8bc30525834a36ec19fd8aef385d3e842d9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b64459531885200b3efb-5206a7b3a50a3f5974248375cd863061.ssl.cf1.rackcdn.com/comp/emuparadise-1537970211.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Unused62
8096267
Date
Fri, 28 Oct 2022 23:49:06 GMT
X-Object-Meta-Cache-Control
public%2Cmax-age%3D31536000
Last-Modified
Sat, 17 Aug 2013 08:52:31 GMT
ETag
0ce532e3d8ad76216db9cbc429e97689
X-Object-Meta-Expires
Mon%2C%2016%20Sep%202025%2009%3A52%3A13%20WEST
Content-Type
image/gif
X-Timestamp
1376729550.70383
Cache-Control
public, max-age=29801557
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
204
X-Trans-Id
tx97e58f2471274c2888205-005fe4b3b0dfw1
Expires
Sun, 08 Oct 2023 22:01:43 GMT
tags.js
s.tribalfusion.com/real/tags/EmuParadiseorg/ATF/ Frame B475 		59 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/real/tags/EmuParadiseorg/ATF/tags.js
Requested by
Host: tags.expo9.exponential.com
URL: https://tags.expo9.exponential.com/tags/EmuParadiseorg/ATF/tags.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
974f9ffb3f149633bffb217029cc4fb0cc1e40eeb2cc936054f55b98718e129b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.emuparadise.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 23:49:07 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
p3p
CP="NOI DEVo TAIa OUR BUS"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
14201
x-function
151
last-modified
Wed, 11 Aug 2021 04:08:51 GMT
server
cloudflare
x-reuse-index
228
etag
361907809931094916
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=3600, private
cf-ray
761790edf9b691f3-FRA
expires
Sat, 29 Oct 2022 00:49:06 GMT
heart.png
b64459531885200b3efb-5206a7b3a50a3f5974248375cd863061.ssl.cf1.rackcdn.com/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b64459531885200b3efb-5206a7b3a50a3f5974248375cd863061.ssl.cf1.rackcdn.com/images/heart.png
Requested by
Host: b64459531885200b3efb-5206a7b3a50a3f5974248375cd863061.ssl.cf1.rackcdn.com
URL: https://b64459531885200b3efb-5206a7b3a50a3f5974248375cd863061.ssl.cf1.rackcdn.com/comp/emuparadise-1537970211.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.143 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-143.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
34a83b5deedbc6b2c2739d8189b62f5e9af1a46ebc75ec4e1b50a0a81c301f43

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b64459531885200b3efb-5206a7b3a50a3f5974248375cd863061.ssl.cf1.rackcdn.com/comp/emuparadise-1537970211.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Unused62
8096267
Date
Fri, 28 Oct 2022 23:49:06 GMT
X-Object-Meta-Cache-Control
public%2Cmax-age%3D31536000
Last-Modified
Sat, 17 Aug 2013 08:44:21 GMT
ETag
056b237483e2aa9886ee508ee7d31516
X-Object-Meta-Expires
Mon%2C%2016%20Sep%202025%2009%3A43%3A47%20WEST
Content-Type
image/png
X-Timestamp
1376729060.07849
Cache-Control
public, max-age=29801557
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1767
X-Trans-Id
txc90230031f8b45b88b8b3-005fe4b3b0dfw1
Expires
Sun, 08 Oct 2023 22:01:43 GMT
tags.js
s.tribalfusion.com/real/tags/EmuParadiseorg/ATF/ Frame 1AF2 		59 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/real/tags/EmuParadiseorg/ATF/tags.js
Requested by
Host: tags.expo9.exponential.com
URL: https://tags.expo9.exponential.com/tags/EmuParadiseorg/ATF/tags.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
974f9ffb3f149633bffb217029cc4fb0cc1e40eeb2cc936054f55b98718e129b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.emuparadise.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 23:49:07 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
p3p
CP="NOI DEVo TAIa OUR BUS"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
14201
x-function
151
last-modified
Wed, 11 Aug 2021 04:08:51 GMT
server
cloudflare
x-reuse-index
191
etag
361907809931094916
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=3600, private
cf-ray
761790edf9ba91f3-FRA
expires
Sat, 29 Oct 2022 00:49:06 GMT
rotd1.png
b64459531885200b3efb-5206a7b3a50a3f5974248375cd863061.ssl.cf1.rackcdn.com/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b64459531885200b3efb-5206a7b3a50a3f5974248375cd863061.ssl.cf1.rackcdn.com/images/rotd1.png
Requested by
Host: b64459531885200b3efb-5206a7b3a50a3f5974248375cd863061.ssl.cf1.rackcdn.com
URL: https://b64459531885200b3efb-5206a7b3a50a3f5974248375cd863061.ssl.cf1.rackcdn.com/comp/emuparadise-1537970211.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.143 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-143.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
9272deaba258052abfdca7f8a720c98f972e76dfbff62b73d8411c76c3e5088c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b64459531885200b3efb-5206a7b3a50a3f5974248375cd863061.ssl.cf1.rackcdn.com/comp/emuparadise-1537970211.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Unused62
8096267
Date
Fri, 28 Oct 2022 23:49:06 GMT
X-Object-Meta-Cache-Control
public%2Cmax-age%3D31536000
Last-Modified
Sat, 17 Aug 2013 08:44:24 GMT
ETag
3f52a8f58f072e8fe3f2c9d76dfb3b12
X-Object-Meta-Expires
Mon%2C%2016%20Sep%202025%2009%3A43%3A47%20WEST
Content-Type
image/png
X-Timestamp
1376729063.60991
Cache-Control
public, max-age=29793404
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2921
X-Trans-Id
tx89043a8c318e433195667-005fe4b3b0dfw1
Expires
Sun, 08 Oct 2023 19:45:50 GMT
ui-bg_flat_75_6b91a4_40x100.png
b64459531885200b3efb-5206a7b3a50a3f5974248375cd863061.ssl.cf1.rackcdn.com/images/ 		213 B
759 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b64459531885200b3efb-5206a7b3a50a3f5974248375cd863061.ssl.cf1.rackcdn.com/images/ui-bg_flat_75_6b91a4_40x100.png
Requested by
Host: b64459531885200b3efb-5206a7b3a50a3f5974248375cd863061.ssl.cf1.rackcdn.com
URL: https://b64459531885200b3efb-5206a7b3a50a3f5974248375cd863061.ssl.cf1.rackcdn.com/comp/emuparadise-1537970211.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.143 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-143.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
9835a69ecb524330162090fbfdd3c070e4598540584312915b1bfe547e258717

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b64459531885200b3efb-5206a7b3a50a3f5974248375cd863061.ssl.cf1.rackcdn.com/comp/emuparadise-1537970211.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Unused62
8096267
Date
Fri, 28 Oct 2022 23:49:06 GMT
X-Object-Meta-Cache-Control
public%2Cmax-age%3D31536000
Last-Modified
Sat, 17 Aug 2013 08:44:47 GMT
ETag
24cf03d9d2bc0538549d1237f451c2a5
X-Object-Meta-Expires
Mon%2C%2016%20Sep%202025%2009%3A43%3A47%20WEST
Content-Type
image/png
X-Timestamp
1376729086.72329
Cache-Control
public, max-age=30007133
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
213
X-Trans-Id
txd111b6f05bb04b61bf755-005fe8a8fcdfw1
Expires
Wed, 11 Oct 2023 07:07:59 GMT
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 512D 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.108.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-108-49.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.emuparadise.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-amz-version-id
GByBGE9Pk5QvO6waz.2OH5fe1oGEkMED
content-encoding
gzip
via
1.1 edffe6978db53d114a80cda421e0b6b8.cloudfront.net (CloudFront)
date
Fri, 28 Oct 2022 01:49:03 GMT
x-amz-cf-pop
FRA56-P5
age
79204
x-cache
Hit from cloudfront
last-modified
Fri, 21 Oct 2022 19:58:26 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
Z6xZJzoI_w5J8Dl-2uoUf0Si3MoY3V08tQOoG_ufjbAIP6ZzGb9wGg==
v2
de.tynt.com/deb/ 		4 B
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://de.tynt.com/deb/v2?id=aIXlJ0wPOr6ijYaKlId8sQ&dn=RCIV&cc=1&r=
Requested by
Host: cdn.tynt.com
URL: https://cdn.tynt.com/rciv.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.31 Tinley Park, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip31.67-202-105.static.steadfastdns.net
Software
/
Resource Hash
d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.emuparadise.me/biosfiles/bios.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
date
Fri, 28 Oct 2022 23:49:06 GMT
cache-control
max-age=86400
content-type
application/javascript
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-length
4
expires
Sat, 29 Oct 2022 23:49:07 GMT
v2
de.tynt.com/deb/ 		4 B
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://de.tynt.com/deb/v2?m=xch&id=aIXlJ0wPOr6ijYaKlId8sQ&dn=RCIV&cc=1&r=
Requested by
Host: cdn.tynt.com
URL: https://cdn.tynt.com/rciv.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.31 Tinley Park, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip31.67-202-105.static.steadfastdns.net
Software
/
Resource Hash
d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.emuparadise.me/biosfiles/bios.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
date
Fri, 28 Oct 2022 23:49:06 GMT
cache-control
max-age=86400
content-type
application/javascript
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-length
4
expires
Sat, 29 Oct 2022 23:49:07 GMT
p
ic.tynt.com/b/ 		0
227 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ic.tynt.com/b/p?id=aIXlJ0wPOr6ijYaKlId8sQ&lm=0&ts=1667000946714&dn=RCIV&iso=0&t=Play%20classic%20video%20games%20on%20your%20computer%20or%20mobile%20device%20%7C%20Emuparadise
Requested by
Host: www.emuparadise.me
URL: https://www.emuparadise.me/biosfiles/bios.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.33 Tinley Park, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip33.67-202-105.static.steadfastdns.net
Software
nginx/1.16.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.emuparadise.me/biosfiles/bios.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

expires
"Sat, 26 Jul 1997 05:00:00 GMT"
date
Fri, 28 Oct 2022 23:49:07 GMT
cache-control
"no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
server
nginx/1.16.1
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
displayAd.js
s.tribalfusion.com/ Frame 1AF2 		679 B
914 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/displayAd.js?dver=0.9&th=7577927186
Requested by
Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/real/tags/EmuParadiseorg/ATF/tags.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
223316825e7244d2129aba66a172ce81af4263ea57a026e519b5b35bffad7366

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.emuparadise.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 23:49:07 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
x-function
153
last-modified
Wed, 11 Aug 2021 04:08:51 GMT
server
cloudflare
x-reuse-index
31
vary
Accept-Encoding
content-type
application/x-javascript
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
private
cf-ray
761790ef7a8d9b2e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
333
expires
Thu, 26 Jan 2023 23:49:07 GMT
displayAd.js
s.tribalfusion.com/ Frame 0C67 		677 B
878 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/displayAd.js?dver=0.9&th=7577927186
Requested by
Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/real/tags/EmuParadiseorg/ATF/tags.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c5e9bab22cec080e7cf0f3ea849dfb10f40e2002cbc5575a343832115e1a41c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.emuparadise.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 23:49:07 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
x-function
153
last-modified
Wed, 11 Aug 2021 04:08:51 GMT
server
cloudflare
x-reuse-index
416
vary
Accept-Encoding
content-type
application/x-javascript
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
private
cf-ray
761790ef7a8b9b2e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
330
expires
Thu, 26 Jan 2023 23:49:07 GMT
displayAd.js
s.tribalfusion.com/ Frame B475 		677 B
879 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/displayAd.js?dver=0.9&th=7577927186
Requested by
Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/real/tags/EmuParadiseorg/ATF/tags.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
135e537700aeaa04b8bd2eb398bce126949d20024a9c4d8a9b2fb758510684fa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.emuparadise.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 23:49:07 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
x-function
153
last-modified
Wed, 11 Aug 2021 04:08:51 GMT
server
cloudflare
x-reuse-index
412
vary
Accept-Encoding
content-type
application/x-javascript
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
private
cf-ray
761790ef7a919b2e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
330
expires
Thu, 26 Jan 2023 23:49:07 GMT
p
ic.tynt.com/b/ 		0
227 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ic.tynt.com/b/p?id=aIXlJ0wPOr6ijYaKlId8sQ&lm=0&ts=1667000946714&dn=RCIV&iso=0&t=Play%20classic%20video%20games%20on%20your%20computer%20or%20mobile%20device%20%7C%20Emuparadise
Requested by
Host: www.emuparadise.me
URL: https://www.emuparadise.me/biosfiles/bios.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.33 Tinley Park, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip33.67-202-105.static.steadfastdns.net
Software
nginx/1.16.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.emuparadise.me/biosfiles/bios.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

expires
"Sat, 26 Jul 1997 05:00:00 GMT"
date
Fri, 28 Oct 2022 23:49:07 GMT
cache-control
"no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
server
nginx/1.16.1
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame B138 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn-sic.33across.com
URL: https://cdn-sic.33across.com/1/javascripts/sic.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
22676883b88e293be6404e8fe60c0386be883ef7360ead856e1db3e3b69efbe6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.emuparadise.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 23:49:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27394
x-xss-protection
0
server
sffe
etag
"1377 / 114 of 1000 / last-modified: 1666994777"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 28 Oct 2022 23:49:07 GMT
p
ic.tynt.com/b/ 		0
227 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ic.tynt.com/b/p?id=aIXlJ0wPOr6ijYaKlId8sQ&lm=0&ts=1667000946714&dn=RCIV&iso=0
Requested by
Host: www.emuparadise.me
URL: https://www.emuparadise.me/biosfiles/bios.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.33 Tinley Park, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip33.67-202-105.static.steadfastdns.net
Software
nginx/1.16.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.emuparadise.me/biosfiles/bios.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

expires
"Sat, 26 Jul 1997 05:00:00 GMT"
date
Fri, 28 Oct 2022 23:49:07 GMT
cache-control
"no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
server
nginx/1.16.1
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
j.ad
s.tribalfusion.com/ Frame 1AF2 		9 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/j.ad?flashVer=0&ver=1.29&th=7577927186&tagKey=1784569794&loaderVer=0.1&site=emuparadiseorg&adSpace=atf&center=1&json=1&callback=e9Manager.setSingleAdResponse&env=display&size=300x250&busted=1&url=https%3A%2F%2Fwww.emuparadise.me%2Fbiosfiles%2Fbios.html&f=0&p=866515&tKey=aQmneMQmfF2HBy1WZbJmdZanSS38TQvyQL&a=1&adContainerId=richmedia_2&rnd=869191
Requested by
Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/real/tags/EmuParadiseorg/ATF/tags.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7711f39fa3b6bcbbd33905137586fd08e15c58ca5bf662e65ca7fc52dae12c29

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.emuparadise.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Oct 2022 23:49:07 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
x-function
101
server
cloudflare
x-reuse-index
31
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
private, no-cache, no-store, proxy-revalidate
cf-ray
761790f08bb69b2e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4138
expires
0
j.ad
s.tribalfusion.com/ Frame 0C67 		832 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/j.ad?flashVer=0&ver=1.29&th=7577927186&tagKey=1784569794&loaderVer=0.1&site=emuparadiseorg&adSpace=atf&center=1&json=1&callback=e9Manager.setSingleAdResponse&env=display&size=970x250,728x90&busted=1&url=https%3A%2F%2Fwww.emuparadise.me%2Fbiosfiles%2Fbios.html&f=0&p=866515&tKey=aKmneMXTQp5EYd5aj1nTjLUGJRTQvTld&a=3&adContainerId=richmedia_4&rnd=873438
Requested by
Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/real/tags/EmuParadiseorg/ATF/tags.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b8b63b857c0a7c2fe467eabcfd331c657e3a9d69722f121b1d159a6925a3a344

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.emuparadise.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Oct 2022 23:49:07 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
x-function
101
server
cloudflare
x-reuse-index
196
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
private, no-cache, no-store, proxy-revalidate
cf-ray
761790f08bb89b2e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
591
expires
0
j.ad
s.tribalfusion.com/ Frame B475 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/j.ad?flashVer=0&ver=1.29&th=7577927186&tagKey=1784569794&loaderVer=0.1&site=emuparadiseorg&adSpace=atf&center=1&json=1&callback=e9Manager.setSingleAdResponse&env=display&size=160x600&busted=1&url=https%3A%2F%2Fwww.emuparadise.me%2Fbiosfiles%2Fbios.html&f=0&p=866515&tKey=a4mneMmbnLXVbYXcJ51GfoMdbbTQvUtV&a=5&adContainerId=richmedia_6&rnd=866031
Requested by
Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/real/tags/EmuParadiseorg/ATF/tags.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c1c92c91b9bcee08af4c8401aef46821042abf1ae49abfb06c82fcd66031973

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.emuparadise.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Oct 2022 23:49:07 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
x-function
101
server
cloudflare
x-reuse-index
506
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
private, no-cache, no-store, proxy-revalidate
cf-ray
761790f08bc39b2e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1842
expires
0
pubads_impl_2022102601.js
securepubads.g.doubleclick.net/gpt/ Frame B138 		378 KB
127 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102601.js?cb=31070618
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f694ee2c9d59f662b923098dcd9fad758c1033f33d80ff72f992b8356bf527eb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.emuparadise.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 15:54:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
28471
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
130414
x-xss-protection
0
last-modified
Wed, 26 Oct 2022 08:37:01 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 28 Oct 2023 15:54:36 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ Frame B138 		209 B
157 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.emuparadise.me
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
45a2aca57e3d347627d9cb6804c33eedbc30a9943613f29c703d93b87aaa3470
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.emuparadise.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 23:49:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
132
x-xss-protection
0
expires
Fri, 28 Oct 2022 23:49:07 GMT
p
ic.tynt.com/b/ 		0
227 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ic.tynt.com/b/p?id=aIXlJ0wPOr6ijYaKlId8sQ&lm=0&ts=1667000946714&dn=RCIV&iso=0
Requested by
Host: www.emuparadise.me
URL: https://www.emuparadise.me/biosfiles/bios.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.33 Tinley Park, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip33.67-202-105.static.steadfastdns.net
Software
nginx/1.16.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.emuparadise.me/biosfiles/bios.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

expires
"Sat, 26 Jul 1997 05:00:00 GMT"
date
Fri, 28 Oct 2022 23:49:07 GMT
cache-control
"no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
server
nginx/1.16.1
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
p
ic.tynt.com/b/ 		0
227 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ic.tynt.com/b/p?id=aIXlJ0wPOr6ijYaKlId8sQ&lm=0&ts=1667000946714&dn=RCIV&iso=0
Requested by
Host: www.emuparadise.me
URL: https://www.emuparadise.me/biosfiles/bios.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.33 Tinley Park, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip33.67-202-105.static.steadfastdns.net
Software
nginx/1.16.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.emuparadise.me/biosfiles/bios.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

expires
"Sat, 26 Jul 1997 05:00:00 GMT"
date
Fri, 28 Oct 2022 23:49:07 GMT
cache-control
"no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
server
nginx/1.16.1
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame B475 		122 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/real/tags/EmuParadiseorg/ATF/tags.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
aac4ee0bce6764a93e0c10d9b025a783480343023e91b05806afd58454a6152d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.emuparadise.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 23:49:07 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40196
x-xss-protection
0
server
cafe
etag
6008069590244996094
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 28 Oct 2022 23:49:07 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 1AF2 		122 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/real/tags/EmuParadiseorg/ATF/tags.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6371cf08b8bdb09d35f27143c1d00c8dadd93e29992a193fd9b3374e4d2fe1b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.emuparadise.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 23:49:07 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40199
x-xss-protection
0
server
cafe
etag
13086308343832939116
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 28 Oct 2022 23:49:07 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 0C67 		122 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/real/tags/EmuParadiseorg/ATF/tags.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3fbab7a147bbfdd59bd8048d6e61c7d52e6163df8189e6c01ebd635ea57e08c9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.emuparadise.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 23:49:07 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40199
x-xss-protection
0
server
cafe
etag
4429434831376966774
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 28 Oct 2022 23:49:07 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210250101/ Frame B475 		353 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210250101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8349397313676385&plah=www.emuparadise.me
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d34f7099998f0f66e3af4ed82aa8ed9f331b503f50f3a18b1adc648cdbec6be3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.emuparadise.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 23:49:07 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
118893
x-xss-protection
0
server
cafe
etag
5002601150888419640
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 28 Oct 2022 23:49:07 GMT
p.media
s.tribalfusion.com/ Frame 6EFC 		213 B
450 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/p.media?clickID=akmURgWUYYTtQ2nUYmPU7t1Enp3Eji5TYRoEZbHXUJfUdfQnAYLpGQrpW3C3EY73Wuy5P7ZcprnG0VnPYcF20cfonqbW3rYVTFvBUA3TQa3QQsZbrSdby0djtT6vp2GB5XrBJVmau4mYePPMC4HYp0tMAndix3mv04GYeVcQjWsMePPYoTHFPUrB23rZarUqroTTncPaYGQc7BPUInPt7iUVb52Fy4mWqOOQQyM8EGtFftpZc7CQl&mediaDataID=6347136&mediaName=frame.html
Requested by
Host: www.emuparadise.me
URL: https://www.emuparadise.me/biosfiles/bios.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
138a4038dfd7617ee98b0974a5d2e31f2b991c798f95a5d6a32d456000af8e46

Request headers

Referer
https://www.emuparadise.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
private, no-cache, no-store, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
761790f21d719b2e-FRA
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Fri, 28 Oct 2022 23:49:07 GMT
expires
0
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
vary
Accept-Encoding
x-function
102
x-reuse-index
498
p.media
s.tribalfusion.com/ Frame 911F 		309 B
526 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/p.media?clickID=aAmURgTFfEUAv3RTr3QsvqStYO0WFoWP3p4cn0YrQDTPup5PM8R6ZbF3Hvq0WQAnHTm5mYQ3sveVsQdWcMeRmUnUHYTUU7Y5bTtUqQvWqnlQEBKSVZbZbQFisPHMiWcbU4binodyMXTyp2WbHSV7A4PrHoderVHfeYU3i1UB90qqtPbUZbTrBPVHYUnbbsRUjr1EMr4aZbd2TQQmqZbA1FUfWHMXoArans7wU8PGyBiexqiFnetjXO&mediaDataID=8039566&mediaName=frame.html
Requested by
Host: www.emuparadise.me
URL: https://www.emuparadise.me/biosfiles/bios.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb1a5d81ec9fcfcee22126973280422a4c694734593b0a1c9c46a44ab39d831c

Request headers

Referer
https://www.emuparadise.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
private, no-cache, no-store, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
761790f21d729b2e-FRA
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Fri, 28 Oct 2022 23:49:07 GMT
expires
0
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
vary
Accept-Encoding
x-function
102
x-reuse-index
415
p.media
s.tribalfusion.com/ Frame F1BC 		242 B
458 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/p.media?clickID=aCmURg5bEoUqroVTQiSarZaQVjKPUIxSHYiUGUP5byxmH6sYqXv4dUAPVBH4m3HoHPNTHJ90bMi1FBf0aqtRFYZcUr30VWUXorYqRUJNXaMy5EUi4EYPmEJH1rJfUtMRm6bLpGfuodMJ3qZbf5dao56FGnrUZb0VQYXVnTXG7nnEvT5UY2WbnBWmYYPEj2ScUsStjy0H7xTPUm2Vn30bZbDVmiw2PQZbPPMKxoqmxR6JWaAJnPygPO&mediaDataID=4056396&mediaName=frame.html
Requested by
Host: www.emuparadise.me
URL: https://www.emuparadise.me/biosfiles/bios.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9ead6ed8f33ce75a675ff5efc38c0e8ac031e3e9167c5ed3da9d3952658f691

Request headers

Referer
https://www.emuparadise.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
private, no-cache, no-store, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
761790f21d779b2e-FRA
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Fri, 28 Oct 2022 23:49:07 GMT
expires
0
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
vary
Accept-Encoding
x-function
102
x-reuse-index
310
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210250101/ Frame 1AF2 		353 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210250101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8349397313676385&plah=www.emuparadise.me&bust=31070590
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d4d6432a012111c5337920626d8e5255a095018c6de5eeff4f461a3559803916
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.emuparadise.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 23:49:07 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
118893
x-xss-protection
0
server
cafe
etag
16613343371243819961
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 28 Oct 2022 23:49:07 GMT
p.media
s.tribalfusion.com/ Frame 263B 		381 B
557 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/p.media?clickID=aomURgT6Mv4sY40FYZdV66p2PvbRmbH3WrOXHnZdmHAo5AUP4s36Vcv8VsJfRPUoUHZb5UbbX5bIwUarpVTJbQqQGSsZbLPbqoPHf9UVY55bXxmtqmXEmM3HjASGfZa4AJZboHTsVWYfXFMkYbYhXq6nRFrZbUUn0TdnTnFbvRUjNYTFs3TJa5E75nEBFXb3aWHbSoAQImsvvmtYK3aMf5HmN3AvGprv7Xsf0NDyYxDXuWWbbuerUtb&mediaDataID=6546596&mediaName=frame.html
Requested by
Host: www.emuparadise.me
URL: https://www.emuparadise.me/biosfiles/bios.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed571604d58f2a1a3dac7e2052f2cbd32883dc744dc2fb72aa92ed8c521b6c55

Request headers

Referer
https://www.emuparadise.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
private, no-cache, no-store, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
761790f23d959b2e-FRA
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Fri, 28 Oct 2022 23:49:07 GMT
expires
0
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
vary
Accept-Encoding
x-function
102
x-reuse-index
309
p.media
s.tribalfusion.com/ Frame 72D0 		324 B
532 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/p.media?clickID=aqmURgPHvcUVMW4FXsntus0qPN2trGPVZbZa26vIpHEyTtF8YbYa1Ufi1qAsRb3ZbUrJQVdQ5orFvRFjqYEFs5qFd4EM1mEnC1r3cWHBXn6QBnV7opHME3TUk5tiN5mvZanUfZc0G7XYGQV0svvpEjR3rv2VFBHUPYWQqQSScUMQdUOYtbuWAbM3GQXYbYZcVmqn2Pr7QPbJ4dMy0tnIpW2o36BY3snZdTVJjmDEjpUaxpaYcNgLkZaJ&mediaDataID=5436426&mediaName=frame.html
Requested by
Host: www.emuparadise.me
URL: https://www.emuparadise.me/biosfiles/bios.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b3afab7efc8fee38382f02191ccb3395fdbfabca82ef2ee313bc09dc80159b3a

Request headers

Referer
https://www.emuparadise.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
private, no-cache, no-store, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
761790f29e039b2e-FRA
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Fri, 28 Oct 2022 23:49:07 GMT
expires
0
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
vary
Accept-Encoding
x-function
102
x-reuse-index
32
p.media
s.tribalfusion.com/ Frame 056F 		275 B
497 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/p.media?clickID=asmURg1rZb9WHbSoPnInGnpmH3E2Evh2tIN3PJJmUvEXcMSXcr2XGJNmEZbU3UU2VbvZaWPv2REnSSsUtQtUO1WfxVAvw2cZb20UFZaVmPw5mrePmMF2dUs1dnZdpdAo5PBS5V76VcBlWGf8R6FwWtQQUUBP3binUaUwWaMjSTYFSGQIRravSd77VGrT2Umsodiq0qPw3WMZaSsFZd4PvZdmWXyVWQh0brLYbY9MBZbop6eEpV3exYAwmf&mediaDataID=6530936&mediaName=frame.html
Requested by
Host: www.emuparadise.me
URL: https://www.emuparadise.me/biosfiles/bios.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb37809a5df0124fc543eac83f4bf3eed272c2970bb5d203326cc5d66d2e8b62

Request headers

Referer
https://www.emuparadise.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
private, no-cache, no-store, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
761790f29e069b2e-FRA
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Fri, 28 Oct 2022 23:49:07 GMT
expires
0
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
vary
Accept-Encoding
x-function
102
x-reuse-index
1035
p.media
s.tribalfusion.com/ Frame 1751 		259 B
490 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/p.media?clickID=aumURg0UUJVmqm4mvgQArD4W3q1drZapWao3mnV4VngTG3aVcZbePPrMTtnVUrfP3FTwWarnTT3jSEYZdSVQIPUewRdMbWGfW2FeqodIOYTPp2tbGQG7F463ImdEyTdQ7XFba1UQ70E6MRUJFWFU5VWrWmr7oRFZbMXqnN3TZba4q7XoT7IXUU6THbPnAvZapGvnmHQA2qU85HAM56JZcpFbE0Gf01cYp0svnVnAQyPaUmGjrOZdW0I3&mediaDataID=2713736&mediaName=frame.html
Requested by
Host: www.emuparadise.me
URL: https://www.emuparadise.me/biosfiles/bios.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
06de5d588ad5e028c154624de6b205ffb2790a1a67675f504a3527ce7f247319

Request headers

Referer
https://www.emuparadise.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
private, no-cache, no-store, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
761790f29e089b2e-FRA
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Fri, 28 Oct 2022 23:49:07 GMT
expires
0
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
vary
Accept-Encoding
x-function
102
x-reuse-index
507
p.media
s.tribalfusion.com/ Frame 0D3F 		201 B
444 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/p.media?clickID=awmURg2Funodis0auN4tfGSGFA26MJot6yVH7aYFrkYrZbg1aEtPbvCTFrXVt3WmUYvPFjs1EQN3EZbk4a7XmqjLYUJ6UWnWoA7ZcpG3wpdQJ3TZbk3W6M4AJJprvEXsfPYGJ2XGnpnqj43bFTTUbCW63TPEUXSsrNPH7tYt7uVmbv4s3UYrZbZdUPXq56FbR6bB4Wrs1dYDpWin5AnQ3GjgVcJjUc7HR6FooCyRqm2YxcADxORhWK&mediaDataID=7665496&mediaName=frame.html
Requested by
Host: www.emuparadise.me
URL: https://www.emuparadise.me/biosfiles/bios.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
709fcb2deac7d886038b7be1f592f8062c636c6b82a031dbcacdf611ec908b97

Request headers

Referer
https://www.emuparadise.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
private, no-cache, no-store, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
761790f29e099b2e-FRA
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Fri, 28 Oct 2022 23:49:07 GMT
expires
0
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
vary
Accept-Encoding
x-function
102
x-reuse-index
574
p.media
s.tribalfusion.com/ Frame 231D 		264 B
492 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/p.media?clickID=aymVgFoAnLpGvrotbC2TMe5tIo4mrZbmb3E0VYUXGYV0cjumTJT5UrSWUFFWArTPajSQsUrStBtYd7oV6bv2VQVXrQKT66q2PFdR6BK3trO0HBImdiM5AQV3svfUcF7Usn8SPUwTtrQWrbY5UEuUabmVqJaSTQHSs7LQFunSHrkVGfP5bexmtqr0qmp2WbCSGZbC5mFZdpWiyTHZbhYrM7YFU61auqSbYZcWUBSTtJWmErmRUq1yPumuPAERWMfDZbQOl7&mediaDataID=5578346&mediaName=frame.html
Requested by
Host: www.emuparadise.me
URL: https://www.emuparadise.me/biosfiles/bios.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c3cff97c4aa3504572aa56cfeb7230dc6edd5fc03974f871c30bff1d050ab00

Request headers

Referer
https://www.emuparadise.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
private, no-cache, no-store, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
761790f29e0b9b2e-FRA
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Fri, 28 Oct 2022 23:49:07 GMT
expires
0
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
vary
Accept-Encoding
x-function
102
x-reuse-index
413
p.media
s.tribalfusion.com/ Frame 2DD3 		302 B
519 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/p.media?clickID=aNmURg2PU8R6bA2tvq1WvJpdem4PJR5cUgVsv8VG78RmQxTdrWWrZb52repWqvvVqBjQEYZbQVFARb6pRH7cWsr24byomtuo0q6y4dYZdPcZbZa46JIoWeqUtja0brkYbYf0EutPbBZdUrUSVHJ5obFtPrJNYErr3Ejd5TUPoTbIYbU9WH7Xn6fZapsMspt3E5EUg5tIt4m7FpFUHXcYR1VFVXGvnpTbx3bF2n6IBsFA3sHvgtVUgLZc&mediaDataID=6807466&mediaName=frame.html
Requested by
Host: www.emuparadise.me
URL: https://www.emuparadise.me/biosfiles/bios.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f59cfcc1b35c43e335d7a8a9a294a49cafa0764fcadac0dcc41086c2c5985c2b

Request headers

Referer
https://www.emuparadise.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
private, no-cache, no-store, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
761790f29e0d9b2e-FRA
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Fri, 28 Oct 2022 23:49:07 GMT
expires
0
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
vary
Accept-Encoding
x-function
102
x-reuse-index
419
p.media
s.tribalfusion.com/ Frame 6D2F 		279 B
505 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/p.media?clickID=aPmURg0qmv4dMHPcjD263ZcmdPrUd79YbQk1Ffi1EeMRF3ETUnYTtvXnbbmPU7NYaZbN5EZbi2arPoEbCYrU9Udj1m6rInVjsmH7G5En72WIN5PvJmFfZbXcbU1cYV0svxnqrT5UZb4VbbZcWm72RTn3QGnMQtbyYdBxWPQn4sYUXFZbJVmmw5mZbgPmBJ4dYoXWYLpdax4PY03G3fTGvbUVM8PPFoWdYuUFMPwAbtsnZammWUTviJ9PX&mediaDataID=9148826&mediaName=frame.html
Requested by
Host: www.emuparadise.me
URL: https://www.emuparadise.me/biosfiles/bios.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
75e52b122b83769eddb1485a99a19317624ac22323e76642099965dfd3711df4

Request headers

Referer
https://www.emuparadise.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
private, no-cache, no-store, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
761790f29e139b2e-FRA
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Fri, 28 Oct 2022 23:49:07 GMT
expires
0
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
vary
Accept-Encoding
x-function
102
x-reuse-index
417
p.media
s.tribalfusion.com/ Frame 07E1 		447 B
587 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/p.media?clickID=aSmURg4dMFSGjG46MZcpHarVWbeYFM7Xb79XqEoSFUZbUrU0Wtv3or7qQFBrYEUy5q3c4qv0oTfK1bZb9UHMRm6vCncMpoWbK5EFk5tZaN46BGnbbLXsQTXsQYXGbnnavT3rJVTFvZaW6rTPqbYSsYnQWfr1tJnTm3m3GrW0UUDT6im2PQeQAMH3WUM1WMZbpdEv36vP4GrfVVvkWGZbgP6FoWdF3Wr7r3U2umQTstQectW3NusNHuJ&mediaDataID=6719746&mediaName=frame.html
Requested by
Host: www.emuparadise.me
URL: https://www.emuparadise.me/biosfiles/bios.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
636918a42a81e1a5237736d71ad20c1baf724f1d7559aea82a2d43554154515a

Request headers

Referer
https://www.emuparadise.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
private, no-cache, no-store, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
761790f2ae179b2e-FRA
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Fri, 28 Oct 2022 23:49:07 GMT
expires
0
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
vary
Accept-Encoding
x-function
102
x-reuse-index
507
p
ic.tynt.com/b/ 		0
227 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ic.tynt.com/b/p?id=aIXlJ0wPOr6ijYaKlId8sQ&lm=0&ts=1667000946714&dn=RCIV&iso=0
Requested by
Host: www.emuparadise.me
URL: https://www.emuparadise.me/biosfiles/bios.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.33 Tinley Park, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip33.67-202-105.static.steadfastdns.net
Software
nginx/1.16.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.emuparadise.me/biosfiles/bios.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

expires
"Sat, 26 Jul 1997 05:00:00 GMT"
date
Fri, 28 Oct 2022 23:49:07 GMT
cache-control
"no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
server
nginx/1.16.1
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210260101/ Frame 0C67 		354 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210260101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8349397313676385&plah=www.emuparadise.me&bust=31070591
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ccde52de4fc6f7c3cb71a70321e52e1f10dd063da28012953e54dc3dd0ccfb6d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.emuparadise.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 23:49:07 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119027
x-xss-protection
0
server
cafe
etag
11268295438545494955
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 28 Oct 2022 23:49:07 GMT
cookie.js
partner.googleadservices.com/gampad/ Frame 1AF2 		395 B
699 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.emuparadise.me&callback=_gfp_s_&client=ca-pub-8349397313676385&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210250101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8349397313676385&plah=www.emuparadise.me&bust=31070590
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8be7216f05ace831d67d8a1fb930d204b7d9a761e711c7c22ad4aba7c40f25df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.emuparadise.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 23:49:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
254
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ Frame 1AF2 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.emuparadise.me
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210250101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8349397313676385&plah=www.emuparadise.me&bust=31070590
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.emuparadise.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 23:49:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 1AF2 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.emuparadise.me
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210250101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8349397313676385&plah=www.emuparadise.me&bust=31070590
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.emuparadise.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 23:49:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 0E72 		73 KB
29 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8349397313676385&output=html&h=250&slotname=7797732353&adk=1624002602&adf=2260553171&pi=t.ma~as.7797732353&w=300&lmt=1667000947&url=https%3A%2F%2Fwww.emuparadise.me%2Fbiosfiles%2Fbios.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667000947546&bpp=9&bdt=675&idt=105&shv=r20221026&mjsv=m202210250101&ptt=5&saldr=sa&correlator=4795295021170&frm=23&ife=1&pv=2&ga_vid=991856031.1667000947&ga_sid=1667000948&ga_hid=181595690&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=287&biw=1600&bih=1200&isw=300&ish=250&ifk=1690533163&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31070590%2C44775017&oid=2&pvsid=472105881715648&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.vk0nj8bv4j5k&fsb=1&dtd=121
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210250101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8349397313676385&plah=www.emuparadise.me&bust=31070590
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4f9db780edcbc138495af6c37be4d0b67ca795563b3383c786a01f7beffbb9ce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.emuparadise.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
29737
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 28 Oct 2022 23:49:08 GMT
expires
Fri, 28 Oct 2022 23:49:08 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
cookie.js
partner.googleadservices.com/gampad/ Frame B475 		395 B
322 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.emuparadise.me&callback=_gfp_s_&client=ca-pub-8349397313676385&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210250101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8349397313676385&plah=www.emuparadise.me
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fdd010aaffdcbc848ea6d060d8f8af2a642256dcb5abc0757b62d471bb5d6e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.emuparadise.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 23:49:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
253
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ Frame B475 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.emuparadise.me
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210250101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8349397313676385&plah=www.emuparadise.me
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.emuparadise.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 23:49:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame B475 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.emuparadise.me
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210250101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8349397313676385&plah=www.emuparadise.me
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.emuparadise.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 23:49:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame AB21 		90 KB
33 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8349397313676385&output=html&h=600&slotname=1751198753&adk=1181575348&adf=1923364422&pi=t.ma~as.1751198753&w=160&lmt=1667000947&url=https%3A%2F%2Fwww.emuparadise.me%2Fbiosfiles%2Fbios.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667000947526&bpp=11&bdt=667&idt=153&shv=r20221026&mjsv=m202210250101&ptt=5&saldr=sa&correlator=4795295021170&frm=23&ife=1&pv=1&ga_vid=991856031.1667000947&ga_sid=1667000948&ga_hid=1115569118&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=276&ady=503&biw=1600&bih=1200&isw=160&ish=600&ifk=2515432399&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44775016&oid=2&pvsid=1052251170712819&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.gm5w1j5i41ja&fsb=1&dtd=166
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210250101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8349397313676385&plah=www.emuparadise.me
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
23d435fffef9bd83f246b1b08272515490f61c33a0eeffe9543caaa089017b08
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.emuparadise.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
33440
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 28 Oct 2022 23:49:08 GMT
expires
Fri, 28 Oct 2022 23:49:08 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
i.match
a.tribalfusion.com/ Frame 6EFC
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/57628/sync?uid=18072662283319307903&_origin=1&redir=true
  • https://ups.analytics.yahoo.com/ups/57628/sync?uid=18072662283319307903&_origin=1&redir=true&verify=true
  • https://a.tribalfusion.com/i.match?p=b17&u=y-TjG9QkpE2uhXBLPFuEQlwubCK.BhUmk-~A
43 B
454 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.tribalfusion.com/i.match?p=b17&u=y-TjG9QkpE2uhXBLPFuEQlwubCK.BhUmk-~A
Requested by
Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/p.media?clickID=akmURgWUYYTtQ2nUYmPU7t1Enp3Eji5TYRoEZbHXUJfUdfQnAYLpGQrpW3C3EY73Wuy5P7ZcprnG0VnPYcF20cfonqbW3rYVTFvBUA3TQa3QQsZbrSdby0djtT6vp2GB5XrBJVmau4mYePPMC4HYp0tMAndix3mv04GYeVcQjWsMePPYoTHFPUrB23rZarUqroTTncPaYGQc7BPUInPt7iUVb52Fy4mWqOOQQyM8EGtFftpZc7CQl&mediaDataID=6347136&mediaName=frame.html
Protocol
H2
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.tribalfusion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Oct 2022 23:49:07 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
761790f3ae9591f3-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://a.tribalfusion.com/i.match?p=b17&u=y-TjG9QkpE2uhXBLPFuEQlwubCK.BhUmk-~A
date
Fri, 28 Oct 2022 23:49:07 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
dspreply
public-prod-dspcookiematching.dmxleo.com/ Frame 911F
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b24&u=18072662283319307903&redirect=https%3A%2F%2Fpublic-prod-dspcookiematching.dmxleo.com%2Fdspreply%3FdspId%3D15%26dspUserId%3D%24TF_USER_ID_ENC%24
  • https://public-prod-dspcookiematching.dmxleo.com/dspreply?dspId=15&dspUserId=18072662283319307903
0
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://public-prod-dspcookiematching.dmxleo.com/dspreply?dspId=15&dspUserId=18072662283319307903
Requested by
Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/p.media?clickID=aAmURgTFfEUAv3RTr3QsvqStYO0WFoWP3p4cn0YrQDTPup5PM8R6ZbF3Hvq0WQAnHTm5mYQ3sveVsQdWcMeRmUnUHYTUU7Y5bTtUqQvWqnlQEBKSVZbZbQFisPHMiWcbU4binodyMXTyp2WbHSV7A4PrHoderVHfeYU3i1UB90qqtPbUZbTrBPVHYUnbbsRUjr1EMr4aZbd2TQQmqZbA1FUfWHMXoArans7wU8PGyBiexqiFnetjXO&mediaDataID=8039566&mediaName=frame.html
Protocol
H2
Server
188.65.124.66 Paris, France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),
Reverse DNS
ingress-03-pub-prod-ix7.vip.dailymotion.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.tribalfusion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-dm-lb-name
ingress-nginx-nginx-in-cluster-stz6r
date
Fri, 28 Oct 2022 23:49:07 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-length
0

Redirect headers

pragma
no-cache
date
Fri, 28 Oct 2022 23:49:07 GMT
cf-cache-status
DYNAMIC
x-function
209
server
cloudflare
x-reuse-index
2336
content-type
text/html
location
https://public-prod-dspcookiematching.dmxleo.com/dspreply?dspId=15&dspUserId=18072662283319307903
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
761790f33e3791f3-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
i.match
a.tribalfusion.com/ Frame F1BC
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=exp&google_cm&google_sc&google_ula=2786954&google_hm=18072662283319307903
  • https://cm.g.doubleclick.net/pixel?google_nid=exp&google_cm=&google_sc=&google_ula=2786954&google_hm=18072662283319307903&google_tc=
  • https://a.tribalfusion.com/i.match?p=b6&u=adx&google_gid=CAESEDtsYQvp0OSmmK4-_Rfrjug&google_cver=1&google_ula=2786954,0
43 B
642 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.tribalfusion.com/i.match?p=b6&u=adx&google_gid=CAESEDtsYQvp0OSmmK4-_Rfrjug&google_cver=1&google_ula=2786954,0
Requested by
Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/p.media?clickID=aCmURg5bEoUqroVTQiSarZaQVjKPUIxSHYiUGUP5byxmH6sYqXv4dUAPVBH4m3HoHPNTHJ90bMi1FBf0aqtRFYZcUr30VWUXorYqRUJNXaMy5EUi4EYPmEJH1rJfUtMRm6bLpGfuodMJ3qZbf5dao56FGnrUZb0VQYXVnTXG7nnEvT5UY2WbnBWmYYPEj2ScUsStjy0H7xTPUm2Vn30bZbDVmiw2PQZbPPMKxoqmxR6JWaAJnPygPO&mediaDataID=4056396&mediaName=frame.html
Protocol
H3
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.tribalfusion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Oct 2022 23:49:08 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
761790f478149b2e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 28 Oct 2022 23:49:07 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://a.tribalfusion.com/i.match?p=b6&u=adx&google_gid=CAESEDtsYQvp0OSmmK4-_Rfrjug&google_cver=1&google_ula=2786954,0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie.js
partner.googleadservices.com/gampad/ Frame 0C67 		395 B
277 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.emuparadise.me&callback=_gfp_s_&client=ca-pub-8349397313676385&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210260101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8349397313676385&plah=www.emuparadise.me&bust=31070591
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
90f988db82fc3588ef08ff3605b43b15364df1cbca95350c35c89dc4f6a55599
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.emuparadise.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 23:49:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
255
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ Frame 0C67 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.emuparadise.me
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210260101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8349397313676385&plah=www.emuparadise.me&bust=31070591
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.emuparadise.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 23:49:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 0C67 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.emuparadise.me
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210260101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8349397313676385&plah=www.emuparadise.me&bust=31070591
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.emuparadise.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 23:49:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 7099 		81 KB
30 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8349397313676385&output=html&h=90&slotname=4844265957&adk=3045945892&adf=2638734760&pi=t.ma~as.4844265957&w=728&lmt=1667000947&url=https%3A%2F%2Fwww.emuparadise.me%2Fbiosfiles%2Fbios.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667000947626&bpp=10&bdt=775&idt=101&shv=r20221026&mjsv=m202210260101&ptt=5&saldr=sa&correlator=4795295021170&frm=23&ife=1&pv=1&ga_vid=991856031.1667000947&ga_sid=1667000948&ga_hid=1414900580&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=152&biw=1600&bih=1200&isw=728&ish=90&ifk=1996258855&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070591%2C44774292%2C44775016%2C44776450&oid=2&pvsid=305668297579728&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.xyx10969wmyg&fsb=1&dtd=114
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210260101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8349397313676385&plah=www.emuparadise.me&bust=31070591
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
17c58bcfaf532347f2f3c778ffa84df1c61559100cb57bb5789c3801f57e0ec0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.emuparadise.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
30715
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 28 Oct 2022 23:49:08 GMT
expires
Fri, 28 Oct 2022 23:49:08 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
cm
us-u.openx.net/w/1.0/ Frame 263B 		43 B
304 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?id=b9f5c7de-85f6-48cc-ba86-351b90373b6b&r=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db12%26redirect%3Dhttps%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537141727%2526val%253D%2524TF_USER_ID_ENC%2524%26u%3D
Requested by
Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/p.media?clickID=aomURgT6Mv4sY40FYZdV66p2PvbRmbH3WrOXHnZdmHAo5AUP4s36Vcv8VsJfRPUoUHZb5UbbX5bIwUarpVTJbQqQGSsZbLPbqoPHf9UVY55bXxmtqmXEmM3HjASGfZa4AJZboHTsVWYfXFMkYbYhXq6nRFrZbUUn0TdnTnFbvRUjNYTFs3TJa5E75nEBFXb3aWHbSoAQImsvvmtYK3aMf5HmN3AvGprv7Xsf0NDyYxDXuWWbbuerUtb&mediaDataID=6546596&mediaName=frame.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.tribalfusion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Oct 2022 23:49:07 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
i.match
a.tribalfusion.com/ Frame 056F
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?cm_dsp_id=131&external_user_id=18072662283319307903&cb=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db20%26u%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db20%26u%3D&cm_dsp_id=131&external_user_id=18072662283319307903&C=1
  • https://a.tribalfusion.com/i.match?p=b20&u=Y1xqc2uj.juubyjF5-Oa9QAA
43 B
527 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.tribalfusion.com/i.match?p=b20&u=Y1xqc2uj.juubyjF5-Oa9QAA
Requested by
Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/p.media?clickID=asmURg1rZb9WHbSoPnInGnpmH3E2Evh2tIN3PJJmUvEXcMSXcr2XGJNmEZbU3UU2VbvZaWPv2REnSSsUtQtUO1WfxVAvw2cZb20UFZaVmPw5mrePmMF2dUs1dnZdpdAo5PBS5V76VcBlWGf8R6FwWtQQUUBP3binUaUwWaMjSTYFSGQIRravSd77VGrT2Umsodiq0qPw3WMZaSsFZd4PvZdmWXyVWQh0brLYbY9MBZbop6eEpV3exYAwmf&mediaDataID=6530936&mediaName=frame.html
Protocol
H2
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.tribalfusion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Oct 2022 23:49:08 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
761790f42ee991f3-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 28 Oct 2022 23:49:07 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://a.tribalfusion.com/i.match?p=b20&u=Y1xqc2uj.juubyjF5-Oa9QAA
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
0
Expires
0
tap.php
pixel.rubiconproject.com/ Frame 72D0
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b10&u=18072662283319307903&redirect=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D111756%26nid%3D3856%26put%3D%24TF_USER_ID_ENC%24%26expires%3D180
  • https://pixel.rubiconproject.com/tap.php?v=111756&nid=3856&put=18072662283319307903&expires=180
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=111756&nid=3856&put=18072662283319307903&expires=180
Requested by
Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/p.media?clickID=aqmURgPHvcUVMW4FXsntus0qPN2trGPVZbZa26vIpHEyTtF8YbYa1Ufi1qAsRb3ZbUrJQVdQ5orFvRFjqYEFs5qFd4EM1mEnC1r3cWHBXn6QBnV7opHME3TUk5tiN5mvZanUfZc0G7XYGQV0svvpEjR3rv2VFBHUPYWQqQSScUMQdUOYtbuWAbM3GQXYbYZcVmqn2Pr7QPbJ4dMy0tnIpW2o36BY3snZdTVJjmDEjpUaxpaYcNgLkZaJ&mediaDataID=5436426&mediaName=frame.html
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.tribalfusion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Fri, 28 Oct 2022 23:49:07 GMT
cf-cache-status
DYNAMIC
x-function
209
server
cloudflare
x-reuse-index
12
content-type
text/html
location
https://pixel.rubiconproject.com/tap.php?v=111756&nid=3856&put=18072662283319307903&expires=180
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
761790f3eeb391f3-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
i.match
a.tribalfusion.com/ Frame 1751
Redirect Chain
  • https://tags.bluekai.com/site/4229?id=18072662283319307903&redir=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db3%26u%3D%24_BK_UUID
  • https://a.tribalfusion.com/i.match?p=b3&u=$_BK_UUID
43 B
652 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.tribalfusion.com/i.match?p=b3&u=$_BK_UUID
Requested by
Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/p.media?clickID=aumURg0UUJVmqm4mvgQArD4W3q1drZapWao3mnV4VngTG3aVcZbePPrMTtnVUrfP3FTwWarnTT3jSEYZdSVQIPUewRdMbWGfW2FeqodIOYTPp2tbGQG7F463ImdEyTdQ7XFba1UQ70E6MRUJFWFU5VWrWmr7oRFZbMXqnN3TZba4q7XoT7IXUU6THbPnAvZapGvnmHQA2qU85HAM56JZcpFbE0Gf01cYp0svnVnAQyPaUmGjrOZdW0I3&mediaDataID=2713736&mediaName=frame.html
Protocol
H3
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.tribalfusion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Oct 2022 23:49:08 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
761790f538f19b2e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://a.tribalfusion.com/i.match?p=b3&u=$_BK_UUID
date
Fri, 28 Oct 2022 23:49:08 GMT
content-length
0
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
i.match
a.tribalfusion.com/ Frame 0D3F
Redirect Chain
  • https://aa.agkn.com/adscores/g.pixel?sid=9212295768&_puid=18072662283319307903
  • https://a.tribalfusion.com/i.match?p=b23&u=217403104318004077117
43 B
431 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.tribalfusion.com/i.match?p=b23&u=217403104318004077117
Requested by
Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/p.media?clickID=awmURg2Funodis0auN4tfGSGFA26MJot6yVH7aYFrkYrZbg1aEtPbvCTFrXVt3WmUYvPFjs1EQN3EZbk4a7XmqjLYUJ6UWnWoA7ZcpG3wpdQJ3TZbk3W6M4AJJprvEXsfPYGJ2XGnpnqj43bFTTUbCW63TPEUXSsrNPH7tYt7uVmbv4s3UYrZbZdUPXq56FbR6bB4Wrs1dYDpWin5AnQ3GjgVcJjUc7HR6FooCyRqm2YxcADxORhWK&mediaDataID=7665496&mediaName=frame.html
Protocol
H2
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.tribalfusion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Oct 2022 23:49:08 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
761790f42eea91f3-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 28 Oct 2022 23:49:07 GMT
server
AAWebServer
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location
https://a.tribalfusion.com/i.match?p=b23&u=217403104318004077117
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
expires
0
usermatch.gif
beacon.krxd.net/ Frame 2DD3
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b22&u=18072662283319307903&redirect=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dexponential%26partner_uid%3D%24TF_USER_ID_ENC%24
  • https://beacon.krxd.net/usermatch.gif?partner=exponential&partner_uid=18072662283319307903
0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=exponential&partner_uid=18072662283319307903
Requested by
Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/p.media?clickID=aNmURg2PU8R6bA2tvq1WvJpdem4PJR5cUgVsv8VG78RmQxTdrWWrZb52repWqvvVqBjQEYZbQVFARb6pRH7cWsr24byomtuo0q6y4dYZdPcZbZa46JIoWeqUtja0brkYbYf0EutPbBZdUrUSVHJ5obFtPrJNYErr3Ejd5TUPoTbIYbU9WH7Xn6fZapsMspt3E5EUg5tIt4m7FpFUHXcYR1VFVXGvnpTbx3bF2n6IBsFA3sHvgtVUgLZc&mediaDataID=6807466&mediaName=frame.html
Protocol
H2
Server
18.202.59.106 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-202-59-106.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.tribalfusion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-served-by
beacon-n013-dub-prod.krxd.net
date
Fri, 28 Oct 2022 23:49:08 GMT
cache-control
private, no-cache, no-store
x-request-time
D=33 t=1667000948
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Fri, 28 Oct 2022 23:49:08 GMT
cf-cache-status
DYNAMIC
x-function
209
server
cloudflare
x-reuse-index
713
content-type
text/html
location
https://beacon.krxd.net/usermatch.gif?partner=exponential&partner_uid=18072662283319307903
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
761790f3eeb891f3-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
i.match
a.tribalfusion.com/ Frame 6D2F
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=8731&uid=18072662283319307903&redir=https%3A//a.tribalfusion.com/i.match%3Fp%3Db19%26u%3D$SPOTX_USER_ID
  • https://sync.search.spotxchange.com/partner?adv_id=8731&uid=18072662283319307903&redir=https%3A//a.tribalfusion.com/i.match%3Fp%3Db19%26u%3D$SPOTX_USER_ID&__user_check__=1&sync_id=1ce481b8-571b-11e...
  • https://a.tribalfusion.com/i.match?p=b19&u=1ce4813b-571b-11ed-86b0-19da87bf0406
43 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.tribalfusion.com/i.match?p=b19&u=1ce4813b-571b-11ed-86b0-19da87bf0406
Requested by
Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/p.media?clickID=aPmURg0qmv4dMHPcjD263ZcmdPrUd79YbQk1Ffi1EeMRF3ETUnYTtvXnbbmPU7NYaZbN5EZbi2arPoEbCYrU9Udj1m6rInVjsmH7G5En72WIN5PvJmFfZbXcbU1cYV0svxnqrT5UZb4VbbZcWm72RTn3QGnMQtbyYdBxWPQn4sYUXFZbJVmmw5mZbgPmBJ4dYoXWYLpdax4PY03G3fTGvbUVM8PPFoWdYuUFMPwAbtsnZammWUTviJ9PX&mediaDataID=9148826&mediaName=frame.html
Protocol
H3
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.tribalfusion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Oct 2022 23:49:08 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
761790f478129b2e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date
Fri, 28 Oct 2022 23:49:07 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Location
https://a.tribalfusion.com/i.match?p=b19&u=1ce4813b-571b-11ed-86b0-19da87bf0406
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
102
Connection
keep-alive
Content-Length
43
i.match
a.tribalfusion.com/ Frame 07E1
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%253A//simage2.pubmatic.com/AdServer/Pug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%2526piggybackCookie%253D180726622833...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%253A//simage2.pubmatic.com/AdServer/Pug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%2526piggybackCookie%253D180726622833...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw&piggybackCookie=18072662283319307903&r=https%3A//a.tribalfusion.com/i.match%3Fp%3Db11%26u%3D%24%7BPUBMATIC_U...
  • https://a.tribalfusion.com/i.match?p=b11&u=7F2DFD46-4F32-48E2-BEA8-A746F5193486
43 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.tribalfusion.com/i.match?p=b11&u=7F2DFD46-4F32-48E2-BEA8-A746F5193486
Requested by
Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/p.media?clickID=aSmURg4dMFSGjG46MZcpHarVWbeYFM7Xb79XqEoSFUZbUrU0Wtv3or7qQFBrYEUy5q3c4qv0oTfK1bZb9UHMRm6vCncMpoWbK5EFk5tZaN46BGnbbLXsQTXsQYXGbnnavT3rJVTFvZaW6rTPqbYSsYnQWfr1tJnTm3m3GrW0UUDT6im2PQeQAMH3WUM1WMZbpdEv36vP4GrfVVvkWGZbgP6FoWdF3Wr7r3U2umQTstQectW3NusNHuJ&mediaDataID=6719746&mediaName=frame.html
Protocol
H3
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.tribalfusion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Oct 2022 23:49:08 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
761790f4c86d9b2e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://a.tribalfusion.com/i.match?p=b11&u=7F2DFD46-4F32-48E2-BEA8-A746F5193486
date
Fri, 28 Oct 2022 23:49:06 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
i.match
a.tribalfusion.com/ Frame 231D
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=22054&dpuuid=18072662283319307903&redir=https%3A//a.tribalfusion.com/i.match%3Fp%3Db13%26u%3D%24%7BDD_UUID%7D
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22054&dpuuid=18072662283319307903&redir=https%3A//a.tribalfusion.com/i.match%3Fp%3Db13%26u%3D%24%7BDD_UUID%7D
  • https://a.tribalfusion.com/i.match?p=b13&u=62143095164925549483668007840757056425
43 B
638 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.tribalfusion.com/i.match?p=b13&u=62143095164925549483668007840757056425
Requested by
Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/p.media?clickID=aymVgFoAnLpGvrotbC2TMe5tIo4mrZbmb3E0VYUXGYV0cjumTJT5UrSWUFFWArTPajSQsUrStBtYd7oV6bv2VQVXrQKT66q2PFdR6BK3trO0HBImdiM5AQV3svfUcF7Usn8SPUwTtrQWrbY5UEuUabmVqJaSTQHSs7LQFunSHrkVGfP5bexmtqr0qmp2WbCSGZbC5mFZdpWiyTHZbhYrM7YFU61auqSbYZcWUBSTtJWmErmRUq1yPumuPAERWMfDZbQOl7&mediaDataID=5578346&mediaName=frame.html
Protocol
H3
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.tribalfusion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Oct 2022 23:49:08 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
761790f4f89e9b2e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

DCS
dcs-prod-irl1-2-v045-08c859e6d.edge-irl1.demdex.com 1 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
55WkVAwTTMY=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://a.tribalfusion.com/i.match?p=b13&u=62143095164925549483668007840757056425
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/ Frame AB21 		2 KB
847 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8349397313676385&output=html&h=600&slotname=1751198753&adk=1181575348&adf=1923364422&pi=t.ma~as.1751198753&w=160&lmt=1667000947&url=https%3A%2F%2Fwww.emuparadise.me%2Fbiosfiles%2Fbios.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667000947526&bpp=11&bdt=667&idt=153&shv=r20221026&mjsv=m202210250101&ptt=5&saldr=sa&correlator=4795295021170&frm=23&ife=1&pv=1&ga_vid=991856031.1667000947&ga_sid=1667000948&ga_hid=1115569118&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=276&ady=503&biw=1600&bih=1200&isw=160&ish=600&ifk=2515432399&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44775016&oid=2&pvsid=1052251170712819&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.gm5w1j5i41ja&fsb=1&dtd=166
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 18:28:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
19267
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
738
x-xss-protection
0
server
cafe
etag
16974406330603315520
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 11 Nov 2022 18:28:01 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/ Frame AB21 		23 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8349397313676385&output=html&h=600&slotname=1751198753&adk=1181575348&adf=1923364422&pi=t.ma~as.1751198753&w=160&lmt=1667000947&url=https%3A%2F%2Fwww.emuparadise.me%2Fbiosfiles%2Fbios.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667000947526&bpp=11&bdt=667&idt=153&shv=r20221026&mjsv=m202210250101&ptt=5&saldr=sa&correlator=4795295021170&frm=23&ife=1&pv=1&ga_vid=991856031.1667000947&ga_sid=1667000948&ga_hid=1115569118&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=276&ady=503&biw=1600&bih=1200&isw=160&ish=600&ifk=2515432399&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44775016&oid=2&pvsid=1052251170712819&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.gm5w1j5i41ja&fsb=1&dtd=166
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
15b192d13c1d029346a73cb1b2eb3a1b8905dfe8df1aaf9ced37356de9380e32
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 15:50:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
28721
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9268
x-xss-protection
0
server
cafe
etag
17746901142539384344
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 11 Nov 2022 15:50:27 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/ Frame AB21 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8349397313676385&output=html&h=600&slotname=1751198753&adk=1181575348&adf=1923364422&pi=t.ma~as.1751198753&w=160&lmt=1667000947&url=https%3A%2F%2Fwww.emuparadise.me%2Fbiosfiles%2Fbios.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667000947526&bpp=11&bdt=667&idt=153&shv=r20221026&mjsv=m202210250101&ptt=5&saldr=sa&correlator=4795295021170&frm=23&ife=1&pv=1&ga_vid=991856031.1667000947&ga_sid=1667000948&ga_hid=1115569118&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=276&ady=503&biw=1600&bih=1200&isw=160&ish=600&ifk=2515432399&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44775016&oid=2&pvsid=1052251170712819&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.gm5w1j5i41ja&fsb=1&dtd=166
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 11:57:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
42673
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1238
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 11 Nov 2022 11:57:55 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/ Frame AB21 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8349397313676385&output=html&h=600&slotname=1751198753&adk=1181575348&adf=1923364422&pi=t.ma~as.1751198753&w=160&lmt=1667000947&url=https%3A%2F%2Fwww.emuparadise.me%2Fbiosfiles%2Fbios.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667000947526&bpp=11&bdt=667&idt=153&shv=r20221026&mjsv=m202210250101&ptt=5&saldr=sa&correlator=4795295021170&frm=23&ife=1&pv=1&ga_vid=991856031.1667000947&ga_sid=1667000948&ga_hid=1115569118&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=276&ady=503&biw=1600&bih=1200&isw=160&ish=600&ifk=2515432399&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44775016&oid=2&pvsid=1052251170712819&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.gm5w1j5i41ja&fsb=1&dtd=166
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d99f77a187454fecc18b59b2f520b1598b246d01e142bfdc4de56eb7221a9330
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 18:22:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
19608
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7367
x-xss-protection
0
server
cafe
etag
4759548068123418343
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 11 Nov 2022 18:22:20 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame AB21 		153 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8349397313676385&output=html&h=600&slotname=1751198753&adk=1181575348&adf=1923364422&pi=t.ma~as.1751198753&w=160&lmt=1667000947&url=https%3A%2F%2Fwww.emuparadise.me%2Fbiosfiles%2Fbios.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667000947526&bpp=11&bdt=667&idt=153&shv=r20221026&mjsv=m202210250101&ptt=5&saldr=sa&correlator=4795295021170&frm=23&ife=1&pv=1&ga_vid=991856031.1667000947&ga_sid=1667000948&ga_hid=1115569118&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=276&ady=503&biw=1600&bih=1200&isw=160&ish=600&ifk=2515432399&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44775016&oid=2&pvsid=1052251170712819&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.gm5w1j5i41ja&fsb=1&dtd=166
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0c03682256f0ddbfa031d5ee3c2bbb80eea99dab4ffa12622c551dea01359656
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 23:49:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47996
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1666856053429787"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 28 Oct 2022 23:49:08 GMT
6d06f43d9219529f87f676616f1c0e3b.js
www.gstatic.com/mysidia/ Frame AB21 		33 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/6d06f43d9219529f87f676616f1c0e3b.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8349397313676385&output=html&h=600&slotname=1751198753&adk=1181575348&adf=1923364422&pi=t.ma~as.1751198753&w=160&lmt=1667000947&url=https%3A%2F%2Fwww.emuparadise.me%2Fbiosfiles%2Fbios.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667000947526&bpp=11&bdt=667&idt=153&shv=r20221026&mjsv=m202210250101&ptt=5&saldr=sa&correlator=4795295021170&frm=23&ife=1&pv=1&ga_vid=991856031.1667000947&ga_sid=1667000948&ga_hid=1115569118&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=276&ady=503&biw=1600&bih=1200&isw=160&ish=600&ifk=2515432399&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44775016&oid=2&pvsid=1052251170712819&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.gm5w1j5i41ja&fsb=1&dtd=166
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
19d9403b8b5963aaeae98991373ef1f4ec9ed98d649be55e657db8e1302578bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 14:36:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
33145
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13940
x-xss-protection
0
last-modified
Mon, 24 Oct 2022 21:55:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 26 Jan 2023 14:36:43 GMT
css
fonts.googleapis.com/ Frame 7099 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8349397313676385&output=html&h=90&slotname=4844265957&adk=3045945892&adf=2638734760&pi=t.ma~as.4844265957&w=728&lmt=1667000947&url=https%3A%2F%2Fwww.emuparadise.me%2Fbiosfiles%2Fbios.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667000947626&bpp=10&bdt=775&idt=101&shv=r20221026&mjsv=m202210260101&ptt=5&saldr=sa&correlator=4795295021170&frm=23&ife=1&pv=1&ga_vid=991856031.1667000947&ga_sid=1667000948&ga_hid=1414900580&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=152&biw=1600&bih=1200&isw=728&ish=90&ifk=1996258855&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070591%2C44774292%2C44775016%2C44776450&oid=2&pvsid=305668297579728&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.xyx10969wmyg&fsb=1&dtd=114
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 28 Oct 2022 23:49:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 28 Oct 2022 23:19:47 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 28 Oct 2022 23:49:08 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/ Frame 7099 		2 KB
799 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8349397313676385&output=html&h=90&slotname=4844265957&adk=3045945892&adf=2638734760&pi=t.ma~as.4844265957&w=728&lmt=1667000947&url=https%3A%2F%2Fwww.emuparadise.me%2Fbiosfiles%2Fbios.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667000947626&bpp=10&bdt=775&idt=101&shv=r20221026&mjsv=m202210260101&ptt=5&saldr=sa&correlator=4795295021170&frm=23&ife=1&pv=1&ga_vid=991856031.1667000947&ga_sid=1667000948&ga_hid=1414900580&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=152&biw=1600&bih=1200&isw=728&ish=90&ifk=1996258855&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070591%2C44774292%2C44775016%2C44776450&oid=2&pvsid=305668297579728&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.xyx10969wmyg&fsb=1&dtd=114
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 18:28:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
19267
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
738
x-xss-protection
0
server
cafe
etag
16974406330603315520
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 11 Nov 2022 18:28:01 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/ Frame 7099 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8349397313676385&output=html&h=90&slotname=4844265957&adk=3045945892&adf=2638734760&pi=t.ma~as.4844265957&w=728&lmt=1667000947&url=https%3A%2F%2Fwww.emuparadise.me%2Fbiosfiles%2Fbios.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667000947626&bpp=10&bdt=775&idt=101&shv=r20221026&mjsv=m202210260101&ptt=5&saldr=sa&correlator=4795295021170&frm=23&ife=1&pv=1&ga_vid=991856031.1667000947&ga_sid=1667000948&ga_hid=1414900580&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=152&biw=1600&bih=1200&isw=728&ish=90&ifk=1996258855&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070591%2C44774292%2C44775016%2C44776450&oid=2&pvsid=305668297579728&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.xyx10969wmyg&fsb=1&dtd=114
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
15b192d13c1d029346a73cb1b2eb3a1b8905dfe8df1aaf9ced37356de9380e32
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 15:50:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
28721
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9268
x-xss-protection
0
server
cafe
etag
17746901142539384344
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 11 Nov 2022 15:50:27 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/ Frame 7099 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8349397313676385&output=html&h=90&slotname=4844265957&adk=3045945892&adf=2638734760&pi=t.ma~as.4844265957&w=728&lmt=1667000947&url=https%3A%2F%2Fwww.emuparadise.me%2Fbiosfiles%2Fbios.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667000947626&bpp=10&bdt=775&idt=101&shv=r20221026&mjsv=m202210260101&ptt=5&saldr=sa&correlator=4795295021170&frm=23&ife=1&pv=1&ga_vid=991856031.1667000947&ga_sid=1667000948&ga_hid=1414900580&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=152&biw=1600&bih=1200&isw=728&ish=90&ifk=1996258855&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070591%2C44774292%2C44775016%2C44776450&oid=2&pvsid=305668297579728&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.xyx10969wmyg&fsb=1&dtd=114
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 11:57:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
42673
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1238
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 11 Nov 2022 11:57:55 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/ Frame 7099 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8349397313676385&output=html&h=90&slotname=4844265957&adk=3045945892&adf=2638734760&pi=t.ma~as.4844265957&w=728&lmt=1667000947&url=https%3A%2F%2Fwww.emuparadise.me%2Fbiosfiles%2Fbios.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667000947626&bpp=10&bdt=775&idt=101&shv=r20221026&mjsv=m202210260101&ptt=5&saldr=sa&correlator=4795295021170&frm=23&ife=1&pv=1&ga_vid=991856031.1667000947&ga_sid=1667000948&ga_hid=1414900580&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=152&biw=1600&bih=1200&isw=728&ish=90&ifk=1996258855&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070591%2C44774292%2C44775016%2C44776450&oid=2&pvsid=305668297579728&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.xyx10969wmyg&fsb=1&dtd=114
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d99f77a187454fecc18b59b2f520b1598b246d01e142bfdc4de56eb7221a9330
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 18:22:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
19608
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7367
x-xss-protection
0
server
cafe
etag
4759548068123418343
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 11 Nov 2022 18:22:20 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7099 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8349397313676385&output=html&h=90&slotname=4844265957&adk=3045945892&adf=2638734760&pi=t.ma~as.4844265957&w=728&lmt=1667000947&url=https%3A%2F%2Fwww.emuparadise.me%2Fbiosfiles%2Fbios.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667000947626&bpp=10&bdt=775&idt=101&shv=r20221026&mjsv=m202210260101&ptt=5&saldr=sa&correlator=4795295021170&frm=23&ife=1&pv=1&ga_vid=991856031.1667000947&ga_sid=1667000948&ga_hid=1414900580&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=152&biw=1600&bih=1200&isw=728&ish=90&ifk=1996258855&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070591%2C44774292%2C44775016%2C44776450&oid=2&pvsid=305668297579728&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.xyx10969wmyg&fsb=1&dtd=114
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0c03682256f0ddbfa031d5ee3c2bbb80eea99dab4ffa12622c551dea01359656
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 23:49:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47996
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1666856053429787"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 28 Oct 2022 23:49:08 GMT
6d06f43d9219529f87f676616f1c0e3b.js
www.gstatic.com/mysidia/ Frame 7099 		33 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/6d06f43d9219529f87f676616f1c0e3b.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8349397313676385&output=html&h=90&slotname=4844265957&adk=3045945892&adf=2638734760&pi=t.ma~as.4844265957&w=728&lmt=1667000947&url=https%3A%2F%2Fwww.emuparadise.me%2Fbiosfiles%2Fbios.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667000947626&bpp=10&bdt=775&idt=101&shv=r20221026&mjsv=m202210260101&ptt=5&saldr=sa&correlator=4795295021170&frm=23&ife=1&pv=1&ga_vid=991856031.1667000947&ga_sid=1667000948&ga_hid=1414900580&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=152&biw=1600&bih=1200&isw=728&ish=90&ifk=1996258855&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070591%2C44774292%2C44775016%2C44776450&oid=2&pvsid=305668297579728&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.xyx10969wmyg&fsb=1&dtd=114
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
19d9403b8b5963aaeae98991373ef1f4ec9ed98d649be55e657db8e1302578bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 14:36:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
33145
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13940
x-xss-protection
0
last-modified
Mon, 24 Oct 2022 21:55:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 26 Jan 2023 14:36:43 GMT
14828492229214819266
tpc.googlesyndication.com/simgad/ Frame 0E72 		46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/14828492229214819266?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qntK6diN12SXYqD1N1Z_zlXziQvPw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8349397313676385&output=html&h=250&slotname=7797732353&adk=1624002602&adf=2260553171&pi=t.ma~as.7797732353&w=300&lmt=1667000947&url=https%3A%2F%2Fwww.emuparadise.me%2Fbiosfiles%2Fbios.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667000947546&bpp=9&bdt=675&idt=105&shv=r20221026&mjsv=m202210250101&ptt=5&saldr=sa&correlator=4795295021170&frm=23&ife=1&pv=2&ga_vid=991856031.1667000947&ga_sid=1667000948&ga_hid=181595690&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=287&biw=1600&bih=1200&isw=300&ish=250&ifk=1690533163&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31070590%2C44775017&oid=2&pvsid=472105881715648&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.vk0nj8bv4j5k&fsb=1&dtd=121
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
90398d274e093821b066f9bc367d1ddb8e2fa9d18d7660c10cc3704c4d9f519f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 00:06:09 GMT
x-content-type-options
nosniff
age
603779
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46612
x-xss-protection
0
last-modified
Wed, 17 Nov 2021 09:20:46 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 22 Oct 2023 00:06:09 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/ Frame 0E72 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8349397313676385&output=html&h=250&slotname=7797732353&adk=1624002602&adf=2260553171&pi=t.ma~as.7797732353&w=300&lmt=1667000947&url=https%3A%2F%2Fwww.emuparadise.me%2Fbiosfiles%2Fbios.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667000947546&bpp=9&bdt=675&idt=105&shv=r20221026&mjsv=m202210250101&ptt=5&saldr=sa&correlator=4795295021170&frm=23&ife=1&pv=2&ga_vid=991856031.1667000947&ga_sid=1667000948&ga_hid=181595690&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=287&biw=1600&bih=1200&isw=300&ish=250&ifk=1690533163&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31070590%2C44775017&oid=2&pvsid=472105881715648&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.vk0nj8bv4j5k&fsb=1&dtd=121
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
15b192d13c1d029346a73cb1b2eb3a1b8905dfe8df1aaf9ced37356de9380e32
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 15:50:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
28721
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9268
x-xss-protection
0
server
cafe
etag
17746901142539384344
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 11 Nov 2022 15:50:27 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/ Frame 0E72 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8349397313676385&output=html&h=250&slotname=7797732353&adk=1624002602&adf=2260553171&pi=t.ma~as.7797732353&w=300&lmt=1667000947&url=https%3A%2F%2Fwww.emuparadise.me%2Fbiosfiles%2Fbios.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667000947546&bpp=9&bdt=675&idt=105&shv=r20221026&mjsv=m202210250101&ptt=5&saldr=sa&correlator=4795295021170&frm=23&ife=1&pv=2&ga_vid=991856031.1667000947&ga_sid=1667000948&ga_hid=181595690&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=287&biw=1600&bih=1200&isw=300&ish=250&ifk=1690533163&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31070590%2C44775017&oid=2&pvsid=472105881715648&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.vk0nj8bv4j5k&fsb=1&dtd=121
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 11:57:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
42673
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1238
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 11 Nov 2022 11:57:55 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/ Frame 0E72 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8349397313676385&output=html&h=250&slotname=7797732353&adk=1624002602&adf=2260553171&pi=t.ma~as.7797732353&w=300&lmt=1667000947&url=https%3A%2F%2Fwww.emuparadise.me%2Fbiosfiles%2Fbios.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667000947546&bpp=9&bdt=675&idt=105&shv=r20221026&mjsv=m202210250101&ptt=5&saldr=sa&correlator=4795295021170&frm=23&ife=1&pv=2&ga_vid=991856031.1667000947&ga_sid=1667000948&ga_hid=181595690&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=287&biw=1600&bih=1200&isw=300&ish=250&ifk=1690533163&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31070590%2C44775017&oid=2&pvsid=472105881715648&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.vk0nj8bv4j5k&fsb=1&dtd=121
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d99f77a187454fecc18b59b2f520b1598b246d01e142bfdc4de56eb7221a9330
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 18:22:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
19608
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7367
x-xss-protection
0
server
cafe
etag
4759548068123418343
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 11 Nov 2022 18:22:20 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 0E72 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8349397313676385&output=html&h=250&slotname=7797732353&adk=1624002602&adf=2260553171&pi=t.ma~as.7797732353&w=300&lmt=1667000947&url=https%3A%2F%2Fwww.emuparadise.me%2Fbiosfiles%2Fbios.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667000947546&bpp=9&bdt=675&idt=105&shv=r20221026&mjsv=m202210250101&ptt=5&saldr=sa&correlator=4795295021170&frm=23&ife=1&pv=2&ga_vid=991856031.1667000947&ga_sid=1667000948&ga_hid=181595690&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=287&biw=1600&bih=1200&isw=300&ish=250&ifk=1690533163&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31070590%2C44775017&oid=2&pvsid=472105881715648&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.vk0nj8bv4j5k&fsb=1&dtd=121
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0c03682256f0ddbfa031d5ee3c2bbb80eea99dab4ffa12622c551dea01359656
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 23:49:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47996
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1666856053429787"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 28 Oct 2022 23:49:08 GMT
one_click_handler_one_afma_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/ Frame 0E72 		33 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/one_click_handler_one_afma_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8349397313676385&output=html&h=250&slotname=7797732353&adk=1624002602&adf=2260553171&pi=t.ma~as.7797732353&w=300&lmt=1667000947&url=https%3A%2F%2Fwww.emuparadise.me%2Fbiosfiles%2Fbios.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667000947546&bpp=9&bdt=675&idt=105&shv=r20221026&mjsv=m202210250101&ptt=5&saldr=sa&correlator=4795295021170&frm=23&ife=1&pv=2&ga_vid=991856031.1667000947&ga_sid=1667000948&ga_hid=181595690&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=287&biw=1600&bih=1200&isw=300&ish=250&ifk=1690533163&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31070590%2C44775017&oid=2&pvsid=472105881715648&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.vk0nj8bv4j5k&fsb=1&dtd=121
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
17c4785eb6887b954551df9ffb7c8fd6241a8d7a7a40655bc116ca1fe5c4352f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 18:22:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
19608
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13448
x-xss-protection
0
server
cafe
etag
5057659360189610740
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 11 Nov 2022 18:22:20 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame AB21 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CSpTWc2pcY_TuLPO-9u8Pk_isoAT6qcLIbO_ghcaCEdrZHhABIKrtxkJglfKugrgHoAHNhZPzAsgBAagDAcgDywSqBNYBT9BHO7o3MrT7knPvFT53fm_1RrjEjfplvc9o4EyzgyQLTGoqArHPqnRdDeOTu9fsHt-hy5eZmXW74bK516jFgCvVO1HpbvpFPUaRggRzEDqh0yoNo8vPCE09FVt7ET09rq3KjB4ikGTyL-iKpyqQdwxRxy4jRZ_OolJldyrvYpsMsA_vYoktFU8ViNCmqoe5ufVPRIRGja7fq8fJjkNRevVrfA9_VaYcjBSZXKYtj62bS93pQ1hOEqCXVaqBNqq2JrOysP77l7o09vK5LPQmKt5R4YBIu8AE5_Ln7_MDkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBgKAB8WirJkDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQuY8C0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEwyIFALQFQGAFwGyFxwKGggAEhRwdWItODM0OTM5NzMxMzY3NjM4NRgA&sigh=dcxiK-TOL88&uach_m=[UACH]
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8349397313676385&output=html&h=600&slotname=1751198753&adk=1181575348&adf=1923364422&pi=t.ma~as.1751198753&w=160&lmt=1667000947&url=https%3A%2F%2Fwww.emuparadise.me%2Fbiosfiles%2Fbios.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667000947526&bpp=11&bdt=667&idt=153&shv=r20221026&mjsv=m202210250101&ptt=5&saldr=sa&correlator=4795295021170&frm=23&ife=1&pv=1&ga_vid=991856031.1667000947&ga_sid=1667000948&ga_hid=1115569118&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=276&ady=503&biw=1600&bih=1200&isw=160&ish=600&ifk=2515432399&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44775016&oid=2&pvsid=1052251170712819&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.gm5w1j5i41ja&fsb=1&dtd=166
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8349397313676385&output=html&h=600&slotname=1751198753&adk=1181575348&adf=1923364422&pi=t.ma~as.1751198753&w=160&lmt=1667000947&url=https%3A%2F%2Fwww.emuparadise.me%2Fbiosfiles%2Fbios.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667000947526&bpp=11&bdt=667&idt=153&shv=r20221026&mjsv=m202210250101&ptt=5&saldr=sa&correlator=4795295021170&frm=23&ife=1&pv=1&ga_vid=991856031.1667000947&ga_sid=1667000948&ga_hid=1115569118&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=276&ady=503&biw=1600&bih=1200&isw=160&ish=600&ifk=2515432399&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44775016&oid=2&pvsid=1052251170712819&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.gm5w1j5i41ja&fsb=1&dtd=166
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 28 Oct 2022 23:49:08 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
601425180373907471
tpc.googlesyndication.com/daca_images/simgad/ Frame AB21 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/daca_images/simgad/601425180373907471?w=180&h=360
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8349397313676385&output=html&h=600&slotname=1751198753&adk=1181575348&adf=1923364422&pi=t.ma~as.1751198753&w=160&lmt=1667000947&url=https%3A%2F%2Fwww.emuparadise.me%2Fbiosfiles%2Fbios.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667000947526&bpp=11&bdt=667&idt=153&shv=r20221026&mjsv=m202210250101&ptt=5&saldr=sa&correlator=4795295021170&frm=23&ife=1&pv=1&ga_vid=991856031.1667000947&ga_sid=1667000948&ga_hid=1115569118&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=276&ady=503&biw=1600&bih=1200&isw=160&ish=600&ifk=2515432399&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44775016&oid=2&pvsid=1052251170712819&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.gm5w1j5i41ja&fsb=1&dtd=166
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c15eb768b09d4f87a268b10562ce7b981e4b9b90404fe6e08373d45836ad2e31
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 06:20:19 GMT
x-content-type-options
nosniff
age
408529
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13112
x-xss-protection
0
last-modified
Sun, 16 Oct 2022 19:51:20 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 31 Oct 2022 06:20:19 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 7099 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CmzWSc2pcY4GjLtS89u8PytOp2AjFsuiUbY__1ajAENrZHhABIKrtxkJglfKugrgHoAGP9vn2A8gBAagDAcgDywSqBNYBT9AR79ePf04NXoAQ5SbPsMZI3whzGWzQCsWZ_hPxzwxAD72y3HMG3h7m2jtZUynKs-wRD-oYNnX7htnX4kgXteruYopshpZ-4vRifHcFDU4wAV4aYLgs_li9IFFwElQ28yrN0r2zhGNbf8q8-Hg-u4wB-KDvDH3idTsWtgURIWnGDssdKXP7MLQo7s8hnQV1qORlKFvGOAtIJW3JN6dqXY4PGqiUz6gyEfs6wRL4QP_K6CegqJKIDa7WdYfKWGe30IiQSXYrDTcQym7apNH64jTXHZEGF8AEldGD4pMEkgUECAQYAZIFBAgFGASAB8TL32KoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBCL3AjSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTCtAVAYAXAbIXHAoaCAASFHB1Yi04MzQ5Mzk3MzEzNjc2Mzg1GAA&sigh=1RwqwEhDK4Q&uach_m=[UACH]
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8349397313676385&output=html&h=90&slotname=4844265957&adk=3045945892&adf=2638734760&pi=t.ma~as.4844265957&w=728&lmt=1667000947&url=https%3A%2F%2Fwww.emuparadise.me%2Fbiosfiles%2Fbios.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667000947626&bpp=10&bdt=775&idt=101&shv=r20221026&mjsv=m202210260101&ptt=5&saldr=sa&correlator=4795295021170&frm=23&ife=1&pv=1&ga_vid=991856031.1667000947&ga_sid=1667000948&ga_hid=1414900580&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=152&biw=1600&bih=1200&isw=728&ish=90&ifk=1996258855&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070591%2C44774292%2C44775016%2C44776450&oid=2&pvsid=305668297579728&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.xyx10969wmyg&fsb=1&dtd=114
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8349397313676385&output=html&h=90&slotname=4844265957&adk=3045945892&adf=2638734760&pi=t.ma~as.4844265957&w=728&lmt=1667000947&url=https%3A%2F%2Fwww.emuparadise.me%2Fbiosfiles%2Fbios.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667000947626&bpp=10&bdt=775&idt=101&shv=r20221026&mjsv=m202210260101&ptt=5&saldr=sa&correlator=4795295021170&frm=23&ife=1&pv=1&ga_vid=991856031.1667000947&ga_sid=1667000948&ga_hid=1414900580&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=152&biw=1600&bih=1200&isw=728&ish=90&ifk=1996258855&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070591%2C44774292%2C44775016%2C44776450&oid=2&pvsid=305668297579728&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.xyx10969wmyg&fsb=1&dtd=114
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 28 Oct 2022 23:49:08 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
adview
googleads.g.doubleclick.net/pagead/ Frame 0E72 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CnYXpc2pcY8WTLIDW7_UP5oWvwAvZibzrbISry5yjEI6F6KqUDhABIKrtxkJglfKugrgHoAGcr_uoAsgBAqgDAcgDyQSqBPMBT9DzNcVcG_omTyCf1UJvMt9WfzSkTUNPN6gv7Q0p7IUEdsWhcR1iLaJVPF0YSpKxWmsL5OfS54amNswLlAaW4hnyqiYD1pTCuinghjgp0Mqznvyytfey7QqMnvec-7u_Hb_Btt09Q13LPDajCE7oHBB4LEMMuOc5f9Bpnlq6PM9EdSJjkA-iEClI9I7LGfbS2u0J-yCYyJXtjPRcLAhLRHbmsIviDDcUhy2S1lCW-UBlqz-IDcYmQc1Z8dLTDr3Gk3nW-EeZb-Sw9QKQ21kemuE2DqWJn98dGRof8Xj3zrPGWdEp0slgcZgb7ayku8V-PzMRwASum5DDjASSBQQIBBgBkgUECAUYBKAGAoAHzNCE1wGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBD01SnSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTDdAVAZgWAYAXAbIXHAoaCAASFHB1Yi04MzQ5Mzk3MzEzNjc2Mzg1GAA&sigh=hdWaNdGVFYo&uach_m=[UACH]
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8349397313676385&output=html&h=250&slotname=7797732353&adk=1624002602&adf=2260553171&pi=t.ma~as.7797732353&w=300&lmt=1667000947&url=https%3A%2F%2Fwww.emuparadise.me%2Fbiosfiles%2Fbios.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667000947546&bpp=9&bdt=675&idt=105&shv=r20221026&mjsv=m202210250101&ptt=5&saldr=sa&correlator=4795295021170&frm=23&ife=1&pv=2&ga_vid=991856031.1667000947&ga_sid=1667000948&ga_hid=181595690&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=287&biw=1600&bih=1200&isw=300&ish=250&ifk=1690533163&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31070590%2C44775017&oid=2&pvsid=472105881715648&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.vk0nj8bv4j5k&fsb=1&dtd=121
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8349397313676385&output=html&h=250&slotname=7797732353&adk=1624002602&adf=2260553171&pi=t.ma~as.7797732353&w=300&lmt=1667000947&url=https%3A%2F%2Fwww.emuparadise.me%2Fbiosfiles%2Fbios.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667000947546&bpp=9&bdt=675&idt=105&shv=r20221026&mjsv=m202210250101&ptt=5&saldr=sa&correlator=4795295021170&frm=23&ife=1&pv=2&ga_vid=991856031.1667000947&ga_sid=1667000948&ga_hid=181595690&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=287&biw=1600&bih=1200&isw=300&ish=250&ifk=1690533163&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31070590%2C44775017&oid=2&pvsid=472105881715648&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.vk0nj8bv4j5k&fsb=1&dtd=121
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 28 Oct 2022 23:49:08 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
s
googleads.g.doubleclick.net/pagead/drt/ Frame 0B0F 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8349397313676385&output=html&h=90&slotname=4844265957&adk=3045945892&adf=2638734760&pi=t.ma~as.4844265957&w=728&lmt=1667000947&url=https%3A%2F%2Fwww.emuparadise.me%2Fbiosfiles%2Fbios.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667000947626&bpp=10&bdt=775&idt=101&shv=r20221026&mjsv=m202210260101&ptt=5&saldr=sa&correlator=4795295021170&frm=23&ife=1&pv=1&ga_vid=991856031.1667000947&ga_sid=1667000948&ga_hid=1414900580&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=152&biw=1600&bih=1200&isw=728&ish=90&ifk=1996258855&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070591%2C44774292%2C44775016%2C44776450&oid=2&pvsid=305668297579728&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.xyx10969wmyg&fsb=1&dtd=114
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8349397313676385&output=html&h=90&slotname=4844265957&adk=3045945892&adf=2638734760&pi=t.ma~as.4844265957&w=728&lmt=1667000947&url=https%3A%2F%2Fwww.emuparadise.me%2Fbiosfiles%2Fbios.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667000947626&bpp=10&bdt=775&idt=101&shv=r20221026&mjsv=m202210260101&ptt=5&saldr=sa&correlator=4795295021170&frm=23&ife=1&pv=1&ga_vid=991856031.1667000947&ga_sid=1667000948&ga_hid=1414900580&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=152&biw=1600&bih=1200&isw=728&ish=90&ifk=1996258855&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070591%2C44774292%2C44775016%2C44776450&oid=2&pvsid=305668297579728&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.xyx10969wmyg&fsb=1&dtd=114
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
2026
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 28 Oct 2022 23:15:22 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
s
googleads.g.doubleclick.net/pagead/drt/ Frame 30FD 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8349397313676385&output=html&h=250&slotname=7797732353&adk=1624002602&adf=2260553171&pi=t.ma~as.7797732353&w=300&lmt=1667000947&url=https%3A%2F%2Fwww.emuparadise.me%2Fbiosfiles%2Fbios.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667000947546&bpp=9&bdt=675&idt=105&shv=r20221026&mjsv=m202210250101&ptt=5&saldr=sa&correlator=4795295021170&frm=23&ife=1&pv=2&ga_vid=991856031.1667000947&ga_sid=1667000948&ga_hid=181595690&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=287&biw=1600&bih=1200&isw=300&ish=250&ifk=1690533163&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31070590%2C44775017&oid=2&pvsid=472105881715648&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.vk0nj8bv4j5k&fsb=1&dtd=121
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8349397313676385&output=html&h=250&slotname=7797732353&adk=1624002602&adf=2260553171&pi=t.ma~as.7797732353&w=300&lmt=1667000947&url=https%3A%2F%2Fwww.emuparadise.me%2Fbiosfiles%2Fbios.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667000947546&bpp=9&bdt=675&idt=105&shv=r20221026&mjsv=m202210250101&ptt=5&saldr=sa&correlator=4795295021170&frm=23&ife=1&pv=2&ga_vid=991856031.1667000947&ga_sid=1667000948&ga_hid=181595690&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=287&biw=1600&bih=1200&isw=300&ish=250&ifk=1690533163&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31070590%2C44775017&oid=2&pvsid=472105881715648&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.vk0nj8bv4j5k&fsb=1&dtd=121
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
2026
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 28 Oct 2022 23:15:22 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 7099 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7a2c44a10d33ce16e83157e7cd6c00171c973b51d8349a3539d31291380722eb

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame AB21 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
41b22dd0f1da8edbc49fd2d3ade6f4a89825732d0df78bc59fe918250a16bd13

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 0E72 		219 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
79eedb4dedc46a451e83046ca0edfaefbc6c5cba2b45bc2a1a73d47229835421

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type
image/png
sodar
pagead2.googlesyndication.com/getconfig/ Frame B475 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221026&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210250101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8349397313676385&plah=www.emuparadise.me
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a981dbbf86d38cc1cf6ab3ecfb677e11dc525f648323ecde33167024efe76ace
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.emuparadise.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 23:49:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11069
x-xss-protection
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame 0B0F
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
18 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8349397313676385&output=html&h=90&slotname=4844265957&adk=3045945892&adf=2638734760&pi=t.ma~as.4844265957&w=728&lmt=1667000947&url=https%3A%2F%2Fwww.emuparadise.me%2Fbiosfiles%2Fbios.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667000947626&bpp=10&bdt=775&idt=101&shv=r20221026&mjsv=m202210260101&ptt=5&saldr=sa&correlator=4795295021170&frm=23&ife=1&pv=1&ga_vid=991856031.1667000947&ga_sid=1667000948&ga_hid=1414900580&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=152&biw=1600&bih=1200&isw=728&ish=90&ifk=1996258855&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070591%2C44774292%2C44775016%2C44776450&oid=2&pvsid=305668297579728&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.xyx10969wmyg&fsb=1&dtd=114
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 28 Oct 2022 23:49:08 GMT
expires
Fri, 28 Oct 2022 23:49:08 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 28 Oct 2022 23:49:08 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame 30FD
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
18 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8349397313676385&output=html&h=250&slotname=7797732353&adk=1624002602&adf=2260553171&pi=t.ma~as.7797732353&w=300&lmt=1667000947&url=https%3A%2F%2Fwww.emuparadise.me%2Fbiosfiles%2Fbios.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667000947546&bpp=9&bdt=675&idt=105&shv=r20221026&mjsv=m202210250101&ptt=5&saldr=sa&correlator=4795295021170&frm=23&ife=1&pv=2&ga_vid=991856031.1667000947&ga_sid=1667000948&ga_hid=181595690&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=287&biw=1600&bih=1200&isw=300&ish=250&ifk=1690533163&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31070590%2C44775017&oid=2&pvsid=472105881715648&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.vk0nj8bv4j5k&fsb=1&dtd=121
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 28 Oct 2022 23:49:08 GMT
expires
Fri, 28 Oct 2022 23:49:08 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 28 Oct 2022 23:49:08 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 7099 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 22:13:37 GMT
x-content-type-options
nosniff
age
351331
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28288
x-xss-protection
0
last-modified
Wed, 01 Jun 2022 19:05:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 24 Oct 2023 22:13:37 GMT
nOAuMeOBpF9evwNFXVQkLuXNj92N0OJ7uU_f3Vfdro8.js
pagead2.googlesyndication.com/bg/ Frame 3DB2 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/nOAuMeOBpF9evwNFXVQkLuXNj92N0OJ7uU_f3Vfdro8.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8349397313676385&output=html&h=600&slotname=1751198753&adk=1181575348&adf=1923364422&pi=t.ma~as.1751198753&w=160&lmt=1667000947&url=https%3A%2F%2Fwww.emuparadise.me%2Fbiosfiles%2Fbios.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667000947526&bpp=11&bdt=667&idt=153&shv=r20221026&mjsv=m202210250101&ptt=5&saldr=sa&correlator=4795295021170&frm=23&ife=1&pv=1&ga_vid=991856031.1667000947&ga_sid=1667000948&ga_hid=1115569118&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=276&ady=503&biw=1600&bih=1200&isw=160&ish=600&ifk=2515432399&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44775016&oid=2&pvsid=1052251170712819&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.gm5w1j5i41ja&fsb=1&dtd=166
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9ce02e31e381a45f5ebf03455d54242ee5cd8fdd8dd0e27bb94fdfdd57ddae8f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 18:21:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
106084
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
last-modified
Thu, 20 Oct 2022 10:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 27 Oct 2023 18:21:04 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame B475 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210250101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8349397313676385&plah=www.emuparadise.me
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.emuparadise.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 23:49:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 28 Oct 2022 23:49:08 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 438E 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.emuparadise.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
12594
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 28 Oct 2022 20:19:14 GMT
expires
Sat, 28 Oct 2023 20:19:14 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame A747 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
03ec0f29d03a4c5c3f9df21096251d2458df5e9ccd316f575d9112ab6355e308
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-b-R3ppQ_DbN2MP02jWaLsg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.emuparadise.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-b-R3ppQ_DbN2MP02jWaLsg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 28 Oct 2022 23:49:08 GMT
expires
Fri, 28 Oct 2022 23:49:08 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
nOAuMeOBpF9evwNFXVQkLuXNj92N0OJ7uU_f3Vfdro8.js
pagead2.googlesyndication.com/bg/ Frame 438E 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/nOAuMeOBpF9evwNFXVQkLuXNj92N0OJ7uU_f3Vfdro8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9ce02e31e381a45f5ebf03455d54242ee5cd8fdd8dd0e27bb94fdfdd57ddae8f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 18:21:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
106084
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
last-modified
Thu, 20 Oct 2022 10:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 27 Oct 2023 18:21:04 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame A747 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221026&jk=1052251170712819&rc=
Requested by
Host: www.emuparadise.me
URL: https://www.emuparadise.me/biosfiles/bios.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 438E 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?AZbTTg
Requested by
Host: www.emuparadise.me
URL: https://www.emuparadise.me/biosfiles/bios.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 23:49:08 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 0C67 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221026&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210260101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8349397313676385&plah=www.emuparadise.me&bust=31070591
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3196a5a13e9cb2bd0014fc8960913388f48babdab2b9e35dae0ff19a8d432009
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.emuparadise.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 23:49:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11263
x-xss-protection
0
nOAuMeOBpF9evwNFXVQkLuXNj92N0OJ7uU_f3Vfdro8.js
pagead2.googlesyndication.com/bg/ Frame 95D4 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/nOAuMeOBpF9evwNFXVQkLuXNj92N0OJ7uU_f3Vfdro8.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8349397313676385&output=html&h=90&slotname=4844265957&adk=3045945892&adf=2638734760&pi=t.ma~as.4844265957&w=728&lmt=1667000947&url=https%3A%2F%2Fwww.emuparadise.me%2Fbiosfiles%2Fbios.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667000947626&bpp=10&bdt=775&idt=101&shv=r20221026&mjsv=m202210260101&ptt=5&saldr=sa&correlator=4795295021170&frm=23&ife=1&pv=1&ga_vid=991856031.1667000947&ga_sid=1667000948&ga_hid=1414900580&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=152&biw=1600&bih=1200&isw=728&ish=90&ifk=1996258855&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070591%2C44774292%2C44775016%2C44776450&oid=2&pvsid=305668297579728&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.xyx10969wmyg&fsb=1&dtd=114
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9ce02e31e381a45f5ebf03455d54242ee5cd8fdd8dd0e27bb94fdfdd57ddae8f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 18:21:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
106084
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
last-modified
Thu, 20 Oct 2022 10:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 27 Oct 2023 18:21:04 GMT
nOAuMeOBpF9evwNFXVQkLuXNj92N0OJ7uU_f3Vfdro8.js
pagead2.googlesyndication.com/bg/ Frame 1700 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/nOAuMeOBpF9evwNFXVQkLuXNj92N0OJ7uU_f3Vfdro8.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8349397313676385&output=html&h=250&slotname=7797732353&adk=1624002602&adf=2260553171&pi=t.ma~as.7797732353&w=300&lmt=1667000947&url=https%3A%2F%2Fwww.emuparadise.me%2Fbiosfiles%2Fbios.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667000947546&bpp=9&bdt=675&idt=105&shv=r20221026&mjsv=m202210250101&ptt=5&saldr=sa&correlator=4795295021170&frm=23&ife=1&pv=2&ga_vid=991856031.1667000947&ga_sid=1667000948&ga_hid=181595690&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=287&biw=1600&bih=1200&isw=300&ish=250&ifk=1690533163&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C31070590%2C44775017&oid=2&pvsid=472105881715648&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.vk0nj8bv4j5k&fsb=1&dtd=121
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9ce02e31e381a45f5ebf03455d54242ee5cd8fdd8dd0e27bb94fdfdd57ddae8f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 18:21:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
106084
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
last-modified
Thu, 20 Oct 2022 10:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 27 Oct 2023 18:21:04 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 0C67 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210260101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8349397313676385&plah=www.emuparadise.me&bust=31070591
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.emuparadise.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 23:49:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 28 Oct 2022 23:49:08 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 9231 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.emuparadise.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
12594
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 28 Oct 2022 20:19:14 GMT
expires
Sat, 28 Oct 2023 20:19:14 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 16B7 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
930f5e73a16f389f7a7b75bb46f58572ad12dc5a9945af6138607eba3ed72f03
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-pv8H8N-NHXL7ctW_cyHYsg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.emuparadise.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-pv8H8N-NHXL7ctW_cyHYsg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 28 Oct 2022 23:49:08 GMT
expires
Fri, 28 Oct 2022 23:49:08 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sodar
pagead2.googlesyndication.com/getconfig/ Frame 1AF2 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221026&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210250101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8349397313676385&plah=www.emuparadise.me&bust=31070590
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2383b74dd4788681c85fb6f556fb27d9d5ea020d75a34ff2830fc6207c7ce92d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.emuparadise.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 23:49:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11367
x-xss-protection
0
nOAuMeOBpF9evwNFXVQkLuXNj92N0OJ7uU_f3Vfdro8.js
pagead2.googlesyndication.com/bg/ Frame 9231 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/nOAuMeOBpF9evwNFXVQkLuXNj92N0OJ7uU_f3Vfdro8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9ce02e31e381a45f5ebf03455d54242ee5cd8fdd8dd0e27bb94fdfdd57ddae8f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 18:21:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
106084
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
last-modified
Thu, 20 Oct 2022 10:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 27 Oct 2023 18:21:04 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 1AF2 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210250101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8349397313676385&plah=www.emuparadise.me&bust=31070590
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.emuparadise.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 23:49:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 28 Oct 2022 23:49:08 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 16B7 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221026&jk=305668297579728&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame FB07 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.emuparadise.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
12594
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 28 Oct 2022 20:19:14 GMT
expires
Sat, 28 Oct 2023 20:19:14 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 787F 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
f13c3a061e6dfbdea71dd8a0ec971ae1cdab663be55d3959a38b1c670662c6b0
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-QSnKcKfqEzR8Q7jMh5MH9Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.emuparadise.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-QSnKcKfqEzR8Q7jMh5MH9Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 28 Oct 2022 23:49:08 GMT
expires
Fri, 28 Oct 2022 23:49:08 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
generate_204
tpc.googlesyndication.com/ Frame 9231 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?ScVQLg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 23:49:08 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ Frame 787F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221026&jk=472105881715648&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers
nOAuMeOBpF9evwNFXVQkLuXNj92N0OJ7uU_f3Vfdro8.js
pagead2.googlesyndication.com/bg/ Frame FB07 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/nOAuMeOBpF9evwNFXVQkLuXNj92N0OJ7uU_f3Vfdro8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9ce02e31e381a45f5ebf03455d54242ee5cd8fdd8dd0e27bb94fdfdd57ddae8f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 18:21:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
106084
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
last-modified
Thu, 20 Oct 2022 10:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 27 Oct 2023 18:21:04 GMT
generate_204
tpc.googlesyndication.com/ Frame FB07 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?El0Xrw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 23:49:08 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ Frame B475 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221026&jk=1052251170712819&bg=!Tk2lTQnNAAZPh4lnb4c7ACkAdvg8WmvE531jJDoj9dQdZceLNL0x6RUB7NCMFO_Gsbqs52wPDlf4jwIAAABPUgAAAAxoAQeZAraImsxC-RBOTyGid_QJ5gZUDnz4d4VAzHOrnJyvrXHjRUoab2rrqSSoRv96-Jj55Xy_XDXZFSjDwv-1sNnOnbjFgZSvfcJQ3goXRZTTnGdIvocYtF6p3jhtPlX84Ieff_W2tiAV1Ly1KJreTD-dUg3xZ1cR_BDR5sufi34yrL_GLXC2AMAF-hJEtXnmtOlYf_WY70iAr-C8jCHNZ8XOMoMAxeScWVStrCajjSSHkulheTEt7Lpe1C_FmlPDMGG82CRg3IYnz6S0qlLywycrxoO_64TP5sP_vKCjC9Xsei8CdHDQWXMvHZvLWbOKss2l1CuzS05msYsJnuQSb4MBsf5CXvnpASB8kT-jIz6uQE_ZYuo2MJnX2pEf0LYo_NpmAUaOva2hDChSOXhLCgRMTXkbPgQwjE77tFpg2Bp4MaSkJVmMO4KqrSVwSFyGN6nCvrInuzIFMiJHW-dIN7EoH4rSXI76CxlzSVv0q5-PRz5kuMfIi7VS_Z_bats5TRtMSK4ctpfUGLOFt3dPvHy5hqrXw9-HeGltkDAgfoIchtrBtQIg-xTpsgJXLPEIKxPq-0ap0l5UQJG58Wo0PYsAOM0QXsr800kKVO6Gk88GXGEkzyhtew2JsooZYthO4mYGsBYDsAyqhYNVDr5sq9i2lAsyw68LZ5tFzYvlkm93q6q6GPcLp5OGH8XsY584vvGbLPekKoAK1imWks-ouh_phskN2pjYxkQyg0VaQf0usYuW7XlUhyzisg_wGxL_6osViL3C1voABNlhxZU3vCUsrTxB_kVjc88o6R6H-HLaq-7iuLKT6Ts0VQR3SnS5lqOlnHWoxT8sA9fbZkSKzIlORN8d8gomMOj47rK6rpIobI53_2-NfW3qpZtC2foS2rZWNJMAlEVDRLCR3oVMPUNzm5kaZlFm1Vwi
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.emuparadise.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers
activeview
pagead2.googlesyndication.com/pcs/ Frame 0E72 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv-SDjr7P-NPIDGOSFTMWNbxbNEnVEsqlnHBDofziV4kvevW-Dayic3C5ia_PoVGapVaJbng70P-2YNRvENIvrdu73CVuwL2tTgFR-8ya-znlxN4WfnGwYO8xBzMIfbHQYMJ7WfFw&sai=AMfl-YSgChHPovN307L1b-JBbk2l7eJ-XnDB56wPVwzNOBHjUGZTe0P7Lix0VPqI_EEcqLXEwaOB0dNHHi1ce6Q&sig=Cg0ArKJSzHIbeIarT3PWEAE&id=lidar2&mcvt=1001&p=0,0,250,300&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20221027&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=1624002602&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1667000947668&rpt=673&met=mue&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Oct 2022 23:49:09 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame AB21 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssXcxOWZ8mCQ3YX3N0Un_LyWbphGDfNoeNbwIq_Kv-TzS-1ifo18lkrU4xG8oHqZZGP77mugVwpkeHCAy0JkU0E1gGdZ8f_Ar5Eh4tvlz51RsWXQV0K-0R8WrllKNmLOKf9EpM3iA&sai=AMfl-YTSwBvze7JaBJ1VsxZ0ESCNKNLaLWVRMNQuc_SsxqhLZag7PMctz1Pcp0MworX1HexVbenyCIwWqnPhSPk&sig=Cg0ArKJSzItOc6eq_9_rEAE&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221027&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1181575348&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1667000947693&rpt=668&met=mue&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Oct 2022 23:49:09 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 0C67 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221026&jk=305668297579728&bg=!GRqlGl7NAAZPh4lnb4c7ACkAdvg8Wv2vktiNVGRZcrKu5dEZY4th6WRNXaF08T5kUjs-JKcBHHABaQIAAABmUgAAAAhoAQcKAJvi0cKMaAJX2zeQPe3PIFA4J7tlOecyrSrXaEhDm3Ac0-33lluKftIcDDX-v84ar_BWcjg_O_tss4nbI-X61yUZC2zKDYuaUsUNqDp3iJv3qxf8p9VGgJJvBhyVnNCXMnBcUYYpKRy9XzNJdmQD57UzW2MUsczV1oKqwvm-bkhBH-2GWJ8lapSjoUJSsakLbGgHPXRHkN7ULhPHzZkCtmvY2pYlX8fLXr0Z6W1t3oqQ-dtz_02xo8yn4BJUVxxgocayrZbiYrkexSca-ovZOkvr8z5Fw3mXSp--4f887bdfKIzyD_S9OXju88X0csOikq8gZr9UdQRlOZZVQQ1Iivh31ie-OjQP6bUtgpabbOMwnyQ7Ja1NK1z1tbJxsoW09Xhs_IQ0K9gRZk0hRuQG1ABmG3XR-6D_S-89bFX03jegf3k0nnbxdnvtztqzi6RSuOz4zafz-apzE-o3N_ko8FD4wH-k3C-sKjcD2tsQdYgbiO6SRG6pX_RM5RCw7CNCn_iPeSsSrk7mwFqvSJH74VTUOBzwHTiiFIHPzU1bzbgY-YkZMGdrBKeJfPkfvjXwr_QkRQsVEOQGNee6YKaN6WzFmT1YfrRinR0yNDChdyz4k3tVDug0HaKQLS-StBW1x_oG-DWGPtgMrioQwvIFVjdXzzMz6x0Ixuz-tb1kuvhNxlsJMhZSk8Zl1n4JDJ5XLlXh6q7TxO5F6g6FfCvFhVJxAqcsIbLWCyGlX4Ats9r-N1pfF-S9l50KIzzL_5BoOS4eOfQPArEV2LEJNua9m6HvT7kCIJDs0Z-irakPK9uAXybm8xnewqOh6eAdNU9i50aMA4Ney8-ziwzJcO4rpYjINIe6cwZF-g_hG8vmkDEFBiLQj__vUYr1yINRjni_eQKp4WEVi-FPTtIuqkscnsqngCeFqcMRtcsV97FquC7Z-KBViPM7r8bakvBOLhPXALJL1b9jkmvi_Iq52kdA-hLV4cjr4HGXokHr53M_VI9ViXvuKdZYYwl66EwgeesobCBJht3qGD_btzOvcoswks71WB3ytKq8XceQqZ3_lgdOW1kO_s9rXdINfm7iCxc3FaE5TD77afbFl1zrfJFwIx2pnZYxHvjr-73iZoeIXRHW4uZz44E
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.emuparadise.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 1AF2 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221026&jk=472105881715648&bg=!8_Cl8LTNAAZPh4lnb4c7ACkAdvg8Whl1gisEBDdCA4gsDs1cwXg-JP-G2Fz80j5N0RG7fuql01K-ogIAAABMUgAAAAVoAQeZAsMcpJm47XBuRQ2lnM2EFy2W4kG-_G9l9bKlJrlYlJbbVrXIJeOl-XD53k9Pck9WRx_mBLYL1OHhG2eDpfclf8kr29S7ScQqqORUV83cqUtYSrTU4fmsWP1XNJoWf_4rw3QucG0Hr8Hn5sS3GVFH71g2SvXbis-FW_7lRfmFsHj7IHPtK89YoTUgjhSGeVpGIJgt4T1HNSVEp6go4aWKCANmk9UJk7gX-KK-h_HH61p3azABC_FB2AYz1bShYbF9yrm25halZLDF_H3cjzycjUwFkgl48-O50msFBG2SGPmnm3rbcqWiYRMSKZPX9SLELYkIfwm93IAwYo6AdW61jt5YeDXOm54_CL5SYGOaKMjxwLXAL7WfQawsJ3xYTTayWn_vFlKzxMrQFlfI9XXPKK5WpXMCPALz1C_VDD-QIBTXA24cIx7HzT6cbBqz-fmh7olI2b8ZpmVS51H6F5cHSmu-hINQqmgYjNvTVahCICeuHaukO4TWdyFyt9FejQZ441U4CE5pEHvpblmWUtupyYbWTKmI4bOHElOjh_974owoRy6hQ55-EkIqmwUXlBJRZmiFWqLM5aPQJF0fLRvKgmCj2u0k3XphA5x16H1CgtcYDnnrGfiNNTvSGok41RjBz2FfiY70hdA7w0EHi51_zl162QRSs4To74aNkHS_S3wUbIYf73Jr9j742ZomY8G4pKHiGNB-JUHiGVd09eXVuBImRnC2epAsR7EHytBLKs42yr6n4rLX_LazjkbVc8cmWET1yiTBV_z8Hkbg2LqizZxLJF8dB13gb1F8Hz5wPqKNwjR_DnYKl5MeVbWHChHNPOAb0GADM85d9kYuYo2PfK6zZwqWCYdCeaCHXlPUM9pKmr2GopGKkJX3S4PuDttFsITABKmr_yL-hob13CxR-NUSucgaZx3Tr3CaJKhlD5F7VG0j7Q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.emuparadise.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers
activeview
pagead2.googlesyndication.com/pcs/ Frame 7099 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsumLogQrqu5Lr9TGFJX7NqyL8g7_WTFSWZ0KoqQ9TUI0Gbt7NfIa0vAZa6zskdYmCB05wiVK95506-iPuFa4MxURB6mHYRw3mHwjUF_9ZmbB2JqHnwhX91tmiqQXQu6t1stgo1r6w&sai=AMfl-YRFzS-x_g869QsFnQ5S4xjd_NJM_6iehwVA0-FSjyZshycsMgqYtii50gZkqq9_LJmBucL61QZzc7Q3xao&sig=Cg0ArKJSzKr_orYMHsKuEAE&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221027&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3045945892&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1667000947742&rpt=924&met=mue&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Oct 2022 23:49:09 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
i.po.st
URL
https://i.po.st/static/v4/post-widget.js

Verdicts & Comments Add Verdict or Comment

86 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| $ function| jQuery function| is_mobile_domain string| os string| key string| bookmark_snippet object| msgs function| DetectReferrer function| findMatch function| is_Push object| _comscore string| post_src function| Swipe string| GoogleAnalyticsObject function| ga object| Tynt undefined| adsStart undefined| TIMEOUT object| googletag undefined| pbjs undefined| adUnits undefined| a9Slots undefined| a9BidsBack undefined| tableBreakSize undefined| mobileBreakSize undefined| device undefined| dfpNetwork undefined| len undefined| detectWidth undefined| initAdServer boolean| hb number| header_bidding_allocation undefined| displayOnDevices object| e9 object| COMSCORE function| udm_ object| ns_p object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| _33Across function| __uspapi object| _tynt_jp number| Yb function| JsMutationObserver object| TyntRT object| TyntSIC object| e9Loader object| e9Manager undefined| e9AdSlots object| e9ObjectMap object| e9WaitingSlotsQueue function| getRealTagsScript function| getCurrentTagsScript function| createSameDomainIframeTag function| writeContentInIframe function| getFrameID function| getDivID function| createAndWriteContentInIframe function| processMultiTagsRequest function| processSingleTagsRequest function| canAsyncFrameBeDrawn function| getMaxSize object| jQuery1720574967349379147 object| e9PageData number| _tynt_gpt_iframe_id object| google_reactive_ads_global_state object| google_ad_modifications number| google_global_correlator object| google_prev_clients

25 Cookies

Domain/Path Name / Value
.emuparadise.me/ Name: _ga
Value: GA1.2.991856031.1667000947
.emuparadise.me/ Name: _gid
Value: GA1.2.2049919509.1667000947
.emuparadise.me/ Name: _gat
Value: 1
sic.33across.com/ Name: JSESSIONID
Value: dsic-006-chi~1wfw5r68-jfq4difh-hm7uvxts-hobamv7t
.emuparadise.me/ Name: __gads
Value: ID=c92f3145365fa417-2278e3945ece008d:T=1667000947:RT=1667000947:S=ALNI_MZE1zresRDAnqxiLIktj60N0-H2pQ
.emuparadise.me/ Name: __gpi
Value: UID=00000b799a11383b:T=1667000947:RT=1667000947:S=ALNI_MYVwMEYY6ElO5Upf7X2REWPJR-wOw
.yahoo.com/ Name: A3
Value: d=AQABBHNqXGMCELL29gCwyaUcF4tXhEzpv5UFEgEBAQG7XWNmYwAAAAAA_eMAAA&S=AQAAAg0GUhY_x5utsYcWQexQiCI
.analytics.yahoo.com/ Name: IDSYNC
Value: 18gs~27zb
.casalemedia.com/ Name: CMID
Value: Y1xqc2uj.juubyjF5-Oa9QAA
.casalemedia.com/ Name: CMPS
Value: 5136
.casalemedia.com/ Name: CMPRO
Value: 5136
.agkn.com/ Name: ab
Value: 0001%3AW7uppEXqeZxA%2FS86UjOa1MmuouTVIGEc
.pubmatic.com/ Name: KTPCACOOKIE
Value: YES
.spotxchange.com/ Name: audience
Value: 1ce4813b-571b-11ed-86b0-19da87bf0406
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 7F2DFD46-4F32-48E2-BEA8-A746F5193486
.doubleclick.net/ Name: IDE
Value: AHWqTUnCj-4X8t7JYOAlqEVovesdgbTySNoisHttorHKVDtIeB_GjG64Df5OdskcOWQ
.demdex.net/ Name: demdex
Value: 62143095164925549483668007840757056425
.pubmatic.com/ Name: KRTBCOOKIE_1051
Value: 22884-18072662283319307903
.pubmatic.com/ Name: PugT
Value: 1667000946
.dpm.demdex.net/ Name: dpm
Value: 62143095164925549483668007840757056425
.bluekai.com/ Name: bku
Value: CH999cB3Usw4zhyz
.bluekai.com/ Name: bkpa
Value: KJy9qQYHd02pSUHknpx01MAdSVx21EQyBp/tBM/0me1p1EAp1ez81e1ZzZPASU/2ScH6zc1k16Wk1ARk1AjCn7H0SVJCqsjNztkFqi8Mqt6k1AjonZNC5sBGJEBszYDpHs/pJE/t5uDpHYD0Ba2YuN2PPDkW9yexGCdt
.krxd.net/ Name: _kuid_
Value: PKnTdS2h
.doubleclick.net/ Name: DSID
Value: NO_DATA
.tribalfusion.com/ Name: ANON_ID
Value: aknvnutlixe8qyTAZbGau9YDnvB0aIVo5ZdNktbPJGK9YcrhgCpoTAjnqus00FrxfXF26p3ZbmRfXGmZa54Zds2ZcxuBgnM9AbBH0slKKS9VJyGkWG

1 Console Messages

Source Level URL
Text
network error URL: https://i.po.st/static/v4/post-widget.js#publisherKey=v0lna7b23naojn1kqqtn
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
aa.agkn.com
acdn.adnxs.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
b64459531885200b3efb-5206a7b3a50a3f5974248375cd863061.ssl.cf1.rackcdn.com
beacon.krxd.net
c.amazon-adsystem.com
cdn-sic.33across.com
cdn.tynt.com
cm.g.doubleclick.net
de.tynt.com
dpm.demdex.net
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.po.st
ic.tynt.com
image6.pubmatic.com
m.emuparadise.me
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.rubiconproject.com
public-prod-dspcookiematching.dmxleo.com
s.tribalfusion.com
sb.scorecardresearch.com
sc.tynt.com
securepubads.g.doubleclick.net
sic.33across.com
simage2.pubmatic.com
sync.search.spotxchange.com
tags.bluekai.com
tags.expo9.exponential.com
tpc.googlesyndication.com
ups.analytics.yahoo.com
us-u.openx.net
www.emuparadise.me
www.google-analytics.com
www.google.com
www.googletagservices.com
www.gstatic.com
i.po.st
104.18.18.39
104.18.22.45
13.32.121.17
142.250.184.226
151.101.1.108
151.101.2.109
151.101.66.109
18.202.59.106
18.66.108.49
185.64.189.110
185.64.189.115
185.80.39.216
185.94.180.126
188.65.124.66
2.18.232.236
23.35.236.143
2606:4700::6812:18ad
2606:4700::6812:cdb
2a00:1450:4001:801::2002
2a00:1450:4001:802::2003
2a00:1450:4001:806::2002
2a00:1450:4001:809::2002
2a00:1450:4001:812::2003
2a00:1450:4001:827::2002
2a00:1450:4001:829::2002
2a00:1450:4001:829::200a
2a00:1450:4001:82b::200a
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::200e
2a00:1450:4001:831::2001
2a00:1450:4001:831::2004
3.120.204.36
3.126.56.137
35.244.159.8
54.155.40.229
67.202.105.21
67.202.105.31
67.202.105.33
69.173.144.138
03ec0f29d03a4c5c3f9df21096251d2458df5e9ccd316f575d9112ab6355e308
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
06de5d588ad5e028c154624de6b205ffb2790a1a67675f504a3527ce7f247319
0c03682256f0ddbfa031d5ee3c2bbb80eea99dab4ffa12622c551dea01359656
0d6d87d86843ed0bc023cba55f7d1d2078ea087f968c8dc3e1cf65d59e26560b
135e537700aeaa04b8bd2eb398bce126949d20024a9c4d8a9b2fb758510684fa
138a4038dfd7617ee98b0974a5d2e31f2b991c798f95a5d6a32d456000af8e46
15b192d13c1d029346a73cb1b2eb3a1b8905dfe8df1aaf9ced37356de9380e32
17c4785eb6887b954551df9ffb7c8fd6241a8d7a7a40655bc116ca1fe5c4352f
17c58bcfaf532347f2f3c778ffa84df1c61559100cb57bb5789c3801f57e0ec0
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
19d9403b8b5963aaeae98991373ef1f4ec9ed98d649be55e657db8e1302578bc
223316825e7244d2129aba66a172ce81af4263ea57a026e519b5b35bffad7366
22676883b88e293be6404e8fe60c0386be883ef7360ead856e1db3e3b69efbe6
2383b74dd4788681c85fb6f556fb27d9d5ea020d75a34ff2830fc6207c7ce92d
23d435fffef9bd83f246b1b08272515490f61c33a0eeffe9543caaa089017b08
3196a5a13e9cb2bd0014fc8960913388f48babdab2b9e35dae0ff19a8d432009
34a83b5deedbc6b2c2739d8189b62f5e9af1a46ebc75ec4e1b50a0a81c301f43
3c3cff97c4aa3504572aa56cfeb7230dc6edd5fc03974f871c30bff1d050ab00
3cec72a3524be478381f26b0c1b5975435c93c322d1b6b17c55de515a035bb0d
3fbab7a147bbfdd59bd8048d6e61c7d52e6163df8189e6c01ebd635ea57e08c9
41b22dd0f1da8edbc49fd2d3ade6f4a89825732d0df78bc59fe918250a16bd13
432c736872d32e23225a118a9ee55f26126de76a49be04adbf2ddba534bb717d
45a2aca57e3d347627d9cb6804c33eedbc30a9943613f29c703d93b87aaa3470
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4bb12d70c666a520e92ce5323623ef456da29d874de55b2900f6938b860ce458
4c821f2d169369324022057e9948ed8f9d45794d18b6c8c3fbbba900bb65158c
4d429b34a4864bd33d77d0b240f13c196d4cc84784b33cedf242292c00768eb4
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f9db780edcbc138495af6c37be4d0b67ca795563b3383c786a01f7beffbb9ce
51b5cb15f29ab4955072d1c18f479b57df59a8da4113b1d41d889a49b84a9e0d
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
601459a3e208a28ad0efc45edd5dfe480785df1365f81fc45acec1231cd16674
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
636918a42a81e1a5237736d71ad20c1baf724f1d7559aea82a2d43554154515a
6371cf08b8bdb09d35f27143c1d00c8dadd93e29992a193fd9b3374e4d2fe1b6
6952d75a2aaa80c38068102af0b81541c127ce80a62b183f9a6d4197a4c2e31f
69b03da6c9193013367a55a5d7abfe8d714b725ac4bd60afb3eec24b337028cb
6a2a699fa7e4ce101b9db469452f2631cc2ac7c887abe082617497274e243f0e
6c1c92c91b9bcee08af4c8401aef46821042abf1ae49abfb06c82fcd66031973
709fcb2deac7d886038b7be1f592f8062c636c6b82a031dbcacdf611ec908b97
75e52b122b83769eddb1485a99a19317624ac22323e76642099965dfd3711df4
7711f39fa3b6bcbbd33905137586fd08e15c58ca5bf662e65ca7fc52dae12c29
7848b7839dfa976ed478cb6617ca0c2123e7a3db7c2345ccb0206bee5ec60529
79eedb4dedc46a451e83046ca0edfaefbc6c5cba2b45bc2a1a73d47229835421
7a2c44a10d33ce16e83157e7cd6c00171c973b51d8349a3539d31291380722eb
7e915777546516e196d2b26c4eb393423c54174d61fbf7a98259c33a4efdefdc
7fdd010aaffdcbc848ea6d060d8f8af2a642256dcb5abc0757b62d471bb5d6e8
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8be7216f05ace831d67d8a1fb930d204b7d9a761e711c7c22ad4aba7c40f25df
90352cd429fceb3b816c9418248ab076c32d27239cc9bdf453287b07c952fe93
90398d274e093821b066f9bc367d1ddb8e2fa9d18d7660c10cc3704c4d9f519f
90f988db82fc3588ef08ff3605b43b15364df1cbca95350c35c89dc4f6a55599
9272deaba258052abfdca7f8a720c98f972e76dfbff62b73d8411c76c3e5088c
930f5e73a16f389f7a7b75bb46f58572ad12dc5a9945af6138607eba3ed72f03
974f9ffb3f149633bffb217029cc4fb0cc1e40eeb2cc936054f55b98718e129b
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
9835a69ecb524330162090fbfdd3c070e4598540584312915b1bfe547e258717
9c5e9bab22cec080e7cf0f3ea849dfb10f40e2002cbc5575a343832115e1a41c
9ce02e31e381a45f5ebf03455d54242ee5cd8fdd8dd0e27bb94fdfdd57ddae8f
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5d4be9135e0400a2357c358d9f967d4a7d5ccc13c272b657932aae568e2ca61
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
a981dbbf86d38cc1cf6ab3ecfb677e11dc525f648323ecde33167024efe76ace
a9ead6ed8f33ce75a675ff5efc38c0e8ac031e3e9167c5ed3da9d3952658f691
aac4ee0bce6764a93e0c10d9b025a783480343023e91b05806afd58454a6152d
b3afab7efc8fee38382f02191ccb3395fdbfabca82ef2ee313bc09dc80159b3a
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b8b63b857c0a7c2fe467eabcfd331c657e3a9d69722f121b1d159a6925a3a344
bb1a5d81ec9fcfcee22126973280422a4c694734593b0a1c9c46a44ab39d831c
c0e84e667672bf1c1c675beab334b374919c2a76172ddf890e48ac57b182f5ee
c15eb768b09d4f87a268b10562ce7b981e4b9b90404fe6e08373d45836ad2e31
ccde52de4fc6f7c3cb71a70321e52e1f10dd063da28012953e54dc3dd0ccfb6d
d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179
d34f7099998f0f66e3af4ed82aa8ed9f331b503f50f3a18b1adc648cdbec6be3
d4d6432a012111c5337920626d8e5255a095018c6de5eeff4f461a3559803916
d6da0ca764e8868359ebf6451c2c650a06163d1112c9dc8378bf88ce5e486895
d99f77a187454fecc18b59b2f520b1598b246d01e142bfdc4de56eb7221a9330
dcdc6d08c55dacf94f6a80c70f33a211542ae3d54755efa8a6f27c2fef7b7e18
ddccee94532e36265390e5c93503c8bc30525834a36ec19fd8aef385d3e842d9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e8fd36555511bebb4ea6f4520ab3eb3de4acb772452cd9d37f461dfd3b93e994
eb37809a5df0124fc543eac83f4bf3eed272c2970bb5d203326cc5d66d2e8b62
ed571604d58f2a1a3dac7e2052f2cbd32883dc744dc2fb72aa92ed8c521b6c55
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f13c3a061e6dfbdea71dd8a0ec971ae1cdab663be55d3959a38b1c670662c6b0
f59cfcc1b35c43e335d7a8a9a294a49cafa0764fcadac0dcc41086c2c5985c2b
f694ee2c9d59f662b923098dcd9fad758c1033f33d80ff72f992b8356bf527eb