Submitted URL: https://d2.consoletarget.com/?y=cdd07634&x=ktVrDlr%2BQZgiyDAa2CWtTJWZR7mJ%2Fya98O5DH%2BZrC1kk7R5dxzj%2F8hZb1J%2BUQ9K7ZKFIj%2B...
Effective URL: https://gamecopyworld.eu/games/pc_mars_war_logs.shtml
Submission: On December 22 via api from US

Summary

This website contacted 8 IPs in 4 countries across 11 domains to perform 50 HTTP transactions. The main IP is 104.31.93.39, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is gamecopyworld.eu.
TLS certificate: Issued by COMODO ECC Domain Validation Secure S... on September 11th 2019. Valid for: 6 months.
This is the only time gamecopyworld.eu was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
8 104.24.111.143 13335 (CLOUDFLAR...)
4 2606:4700::68... 13335 (CLOUDFLAR...)
10 2a00:1450:400... 15169 (GOOGLE)
1 46.166.179.121 43350 (NFORCE)
2 130.185.144.4 20860 (IOMART-AS)
1 20 104.31.93.39 13335 (CLOUDFLAR...)
10 15 2606:4700:30:... 13335 (CLOUDFLAR...)
50 8
Domain Requested by
20 gamecopyworld.eu 1 redirects d2.consoletarget.com
gamecopyworld.eu
15 s1.filetarget.net 10 redirects gamecopyworld.eu
8 d2.consoletarget.com d2.consoletarget.com
pagead2.googlesyndication.com
5 googleads.g.doubleclick.net pagead2.googlesyndication.com
4 cdnjs.cloudflare.com d2.consoletarget.com
gamecopyworld.eu
2 b.bnrsis.com d2.consoletarget.com
gamecopyworld.eu
2 pagead2.googlesyndication.com d2.consoletarget.com
pagead2.googlesyndication.com
1 www.googletagservices.com pagead2.googlesyndication.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 adserver.adreactor.com d2.consoletarget.com
50 11
Subject Issuer Validity Valid
sni182481.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2
2019-08-24 -
2020-03-01
6 months crt.sh
ssl412106.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2
2019-12-05 -
2020-06-12
6 months crt.sh
*.g.doubleclick.net
GTS CA 1O1
2019-12-03 -
2020-02-25
3 months crt.sh
*.adreactor.com
Gandi Standard SSL CA 2
2018-04-26 -
2020-05-06
2 years crt.sh
*.google.com
GTS CA 1O1
2019-12-03 -
2020-02-25
3 months crt.sh
istripper.com
Let's Encrypt Authority X3
2019-11-21 -
2020-02-19
3 months crt.sh
sni30286.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2
2019-09-11 -
2020-03-19
6 months crt.sh

This page contains 11 frames:

Primary Page: https://gamecopyworld.eu/games/pc_mars_war_logs.shtml
Frame ID: 2A35F682F5DDD0CD542E9EDC732AF626
Requests: 40 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20191205/r20190131/zrt_lookup.html
Frame ID: 1930885AC5CB457B15DA03C1D7B540DB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9116440445344191&output=html&adk=1812271804&adf=3025194257&lmt=1576997947&plat=1%3A32776%2C2%3A32776%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C30%3A1081344%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fd2.consoletarget.com%2F%3Fy%3Dcdd07634%26x%3DktVrDlr%252BQZgiyDAa2CWtTJWZR7mJ%252Fya98O5DH%252BZrC1kk7R5dxzj%252F8hZb1J%252BUQ9K7ZKFIj%252BsfcAkMaUlwAKBB9TrU4pu%252F8UWsqpM9wqUeaXE%252F%252BJX0heuxH%252BKGSlJkpRbQleHDx6whNEqkKAmVk7J56Hl4To%252FWf26wlX1R1bkQHb4%253D&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1576997947923&bpp=14&bdt=128&fdt=52&idt=52&shv=r20191205&cbv=r20190131&saldr=aa&abxe=1&nras=1&correlator=1587063048146&frm=20&pv=2&ga_vid=1359945751.1576997948&ga_sid=1576997948&ga_hid=1844927621&ga_fc=0&iag=0&icsg=3721898&dssz=20&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065126&oid=3&pvsid=201703684293078&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=31&ifi=0&uci=a!0&fsb=1&dtd=64
Frame ID: C0732046C52F1F24109BCBCC004C6C26
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9116440445344191&output=html&h=90&slotname=6663260524&adk=2451648850&adf=207028156&w=728&lmt=1576997948&psa=0&guci=1.2.0.0.2.2.0.0&format=728x90&url=https%3A%2F%2Fd2.consoletarget.com%2F%3Fy%3Dcdd07634%26x%3DktVrDlr%252BQZgiyDAa2CWtTJWZR7mJ%252Fya98O5DH%252BZrC1kk7R5dxzj%252F8hZb1J%252BUQ9K7ZKFIj%252BsfcAkMaUlwAKBB9TrU4pu%252F8UWsqpM9wqUeaXE%252F%252BJX0heuxH%252BKGSlJkpRbQleHDx6whNEqkKAmVk7J56Hl4To%252FWf26wlX1R1bkQHb4%253D&flash=0&wgl=1&adsid=NT&dt=1576997947937&bpp=9&bdt=142&fdt=71&idt=71&shv=r20191205&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1587063048146&frm=20&pv=1&ga_vid=1359945751.1576997948&ga_sid=1576997948&ga_hid=1844927621&ga_fc=0&iag=0&icsg=12110506&dssz=21&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=431&ady=9&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065126&oid=3&pvsid=201703684293078&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=16&bc=31&ifi=1&uci=a!1&fsb=1&xpc=tUpUDOvN29&p=https%3A//d2.consoletarget.com&dtd=74
Frame ID: 2AB11978A98A9840F24B3B587E78348E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9116440445344191&output=html&h=250&slotname=7302388926&adk=4210093258&adf=3677441513&w=300&lmt=1576997948&psa=0&guci=1.2.0.0.2.2.0.0&format=300x250&url=https%3A%2F%2Fd2.consoletarget.com%2F%3Fy%3Dcdd07634%26x%3DktVrDlr%252BQZgiyDAa2CWtTJWZR7mJ%252Fya98O5DH%252BZrC1kk7R5dxzj%252F8hZb1J%252BUQ9K7ZKFIj%252BsfcAkMaUlwAKBB9TrU4pu%252F8UWsqpM9wqUeaXE%252F%252BJX0heuxH%252BKGSlJkpRbQleHDx6whNEqkKAmVk7J56Hl4To%252FWf26wlX1R1bkQHb4%253D&flash=0&wgl=1&adsid=NT&dt=1576997947948&bpp=3&bdt=153&fdt=72&idt=72&shv=r20191205&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=1587063048146&frm=20&pv=1&ga_vid=1359945751.1576997948&ga_sid=1576997948&ga_hid=1844927621&ga_fc=0&iag=0&icsg=12110506&dssz=21&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=861&ady=104&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065126&oid=3&pvsid=201703684293078&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=16&bc=31&ifi=2&uci=a!2&fsb=1&xpc=IGNM5GEJ99&p=https%3A//d2.consoletarget.com&dtd=75
Frame ID: 2E7951691F8DAD364BAF0EE0CB81F861
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9116440445344191&output=html&h=60&slotname=8779122127&adk=4048629624&adf=4055959512&w=468&lmt=1576997948&psa=0&guci=1.2.0.0.2.2.0.0&format=468x60&url=https%3A%2F%2Fd2.consoletarget.com%2F%3Fy%3Dcdd07634%26x%3DktVrDlr%252BQZgiyDAa2CWtTJWZR7mJ%252Fya98O5DH%252BZrC1kk7R5dxzj%252F8hZb1J%252BUQ9K7ZKFIj%252BsfcAkMaUlwAKBB9TrU4pu%252F8UWsqpM9wqUeaXE%252F%252BJX0heuxH%252BKGSlJkpRbQleHDx6whNEqkKAmVk7J56Hl4To%252FWf26wlX1R1bkQHb4%253D&flash=0&wgl=1&adsid=NT&dt=1576997947951&bpp=5&bdt=155&fdt=76&idt=76&shv=r20191205&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C300x250&nras=1&correlator=1587063048146&frm=20&pv=1&ga_vid=1359945751.1576997948&ga_sid=1576997948&ga_hid=1844927621&ga_fc=0&iag=0&icsg=12110506&dssz=21&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=559&ady=411&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065126&oid=3&pvsid=201703684293078&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=16&bc=31&ifi=3&uci=a!3&fsb=1&xpc=JuRU3Z1l5B&p=https%3A//d2.consoletarget.com&dtd=78
Frame ID: F9DB6989258BA7F3EAFF64169661CE81
Requests: 1 HTTP requests in this frame

Frame: https://s1.filetarget.net/@_ff_bt.php
Frame ID: BA861E665A07CB3096961DB75C7B361A
Requests: 1 HTTP requests in this frame

Frame: https://s1.filetarget.net/@_kgn.php?sz=bn&sn=gcweu&bg=gcw&cn=DE&df=&ns=1&id=&nf=0
Frame ID: 328D470E80000812F5AF165FB13F1D15
Requests: 1 HTTP requests in this frame

Frame: https://s1.filetarget.net/!_games.php?sz=sk&sn=gcweu&bg=gcw&cn=DE&ns=1&id=&nf=0&pr=1
Frame ID: 3E1EEF77B0C1F6437264CB1792609682
Requests: 1 HTTP requests in this frame

Frame: https://s1.filetarget.net/@_gsde.php?sz=sk&sn=gcweu&bg=gcw&cn=DE&df=&ns=0&id=&nf=0
Frame ID: 3B3FDE316AD47114E9039B15F79CF578
Requests: 1 HTTP requests in this frame

Frame: https://s1.filetarget.net/@_tc.php?sz=bn&sn=gcweu&bg=gcw&cn=DE&df=&ns=0&id=&nf=0&np=1
Frame ID: 95A51BFC6A00606338C602A1C68EBD38
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Mars: War Logs - PC Game Trainer Cheat   PlayFix No-CD No-DVD | GameCopyWorld

Page URL History Show full URLs

  1. https://d2.consoletarget.com/?y=cdd07634&x=ktVrDlr%2BQZgiyDAa2CWtTJWZR7mJ%2Fya98O5DH%2BZrC1kk7R5dxzj%2F8h... Page URL
  2. https://gamecopyworld.eu/games/pc_mars_war_logs.shtml Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

50
Requests

98 %
HTTPS

43 %
IPv6

11
Domains

11
Subdomains

8
IPs

4
Countries

772 kB
Transfer

3398 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://d2.consoletarget.com/?y=cdd07634&x=ktVrDlr%2BQZgiyDAa2CWtTJWZR7mJ%2Fya98O5DH%2BZrC1kk7R5dxzj%2F8hZb1J%2BUQ9K7ZKFIj%2BsfcAkMaUlwAKBB9TrU4pu%2F8UWsqpM9wqUeaXE%2F%2BJX0heuxH%2BKGSlJkpRbQleHDx6whNEqkKAmVk7J56Hl4To%2FWf26wlX1R1bkQHb4%3D Page URL
  2. https://gamecopyworld.eu/games/pc_mars_war_logs.shtml Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 38
  • https://s1.filetarget.net/!_bt.php?sz=bn&sn=gcweu&bg=gcw_hdr&do=1&ns=0&nf= HTTP 302
  • https://s1.filetarget.net/@_ff_bt.php
Request Chain 39
  • https://s1.filetarget.net/!_top.php?sz=bn&sn=gcweu&bg=gcw&ns=0&nf= HTTP 302
  • https://s1.filetarget.net/!_bn.php?sz=bn&sn=gcweu&bg=gcw&cn=DE&df=&ns=0&id=&nf=0&kw= HTTP 302
  • https://s1.filetarget.net/!_geo.php?sz=bn&sn=gcweu&bg=gcw&cn=DE&df=&ns=1&id=&nf=0&sk= HTTP 302
  • https://s1.filetarget.net/@_mwb.php?sz=bn&sn=gcweu&bg=gcw&cn=DE&df=&ns=1&id=&nf=0 HTTP 302
  • https://s1.filetarget.net/!_bn.php?sz=bn&sn=gcweu&bg=gcw&ng=&ns=1&cn=DE&kw=&bt=&nu=&sk=&dn=&id= HTTP 302
  • https://s1.filetarget.net/@_kgn.php?sz=bn&sn=gcweu&bg=gcw&cn=DE&df=&ns=1&id=&nf=0
Request Chain 40
  • https://s1.filetarget.net/!_sk.php?sz=sk&sn=gcweu&bg=gcw&ns=0&nf= HTTP 302
  • https://s1.filetarget.net/!_games.php?sz=sk&sn=gcweu&bg=gcw&cn=DE&ns=1&id=&nf=0&pr=1
Request Chain 41
  • https://s1.filetarget.net/!_bs.php?sz=bs&bl=1&sn=gcweu&bg=gcw&ns=0&nf= HTTP 302
  • https://s1.filetarget.net/!_geo.php?sz=sk&sn=gcweu&bg=gcw&cn=DE&id=&nf=0&sk= HTTP 302
  • https://s1.filetarget.net/@_gsde.php?sz=sk&sn=gcweu&bg=gcw&cn=DE&df=&ns=0&id=&nf=0
Request Chain 42
  • https://s1.filetarget.net/!_btm.php?sz=bn&sn=gcweu&bg=gcw&ns=0&nf= HTTP 302
  • https://s1.filetarget.net/@_tc.php?sz=bn&sn=gcweu&bg=gcw&cn=DE&df=&ns=0&id=&nf=0&np=1
Request Chain 44
  • https://gamecopyworld.eu/games/i/tc/pm/a1520.mp4 HTTP 301
  • http://gamecopyworld.eu/games/pc_guacamelee_super_turbo_championship_edition.shtml
Request Chain 45
  • http://gamecopyworld.eu/games/pc_guacamelee_super_turbo_championship_edition.shtml HTTP 301
  • https://gamecopyworld.eu/games/pc_guacamelee_super_turbo_championship_edition.shtml

50 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
d2.consoletarget.com/
6 KB
3 KB
Document
General
Full URL
https://d2.consoletarget.com/?y=cdd07634&x=ktVrDlr%2BQZgiyDAa2CWtTJWZR7mJ%2Fya98O5DH%2BZrC1kk7R5dxzj%2F8hZb1J%2BUQ9K7ZKFIj%2BsfcAkMaUlwAKBB9TrU4pu%2F8UWsqpM9wqUeaXE%2F%2BJX0heuxH%2BKGSlJkpRbQleHDx6whNEqkKAmVk7J56Hl4To%2FWf26wlX1R1bkQHb4%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.24.111.143 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
64954d2f921bac2482e4983a2e07a271120dd998622a8c6ecda044cbe45176da

Request headers

:method
GET
:authority
d2.consoletarget.com
:scheme
https
:path
/?y=cdd07634&x=ktVrDlr%2BQZgiyDAa2CWtTJWZR7mJ%2Fya98O5DH%2BZrC1kk7R5dxzj%2F8hZb1J%2BUQ9K7ZKFIj%2BsfcAkMaUlwAKBB9TrU4pu%2F8UWsqpM9wqUeaXE%2F%2BJX0heuxH%2BKGSlJkpRbQleHDx6whNEqkKAmVk7J56Hl4To%2FWf26wlX1R1bkQHb4%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-user
?1
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
none
sec-fetch-mode
navigate
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-User
?1

Response headers

status
200
date
Sun, 22 Dec 2019 06:59:07 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=da7bea359bbc9a66a462dcb487654cc5c1576997947; expires=Tue, 21-Jan-20 06:59:07 GMT; path=/; domain=.consoletarget.com; HttpOnly; SameSite=Lax; Secure PHPSESSID=0reqe4rhpg7al9tftpdgs4gls2; path=/
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate, max-age=0 post-check=0, pre-check=0
pragma
no-cache
x-robots-tag
noindex, nofollow, noarchive, nosnippet
vary
Accept-Encoding
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
54903614d9d8bf4b-AMS
content-encoding
br
site.css
d2.consoletarget.com/
3 KB
621 B
Stylesheet
General
Full URL
https://d2.consoletarget.com/site.css?2000
Requested by
Host: d2.consoletarget.com
URL: https://d2.consoletarget.com/?y=cdd07634&x=ktVrDlr%2BQZgiyDAa2CWtTJWZR7mJ%2Fya98O5DH%2BZrC1kk7R5dxzj%2F8hZb1J%2BUQ9K7ZKFIj%2BsfcAkMaUlwAKBB9TrU4pu%2F8UWsqpM9wqUeaXE%2F%2BJX0heuxH%2BKGSlJkpRbQleHDx6whNEqkKAmVk7J56Hl4To%2FWf26wlX1R1bkQHb4%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.24.111.143 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
060c126a38460626d946329d21b142e8549a27661bd40dbb5b61dd015b5bc44c

Request headers

Referer
https://d2.consoletarget.com/?y=cdd07634&x=ktVrDlr%2BQZgiyDAa2CWtTJWZR7mJ%2Fya98O5DH%2BZrC1kk7R5dxzj%2F8hZb1J%2BUQ9K7ZKFIj%2BsfcAkMaUlwAKBB9TrU4pu%2F8UWsqpM9wqUeaXE%2F%2BJX0heuxH%2BKGSlJkpRbQleHDx6whNEqkKAmVk7J56Hl4To%2FWf26wlX1R1bkQHb4%3D
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 22 Dec 2019 06:59:07 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 26 May 2018 08:15:24 GMT
server
cloudflare
etag
W/"af1-56d177c825814-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=604800
cf-ray
54903615caecbf4b-AMS
expires
Sun, 29 Dec 2019 06:59:07 GMT
jquery.min.js
d2.consoletarget.com/js/
94 KB
32 KB
Script
General
Full URL
https://d2.consoletarget.com/js/jquery.min.js
Requested by
Host: d2.consoletarget.com
URL: https://d2.consoletarget.com/?y=cdd07634&x=ktVrDlr%2BQZgiyDAa2CWtTJWZR7mJ%2Fya98O5DH%2BZrC1kk7R5dxzj%2F8hZb1J%2BUQ9K7ZKFIj%2BsfcAkMaUlwAKBB9TrU4pu%2F8UWsqpM9wqUeaXE%2F%2BJX0heuxH%2BKGSlJkpRbQleHDx6whNEqkKAmVk7J56Hl4To%2FWf26wlX1R1bkQHb4%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.24.111.143 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0

Request headers

Referer
https://d2.consoletarget.com/?y=cdd07634&x=ktVrDlr%2BQZgiyDAa2CWtTJWZR7mJ%2Fya98O5DH%2BZrC1kk7R5dxzj%2F8hZb1J%2BUQ9K7ZKFIj%2BsfcAkMaUlwAKBB9TrU4pu%2F8UWsqpM9wqUeaXE%2F%2BJX0heuxH%2BKGSlJkpRbQleHDx6whNEqkKAmVk7J56Hl4To%2FWf26wlX1R1bkQHb4%3D
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 22 Dec 2019 06:59:07 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 03 Oct 2015 22:24:22 GMT
server
cloudflare
age
425892
etag
W/"176bb-5213abdf01180-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=604800
cf-ray
54903615caedbf4b-AMS
expires
Tue, 24 Dec 2019 08:40:55 GMT
cookieconsent.min.css
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/
4 KB
1 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.css
Requested by
Host: d2.consoletarget.com
URL: https://d2.consoletarget.com/?y=cdd07634&x=ktVrDlr%2BQZgiyDAa2CWtTJWZR7mJ%2Fya98O5DH%2BZrC1kk7R5dxzj%2F8hZb1J%2BUQ9K7ZKFIj%2BsfcAkMaUlwAKBB9TrU4pu%2F8UWsqpM9wqUeaXE%2F%2BJX0heuxH%2BKGSlJkpRbQleHDx6whNEqkKAmVk7J56Hl4To%2FWf26wlX1R1bkQHb4%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4104 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
456ab1a71507ed91abae14c9d08faffb373a7bc711a66e44341b7b8b7bb72ab4
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://d2.consoletarget.com/?y=cdd07634&x=ktVrDlr%2BQZgiyDAa2CWtTJWZR7mJ%2Fya98O5DH%2BZrC1kk7R5dxzj%2F8hZb1J%2BUQ9K7ZKFIj%2BsfcAkMaUlwAKBB9TrU4pu%2F8UWsqpM9wqUeaXE%2F%2BJX0heuxH%2BKGSlJkpRbQleHDx6whNEqkKAmVk7J56Hl4To%2FWf26wlX1R1bkQHb4%3D
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 22 Dec 2019 06:59:07 GMT
content-encoding
br
cf-cache-status
HIT
age
21631890
cf-ray
54903615cbc8cba0-VIE
status
200
strict-transport-security
max-age=15780000; includeSubDomains
alt-svc
h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
last-modified
Thu, 17 May 2018 09:18:32 GMT
server
cloudflare
etag
W/"5afd48e8-f62"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
expires
Fri, 11 Dec 2020 06:59:07 GMT
cache-control
public, max-age=30672000
timing-allow-origin
*
served-in-seconds
0.005
cookieconsent.min.js
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/
19 KB
6 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.js
Requested by
Host: d2.consoletarget.com
URL: https://d2.consoletarget.com/?y=cdd07634&x=ktVrDlr%2BQZgiyDAa2CWtTJWZR7mJ%2Fya98O5DH%2BZrC1kk7R5dxzj%2F8hZb1J%2BUQ9K7ZKFIj%2BsfcAkMaUlwAKBB9TrU4pu%2F8UWsqpM9wqUeaXE%2F%2BJX0heuxH%2BKGSlJkpRbQleHDx6whNEqkKAmVk7J56Hl4To%2FWf26wlX1R1bkQHb4%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4104 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
af4c6683814aa527caf53bde3d021e6aafe00833b45f2dead043c87ed7864674
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://d2.consoletarget.com/?y=cdd07634&x=ktVrDlr%2BQZgiyDAa2CWtTJWZR7mJ%2Fya98O5DH%2BZrC1kk7R5dxzj%2F8hZb1J%2BUQ9K7ZKFIj%2BsfcAkMaUlwAKBB9TrU4pu%2F8UWsqpM9wqUeaXE%2F%2BJX0heuxH%2BKGSlJkpRbQleHDx6whNEqkKAmVk7J56Hl4To%2FWf26wlX1R1bkQHb4%3D
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 22 Dec 2019 06:59:07 GMT
content-encoding
br
cf-cache-status
HIT
age
21631889
cf-ray
54903615cbcacba0-VIE
status
200
strict-transport-security
max-age=15780000; includeSubDomains
alt-svc
h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
last-modified
Thu, 17 May 2018 09:18:36 GMT
server
cloudflare
etag
W/"5afd48ec-4d5a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Fri, 11 Dec 2020 06:59:07 GMT
cache-control
public, max-age=30672000
timing-allow-origin
*
served-in-seconds
0.025
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
104 KB
38 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: d2.consoletarget.com
URL: https://d2.consoletarget.com/?y=cdd07634&x=ktVrDlr%2BQZgiyDAa2CWtTJWZR7mJ%2Fya98O5DH%2BZrC1kk7R5dxzj%2F8hZb1J%2BUQ9K7ZKFIj%2BsfcAkMaUlwAKBB9TrU4pu%2F8UWsqpM9wqUeaXE%2F%2BJX0heuxH%2BKGSlJkpRbQleHDx6whNEqkKAmVk7J56Hl4To%2FWf26wlX1R1bkQHb4%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
68bcdec2fdc6ce23468b97a8c39a3f9eb86233e03be5072bf3b438ac1433714d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d2.consoletarget.com/?y=cdd07634&x=ktVrDlr%2BQZgiyDAa2CWtTJWZR7mJ%2Fya98O5DH%2BZrC1kk7R5dxzj%2F8hZb1J%2BUQ9K7ZKFIj%2BsfcAkMaUlwAKBB9TrU4pu%2F8UWsqpM9wqUeaXE%2F%2BJX0heuxH%2BKGSlJkpRbQleHDx6whNEqkKAmVk7J56Hl4To%2FWf26wlX1R1bkQHb4%3D
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 22 Dec 2019 06:59:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
37933
x-xss-protection
0
server
cafe
etag
2924851815849280674
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 22 Dec 2019 06:59:07 GMT
libcode3.js
adserver.adreactor.com/js/
24 KB
7 KB
Script
General
Full URL
https://adserver.adreactor.com/js/libcode3.js
Requested by
Host: d2.consoletarget.com
URL: https://d2.consoletarget.com/?y=cdd07634&x=ktVrDlr%2BQZgiyDAa2CWtTJWZR7mJ%2Fya98O5DH%2BZrC1kk7R5dxzj%2F8hZb1J%2BUQ9K7ZKFIj%2BsfcAkMaUlwAKBB9TrU4pu%2F8UWsqpM9wqUeaXE%2F%2BJX0heuxH%2BKGSlJkpRbQleHDx6whNEqkKAmVk7J56Hl4To%2FWf26wlX1R1bkQHb4%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
46.166.179.121 , Netherlands, ASN43350 (NFORCE, NL),
Reverse DNS
ptr9.adreactor.com
Software
nginx /
Resource Hash
c625a2066a674604ba2aac23404fa46feff44eabaec7ca90e7ca56c21806f2d3

Request headers

Referer
https://d2.consoletarget.com/?y=cdd07634&x=ktVrDlr%2BQZgiyDAa2CWtTJWZR7mJ%2Fya98O5DH%2BZrC1kk7R5dxzj%2F8hZb1J%2BUQ9K7ZKFIj%2BsfcAkMaUlwAKBB9TrU4pu%2F8UWsqpM9wqUeaXE%2F%2BJX0heuxH%2BKGSlJkpRbQleHDx6whNEqkKAmVk7J56Hl4To%2FWf26wlX1R1bkQHb4%3D
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 22 Dec 2019 06:59:08 GMT
Content-Encoding
gzip
Last-Modified
Wed, 26 Jun 2019 05:24:34 GMT
Server
nginx
Vary
Accept-Encoding, Accept-Encoding
Content-Type
text/javascript;charset=UTF-8
Cache-Control
public, max-age=86400
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Mon, 23 Dec 2019 06:59:07 GMT
integrator.js
adservice.google.de/adsid/
109 B
778 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=d2.consoletarget.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d2.consoletarget.com/?y=cdd07634&x=ktVrDlr%2BQZgiyDAa2CWtTJWZR7mJ%2Fya98O5DH%2BZrC1kk7R5dxzj%2F8hZb1J%2BUQ9K7ZKFIj%2BsfcAkMaUlwAKBB9TrU4pu%2F8UWsqpM9wqUeaXE%2F%2BJX0heuxH%2BKGSlJkpRbQleHDx6whNEqkKAmVk7J56Hl4To%2FWf26wlX1R1bkQHb4%3D
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 22 Dec 2019 06:59:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
109 B
778 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=d2.consoletarget.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d2.consoletarget.com/?y=cdd07634&x=ktVrDlr%2BQZgiyDAa2CWtTJWZR7mJ%2Fya98O5DH%2BZrC1kk7R5dxzj%2F8hZb1J%2BUQ9K7ZKFIj%2BsfcAkMaUlwAKBB9TrU4pu%2F8UWsqpM9wqUeaXE%2F%2BJX0heuxH%2BKGSlJkpRbQleHDx6whNEqkKAmVk7J56Hl4To%2FWf26wlX1R1bkQHb4%3D
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 22 Dec 2019 06:59:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
104
x-xss-protection
0
show_ads_impl_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20191205/r20190131/
225 KB
85 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20191205/r20190131/show_ads_impl_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
20cdda5f0e51f5dac5693ffe15fb394528dd838e9887a785de1d02e3bb2a418f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d2.consoletarget.com/?y=cdd07634&x=ktVrDlr%2BQZgiyDAa2CWtTJWZR7mJ%2Fya98O5DH%2BZrC1kk7R5dxzj%2F8hZb1J%2BUQ9K7ZKFIj%2BsfcAkMaUlwAKBB9TrU4pu%2F8UWsqpM9wqUeaXE%2F%2BJX0heuxH%2BKGSlJkpRbQleHDx6whNEqkKAmVk7J56Hl4To%2FWf26wlX1R1bkQHb4%3D
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 22 Dec 2019 06:59:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
86385
x-xss-protection
0
server
cafe
etag
4513681422076315165
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sun, 22 Dec 2019 06:59:07 GMT
bg_wnt_2.jpg
d2.consoletarget.com/images/
266 KB
267 KB
Image
General
Full URL
https://d2.consoletarget.com/images/bg_wnt_2.jpg
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.24.111.143 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
7702c887b838440da6bc9b24fcada415c791be2c5a3ed90159fe2e243b4917e0

Request headers

Referer
https://d2.consoletarget.com/?y=cdd07634&x=ktVrDlr%2BQZgiyDAa2CWtTJWZR7mJ%2Fya98O5DH%2BZrC1kk7R5dxzj%2F8hZb1J%2BUQ9K7ZKFIj%2BsfcAkMaUlwAKBB9TrU4pu%2F8UWsqpM9wqUeaXE%2F%2BJX0heuxH%2BKGSlJkpRbQleHDx6whNEqkKAmVk7J56Hl4To%2FWf26wlX1R1bkQHb4%3D
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 22 Dec 2019 06:59:07 GMT
cf-cache-status
HIT
last-modified
Sun, 01 Jan 2017 16:56:26 GMT
server
cloudflare
age
2158097
etag
"429ab-5450b50cb2280"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
549036169b84bf4b-AMS
content-length
272811
expires
Fri, 27 Dec 2019 07:30:50 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20191205/r20190131/ Frame 1930
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20191205/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20191205/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://d2.consoletarget.com/?y=cdd07634&x=ktVrDlr%2BQZgiyDAa2CWtTJWZR7mJ%2Fya98O5DH%2BZrC1kk7R5dxzj%2F8hZb1J%2BUQ9K7ZKFIj%2BsfcAkMaUlwAKBB9TrU4pu%2F8UWsqpM9wqUeaXE%2F%2BJX0heuxH%2BKGSlJkpRbQleHDx6whNEqkKAmVk7J56Hl4To%2FWf26wlX1R1bkQHb4%3D
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://d2.consoletarget.com/?y=cdd07634&x=ktVrDlr%2BQZgiyDAa2CWtTJWZR7mJ%2Fya98O5DH%2BZrC1kk7R5dxzj%2F8hZb1J%2BUQ9K7ZKFIj%2BsfcAkMaUlwAKBB9TrU4pu%2F8UWsqpM9wqUeaXE%2F%2BJX0heuxH%2BKGSlJkpRbQleHDx6whNEqkKAmVk7J56Hl4To%2FWf26wlX1R1bkQHb4%3D

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
vary
Accept-Encoding
date
Thu, 19 Dec 2019 17:33:14 GMT
expires
Thu, 02 Jan 2020 17:33:14 GMT
content-type
text/html; charset=UTF-8
etag
13309989325511048345
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
6574
x-xss-protection
0
cache-control
public, max-age=1209600
age
221153
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
p1.js
d2.consoletarget.com/js/
0
0
Script
General
Full URL
https://d2.consoletarget.com/js/p1.js
Requested by
Host: d2.consoletarget.com
URL: https://d2.consoletarget.com/?y=cdd07634&x=ktVrDlr%2BQZgiyDAa2CWtTJWZR7mJ%2Fya98O5DH%2BZrC1kk7R5dxzj%2F8hZb1J%2BUQ9K7ZKFIj%2BsfcAkMaUlwAKBB9TrU4pu%2F8UWsqpM9wqUeaXE%2F%2BJX0heuxH%2BKGSlJkpRbQleHDx6whNEqkKAmVk7J56Hl4To%2FWf26wlX1R1bkQHb4%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.24.111.143 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://d2.consoletarget.com/?y=cdd07634&x=ktVrDlr%2BQZgiyDAa2CWtTJWZR7mJ%2Fya98O5DH%2BZrC1kk7R5dxzj%2F8hZb1J%2BUQ9K7ZKFIj%2BsfcAkMaUlwAKBB9TrU4pu%2F8UWsqpM9wqUeaXE%2F%2BJX0heuxH%2BKGSlJkpRbQleHDx6whNEqkKAmVk7J56Hl4To%2FWf26wlX1R1bkQHb4%3D
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 Dec 2019 06:59:08 GMT
content-encoding
br
cf-cache-status
BYPASS
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
status
404
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
cf-ray
54903616cba6bf4b-AMS
ads
googleads.g.doubleclick.net/pagead/ Frame C073
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9116440445344191&output=html&adk=1812271804&adf=3025194257&lmt=1576997947&plat=1%3A32776%2C2%3A32776%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C30%3A1081344%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fd2.consoletarget.com%2F%3Fy%3Dcdd07634%26x%3DktVrDlr%252BQZgiyDAa2CWtTJWZR7mJ%252Fya98O5DH%252BZrC1kk7R5dxzj%252F8hZb1J%252BUQ9K7ZKFIj%252BsfcAkMaUlwAKBB9TrU4pu%252F8UWsqpM9wqUeaXE%252F%252BJX0heuxH%252BKGSlJkpRbQleHDx6whNEqkKAmVk7J56Hl4To%252FWf26wlX1R1bkQHb4%253D&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1576997947923&bpp=14&bdt=128&fdt=52&idt=52&shv=r20191205&cbv=r20190131&saldr=aa&abxe=1&nras=1&correlator=1587063048146&frm=20&pv=2&ga_vid=1359945751.1576997948&ga_sid=1576997948&ga_hid=1844927621&ga_fc=0&iag=0&icsg=3721898&dssz=20&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065126&oid=3&pvsid=201703684293078&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=31&ifi=0&uci=a!0&fsb=1&dtd=64
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20191205/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-9116440445344191&output=html&adk=1812271804&adf=3025194257&lmt=1576997947&plat=1%3A32776%2C2%3A32776%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C30%3A1081344%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fd2.consoletarget.com%2F%3Fy%3Dcdd07634%26x%3DktVrDlr%252BQZgiyDAa2CWtTJWZR7mJ%252Fya98O5DH%252BZrC1kk7R5dxzj%252F8hZb1J%252BUQ9K7ZKFIj%252BsfcAkMaUlwAKBB9TrU4pu%252F8UWsqpM9wqUeaXE%252F%252BJX0heuxH%252BKGSlJkpRbQleHDx6whNEqkKAmVk7J56Hl4To%252FWf26wlX1R1bkQHb4%253D&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1576997947923&bpp=14&bdt=128&fdt=52&idt=52&shv=r20191205&cbv=r20190131&saldr=aa&abxe=1&nras=1&correlator=1587063048146&frm=20&pv=2&ga_vid=1359945751.1576997948&ga_sid=1576997948&ga_hid=1844927621&ga_fc=0&iag=0&icsg=3721898&dssz=20&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065126&oid=3&pvsid=201703684293078&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=31&ifi=0&uci=a!0&fsb=1&dtd=64
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://d2.consoletarget.com/?y=cdd07634&x=ktVrDlr%2BQZgiyDAa2CWtTJWZR7mJ%2Fya98O5DH%2BZrC1kk7R5dxzj%2F8hZb1J%2BUQ9K7ZKFIj%2BsfcAkMaUlwAKBB9TrU4pu%2F8UWsqpM9wqUeaXE%2F%2BJX0heuxH%2BKGSlJkpRbQleHDx6whNEqkKAmVk7J56Hl4To%2FWf26wlX1R1bkQHb4%3D
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://d2.consoletarget.com/?y=cdd07634&x=ktVrDlr%2BQZgiyDAa2CWtTJWZR7mJ%2Fya98O5DH%2BZrC1kk7R5dxzj%2F8hZb1J%2BUQ9K7ZKFIj%2BsfcAkMaUlwAKBB9TrU4pu%2F8UWsqpM9wqUeaXE%2F%2BJX0heuxH%2BKGSlJkpRbQleHDx6whNEqkKAmVk7J56Hl4To%2FWf26wlX1R1bkQHb4%3D

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sun, 22 Dec 2019 06:59:08 GMT
server
cafe
content-length
44
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Sun, 22-Dec-2019 07:14:08 GMT; path=/; domain=.doubleclick.net
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
expires
Sun, 22 Dec 2019 06:59:08 GMT
cache-control
private
osd.js
www.googletagservices.com/activeview/js/current/
78 KB
29 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20191205/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
63890326f558587b0840eb0a6e6377f1bf39264e015e568f4c2a03aefce3f929
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d2.consoletarget.com/?y=cdd07634&x=ktVrDlr%2BQZgiyDAa2CWtTJWZR7mJ%2Fya98O5DH%2BZrC1kk7R5dxzj%2F8hZb1J%2BUQ9K7ZKFIj%2BsfcAkMaUlwAKBB9TrU4pu%2F8UWsqpM9wqUeaXE%2F%2BJX0heuxH%2BKGSlJkpRbQleHDx6whNEqkKAmVk7J56Hl4To%2FWf26wlX1R1bkQHb4%3D
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 22 Dec 2019 06:59:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1575654529893506"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
29463
x-xss-protection
0
expires
Sun, 22 Dec 2019 06:59:08 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 2AB1
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9116440445344191&output=html&h=90&slotname=6663260524&adk=2451648850&adf=207028156&w=728&lmt=1576997948&psa=0&guci=1.2.0.0.2.2.0.0&format=728x90&url=https%3A%2F%2Fd2.consoletarget.com%2F%3Fy%3Dcdd07634%26x%3DktVrDlr%252BQZgiyDAa2CWtTJWZR7mJ%252Fya98O5DH%252BZrC1kk7R5dxzj%252F8hZb1J%252BUQ9K7ZKFIj%252BsfcAkMaUlwAKBB9TrU4pu%252F8UWsqpM9wqUeaXE%252F%252BJX0heuxH%252BKGSlJkpRbQleHDx6whNEqkKAmVk7J56Hl4To%252FWf26wlX1R1bkQHb4%253D&flash=0&wgl=1&adsid=NT&dt=1576997947937&bpp=9&bdt=142&fdt=71&idt=71&shv=r20191205&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1587063048146&frm=20&pv=1&ga_vid=1359945751.1576997948&ga_sid=1576997948&ga_hid=1844927621&ga_fc=0&iag=0&icsg=12110506&dssz=21&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=431&ady=9&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065126&oid=3&pvsid=201703684293078&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=16&bc=31&ifi=1&uci=a!1&fsb=1&xpc=tUpUDOvN29&p=https%3A//d2.consoletarget.com&dtd=74
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20191205/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-9116440445344191&output=html&h=90&slotname=6663260524&adk=2451648850&adf=207028156&w=728&lmt=1576997948&psa=0&guci=1.2.0.0.2.2.0.0&format=728x90&url=https%3A%2F%2Fd2.consoletarget.com%2F%3Fy%3Dcdd07634%26x%3DktVrDlr%252BQZgiyDAa2CWtTJWZR7mJ%252Fya98O5DH%252BZrC1kk7R5dxzj%252F8hZb1J%252BUQ9K7ZKFIj%252BsfcAkMaUlwAKBB9TrU4pu%252F8UWsqpM9wqUeaXE%252F%252BJX0heuxH%252BKGSlJkpRbQleHDx6whNEqkKAmVk7J56Hl4To%252FWf26wlX1R1bkQHb4%253D&flash=0&wgl=1&adsid=NT&dt=1576997947937&bpp=9&bdt=142&fdt=71&idt=71&shv=r20191205&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1587063048146&frm=20&pv=1&ga_vid=1359945751.1576997948&ga_sid=1576997948&ga_hid=1844927621&ga_fc=0&iag=0&icsg=12110506&dssz=21&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=431&ady=9&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065126&oid=3&pvsid=201703684293078&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=16&bc=31&ifi=1&uci=a!1&fsb=1&xpc=tUpUDOvN29&p=https%3A//d2.consoletarget.com&dtd=74
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://d2.consoletarget.com/?y=cdd07634&x=ktVrDlr%2BQZgiyDAa2CWtTJWZR7mJ%2Fya98O5DH%2BZrC1kk7R5dxzj%2F8hZb1J%2BUQ9K7ZKFIj%2BsfcAkMaUlwAKBB9TrU4pu%2F8UWsqpM9wqUeaXE%2F%2BJX0heuxH%2BKGSlJkpRbQleHDx6whNEqkKAmVk7J56Hl4To%2FWf26wlX1R1bkQHb4%3D
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://d2.consoletarget.com/?y=cdd07634&x=ktVrDlr%2BQZgiyDAa2CWtTJWZR7mJ%2Fya98O5DH%2BZrC1kk7R5dxzj%2F8hZb1J%2BUQ9K7ZKFIj%2BsfcAkMaUlwAKBB9TrU4pu%2F8UWsqpM9wqUeaXE%2F%2BJX0heuxH%2BKGSlJkpRbQleHDx6whNEqkKAmVk7J56Hl4To%2FWf26wlX1R1bkQHb4%3D

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sun, 22 Dec 2019 06:59:08 GMT
server
cafe
content-length
200
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Sun, 22-Dec-2019 07:14:08 GMT; path=/; domain=.doubleclick.net
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
expires
Sun, 22 Dec 2019 06:59:08 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame 2E79
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9116440445344191&output=html&h=250&slotname=7302388926&adk=4210093258&adf=3677441513&w=300&lmt=1576997948&psa=0&guci=1.2.0.0.2.2.0.0&format=300x250&url=https%3A%2F%2Fd2.consoletarget.com%2F%3Fy%3Dcdd07634%26x%3DktVrDlr%252BQZgiyDAa2CWtTJWZR7mJ%252Fya98O5DH%252BZrC1kk7R5dxzj%252F8hZb1J%252BUQ9K7ZKFIj%252BsfcAkMaUlwAKBB9TrU4pu%252F8UWsqpM9wqUeaXE%252F%252BJX0heuxH%252BKGSlJkpRbQleHDx6whNEqkKAmVk7J56Hl4To%252FWf26wlX1R1bkQHb4%253D&flash=0&wgl=1&adsid=NT&dt=1576997947948&bpp=3&bdt=153&fdt=72&idt=72&shv=r20191205&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=1587063048146&frm=20&pv=1&ga_vid=1359945751.1576997948&ga_sid=1576997948&ga_hid=1844927621&ga_fc=0&iag=0&icsg=12110506&dssz=21&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=861&ady=104&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065126&oid=3&pvsid=201703684293078&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=16&bc=31&ifi=2&uci=a!2&fsb=1&xpc=IGNM5GEJ99&p=https%3A//d2.consoletarget.com&dtd=75
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20191205/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-9116440445344191&output=html&h=250&slotname=7302388926&adk=4210093258&adf=3677441513&w=300&lmt=1576997948&psa=0&guci=1.2.0.0.2.2.0.0&format=300x250&url=https%3A%2F%2Fd2.consoletarget.com%2F%3Fy%3Dcdd07634%26x%3DktVrDlr%252BQZgiyDAa2CWtTJWZR7mJ%252Fya98O5DH%252BZrC1kk7R5dxzj%252F8hZb1J%252BUQ9K7ZKFIj%252BsfcAkMaUlwAKBB9TrU4pu%252F8UWsqpM9wqUeaXE%252F%252BJX0heuxH%252BKGSlJkpRbQleHDx6whNEqkKAmVk7J56Hl4To%252FWf26wlX1R1bkQHb4%253D&flash=0&wgl=1&adsid=NT&dt=1576997947948&bpp=3&bdt=153&fdt=72&idt=72&shv=r20191205&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=1587063048146&frm=20&pv=1&ga_vid=1359945751.1576997948&ga_sid=1576997948&ga_hid=1844927621&ga_fc=0&iag=0&icsg=12110506&dssz=21&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=861&ady=104&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065126&oid=3&pvsid=201703684293078&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=16&bc=31&ifi=2&uci=a!2&fsb=1&xpc=IGNM5GEJ99&p=https%3A//d2.consoletarget.com&dtd=75
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://d2.consoletarget.com/?y=cdd07634&x=ktVrDlr%2BQZgiyDAa2CWtTJWZR7mJ%2Fya98O5DH%2BZrC1kk7R5dxzj%2F8hZb1J%2BUQ9K7ZKFIj%2BsfcAkMaUlwAKBB9TrU4pu%2F8UWsqpM9wqUeaXE%2F%2BJX0heuxH%2BKGSlJkpRbQleHDx6whNEqkKAmVk7J56Hl4To%2FWf26wlX1R1bkQHb4%3D
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://d2.consoletarget.com/?y=cdd07634&x=ktVrDlr%2BQZgiyDAa2CWtTJWZR7mJ%2Fya98O5DH%2BZrC1kk7R5dxzj%2F8hZb1J%2BUQ9K7ZKFIj%2BsfcAkMaUlwAKBB9TrU4pu%2F8UWsqpM9wqUeaXE%2F%2BJX0heuxH%2BKGSlJkpRbQleHDx6whNEqkKAmVk7J56Hl4To%2FWf26wlX1R1bkQHb4%3D

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sun, 22 Dec 2019 06:59:08 GMT
server
cafe
content-length
199
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Sun, 22-Dec-2019 07:14:08 GMT; path=/; domain=.doubleclick.net
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
expires
Sun, 22 Dec 2019 06:59:08 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame F9DB
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9116440445344191&output=html&h=60&slotname=8779122127&adk=4048629624&adf=4055959512&w=468&lmt=1576997948&psa=0&guci=1.2.0.0.2.2.0.0&format=468x60&url=https%3A%2F%2Fd2.consoletarget.com%2F%3Fy%3Dcdd07634%26x%3DktVrDlr%252BQZgiyDAa2CWtTJWZR7mJ%252Fya98O5DH%252BZrC1kk7R5dxzj%252F8hZb1J%252BUQ9K7ZKFIj%252BsfcAkMaUlwAKBB9TrU4pu%252F8UWsqpM9wqUeaXE%252F%252BJX0heuxH%252BKGSlJkpRbQleHDx6whNEqkKAmVk7J56Hl4To%252FWf26wlX1R1bkQHb4%253D&flash=0&wgl=1&adsid=NT&dt=1576997947951&bpp=5&bdt=155&fdt=76&idt=76&shv=r20191205&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C300x250&nras=1&correlator=1587063048146&frm=20&pv=1&ga_vid=1359945751.1576997948&ga_sid=1576997948&ga_hid=1844927621&ga_fc=0&iag=0&icsg=12110506&dssz=21&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=559&ady=411&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065126&oid=3&pvsid=201703684293078&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=16&bc=31&ifi=3&uci=a!3&fsb=1&xpc=JuRU3Z1l5B&p=https%3A//d2.consoletarget.com&dtd=78
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20191205/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-9116440445344191&output=html&h=60&slotname=8779122127&adk=4048629624&adf=4055959512&w=468&lmt=1576997948&psa=0&guci=1.2.0.0.2.2.0.0&format=468x60&url=https%3A%2F%2Fd2.consoletarget.com%2F%3Fy%3Dcdd07634%26x%3DktVrDlr%252BQZgiyDAa2CWtTJWZR7mJ%252Fya98O5DH%252BZrC1kk7R5dxzj%252F8hZb1J%252BUQ9K7ZKFIj%252BsfcAkMaUlwAKBB9TrU4pu%252F8UWsqpM9wqUeaXE%252F%252BJX0heuxH%252BKGSlJkpRbQleHDx6whNEqkKAmVk7J56Hl4To%252FWf26wlX1R1bkQHb4%253D&flash=0&wgl=1&adsid=NT&dt=1576997947951&bpp=5&bdt=155&fdt=76&idt=76&shv=r20191205&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C300x250&nras=1&correlator=1587063048146&frm=20&pv=1&ga_vid=1359945751.1576997948&ga_sid=1576997948&ga_hid=1844927621&ga_fc=0&iag=0&icsg=12110506&dssz=21&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=559&ady=411&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065126&oid=3&pvsid=201703684293078&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=16&bc=31&ifi=3&uci=a!3&fsb=1&xpc=JuRU3Z1l5B&p=https%3A//d2.consoletarget.com&dtd=78
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://d2.consoletarget.com/?y=cdd07634&x=ktVrDlr%2BQZgiyDAa2CWtTJWZR7mJ%2Fya98O5DH%2BZrC1kk7R5dxzj%2F8hZb1J%2BUQ9K7ZKFIj%2BsfcAkMaUlwAKBB9TrU4pu%2F8UWsqpM9wqUeaXE%2F%2BJX0heuxH%2BKGSlJkpRbQleHDx6whNEqkKAmVk7J56Hl4To%2FWf26wlX1R1bkQHb4%3D
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://d2.consoletarget.com/?y=cdd07634&x=ktVrDlr%2BQZgiyDAa2CWtTJWZR7mJ%2Fya98O5DH%2BZrC1kk7R5dxzj%2F8hZb1J%2BUQ9K7ZKFIj%2BsfcAkMaUlwAKBB9TrU4pu%2F8UWsqpM9wqUeaXE%2F%2BJX0heuxH%2BKGSlJkpRbQleHDx6whNEqkKAmVk7J56Hl4To%2FWf26wlX1R1bkQHb4%3D

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sun, 22 Dec 2019 06:59:08 GMT
server
cafe
content-length
199
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Sun, 22-Dec-2019 07:14:08 GMT; path=/; domain=.doubleclick.net
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
expires
Sun, 22 Dec 2019 06:59:08 GMT
cache-control
private
p2.js
b.bnrsis.com/
36 KB
36 KB
Script
General
Full URL
https://b.bnrsis.com/p2.js
Requested by
Host: d2.consoletarget.com
URL: https://d2.consoletarget.com/?y=cdd07634&x=ktVrDlr%2BQZgiyDAa2CWtTJWZR7mJ%2Fya98O5DH%2BZrC1kk7R5dxzj%2F8hZb1J%2BUQ9K7ZKFIj%2BsfcAkMaUlwAKBB9TrU4pu%2F8UWsqpM9wqUeaXE%2F%2BJX0heuxH%2BKGSlJkpRbQleHDx6whNEqkKAmVk7J56Hl4To%2FWf26wlX1R1bkQHb4%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
130.185.144.4 , United Kingdom, ASN20860 (IOMART-AS, GB),
Reverse DNS
Software
nginx/1.8.0 /
Resource Hash
391a8cca20070bde455a1f46cd51fbf91051e77dfc54583ac8d173864e4a0a6f

Request headers

Referer
https://d2.consoletarget.com/?y=cdd07634&x=ktVrDlr%2BQZgiyDAa2CWtTJWZR7mJ%2Fya98O5DH%2BZrC1kk7R5dxzj%2F8hZb1J%2BUQ9K7ZKFIj%2BsfcAkMaUlwAKBB9TrU4pu%2F8UWsqpM9wqUeaXE%2F%2BJX0heuxH%2BKGSlJkpRbQleHDx6whNEqkKAmVk7J56Hl4To%2FWf26wlX1R1bkQHb4%3D
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 22 Dec 2019 06:59:07 GMT
Last-Modified
Fri, 20 Dec 2019 10:18:00 GMT
Server
nginx/1.8.0
ETag
"5dfc9fd8-8f4a"
Content-Type
application/javascript
Cache-control
private
Accept-Ranges
bytes
Content-Length
36682
e0886_1.mp4
d2.consoletarget.com/i/tc/pm/
42 KB
0
Media
General
Full URL
https://d2.consoletarget.com/i/tc/pm/e0886_1.mp4
Requested by
Host: d2.consoletarget.com
URL: https://d2.consoletarget.com/?y=cdd07634&x=ktVrDlr%2BQZgiyDAa2CWtTJWZR7mJ%2Fya98O5DH%2BZrC1kk7R5dxzj%2F8hZb1J%2BUQ9K7ZKFIj%2BsfcAkMaUlwAKBB9TrU4pu%2F8UWsqpM9wqUeaXE%2F%2BJX0heuxH%2BKGSlJkpRbQleHDx6whNEqkKAmVk7J56Hl4To%2FWf26wlX1R1bkQHb4%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.24.111.143 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://d2.consoletarget.com/?y=cdd07634&x=ktVrDlr%2BQZgiyDAa2CWtTJWZR7mJ%2Fya98O5DH%2BZrC1kk7R5dxzj%2F8hZb1J%2BUQ9K7ZKFIj%2BsfcAkMaUlwAKBB9TrU4pu%2F8UWsqpM9wqUeaXE%2F%2BJX0heuxH%2BKGSlJkpRbQleHDx6whNEqkKAmVk7J56Hl4To%2FWf26wlX1R1bkQHb4%3D
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Range
bytes=0-

Response headers

date
Sun, 22 Dec 2019 06:59:08 GMT
cf-cache-status
DYNAMIC
last-modified
Thu, 20 Dec 2018 06:49:11 GMT
server
cloudflare
etag
"c6714-57d6e87299226"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status
206
content-type
video/mp4
Content-Range
bytes 0-812819/812820
cache-control
max-age=0
accept-ranges
bytes
cf-ray
54903618fdcbbf4b-AMS
Content-Length
812820
expires
Sun, 22 Dec 2019 06:59:08 GMT
e0886_1.mp4
d2.consoletarget.com/i/tc/pm/
26 KB
26 KB
Media
General
Full URL
https://d2.consoletarget.com/i/tc/pm/e0886_1.mp4
Requested by
Host: d2.consoletarget.com
URL: https://d2.consoletarget.com/?y=cdd07634&x=ktVrDlr%2BQZgiyDAa2CWtTJWZR7mJ%2Fya98O5DH%2BZrC1kk7R5dxzj%2F8hZb1J%2BUQ9K7ZKFIj%2BsfcAkMaUlwAKBB9TrU4pu%2F8UWsqpM9wqUeaXE%2F%2BJX0heuxH%2BKGSlJkpRbQleHDx6whNEqkKAmVk7J56Hl4To%2FWf26wlX1R1bkQHb4%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.24.111.143 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc8bb5d365aa0bc67b9f47e6e8562968a01fe9a34f1a5a504a22b333093944b7

Request headers

Referer
https://d2.consoletarget.com/?y=cdd07634&x=ktVrDlr%2BQZgiyDAa2CWtTJWZR7mJ%2Fya98O5DH%2BZrC1kk7R5dxzj%2F8hZb1J%2BUQ9K7ZKFIj%2BsfcAkMaUlwAKBB9TrU4pu%2F8UWsqpM9wqUeaXE%2F%2BJX0heuxH%2BKGSlJkpRbQleHDx6whNEqkKAmVk7J56Hl4To%2FWf26wlX1R1bkQHb4%3D
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Range
bytes=786432-

Response headers

date
Sun, 22 Dec 2019 06:59:08 GMT
cf-cache-status
DYNAMIC
last-modified
Thu, 20 Dec 2018 06:49:11 GMT
server
cloudflare
etag
"c6714-57d6e87299226"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status
206
content-type
video/mp4
Content-Range
bytes 786432-812819/812820
cache-control
max-age=0
accept-ranges
bytes
cf-ray
54903619deb4bf4b-AMS
Content-Length
26388
expires
Sun, 22 Dec 2019 06:59:08 GMT
e0886_1.mp4
d2.consoletarget.com/i/tc/pm/
762 KB
0
Media
General
Full URL
https://d2.consoletarget.com/i/tc/pm/e0886_1.mp4
Requested by
Host: d2.consoletarget.com
URL: https://d2.consoletarget.com/?y=cdd07634&x=ktVrDlr%2BQZgiyDAa2CWtTJWZR7mJ%2Fya98O5DH%2BZrC1kk7R5dxzj%2F8hZb1J%2BUQ9K7ZKFIj%2BsfcAkMaUlwAKBB9TrU4pu%2F8UWsqpM9wqUeaXE%2F%2BJX0heuxH%2BKGSlJkpRbQleHDx6whNEqkKAmVk7J56Hl4To%2FWf26wlX1R1bkQHb4%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.24.111.143 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://d2.consoletarget.com/?y=cdd07634&x=ktVrDlr%2BQZgiyDAa2CWtTJWZR7mJ%2Fya98O5DH%2BZrC1kk7R5dxzj%2F8hZb1J%2BUQ9K7ZKFIj%2BsfcAkMaUlwAKBB9TrU4pu%2F8UWsqpM9wqUeaXE%2F%2BJX0heuxH%2BKGSlJkpRbQleHDx6whNEqkKAmVk7J56Hl4To%2FWf26wlX1R1bkQHb4%3D
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Range
bytes=32768-

Response headers

date
Sun, 22 Dec 2019 06:59:08 GMT
cf-cache-status
DYNAMIC
last-modified
Thu, 20 Dec 2018 06:49:11 GMT
server
cloudflare
etag
"c6714-57d6e87299226"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status
206
content-type
video/mp4
Content-Range
bytes 32768-812819/812820
cache-control
max-age=0
accept-ranges
bytes
cf-ray
5490361aaf5fbf4b-AMS
Content-Length
780052
expires
Sun, 22 Dec 2019 06:59:08 GMT
Primary Request pc_mars_war_logs.shtml
gamecopyworld.eu/games/
33 KB
6 KB
Document
General
Full URL
https://gamecopyworld.eu/games/pc_mars_war_logs.shtml
Requested by
Host: d2.consoletarget.com
URL: https://d2.consoletarget.com/?y=cdd07634&x=ktVrDlr%2BQZgiyDAa2CWtTJWZR7mJ%2Fya98O5DH%2BZrC1kk7R5dxzj%2F8hZb1J%2BUQ9K7ZKFIj%2BsfcAkMaUlwAKBB9TrU4pu%2F8UWsqpM9wqUeaXE%2F%2BJX0heuxH%2BKGSlJkpRbQleHDx6whNEqkKAmVk7J56Hl4To%2FWf26wlX1R1bkQHb4%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.31.93.39 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
74d258275df103b6a2667bbaf1efe0c41caa2472e56ca2859fb32d43d3fa519a

Request headers

:method
GET
:authority
gamecopyworld.eu
:scheme
https
:path
/games/pc_mars_war_logs.shtml
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
https://d2.consoletarget.com/?y=cdd07634&x=ktVrDlr%2BQZgiyDAa2CWtTJWZR7mJ%2Fya98O5DH%2BZrC1kk7R5dxzj%2F8hZb1J%2BUQ9K7ZKFIj%2BsfcAkMaUlwAKBB9TrU4pu%2F8UWsqpM9wqUeaXE%2F%2BJX0heuxH%2BKGSlJkpRbQleHDx6whNEqkKAmVk7J56Hl4To%2FWf26wlX1R1bkQHb4%3D
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://d2.consoletarget.com/?y=cdd07634&x=ktVrDlr%2BQZgiyDAa2CWtTJWZR7mJ%2Fya98O5DH%2BZrC1kk7R5dxzj%2F8hZb1J%2BUQ9K7ZKFIj%2BsfcAkMaUlwAKBB9TrU4pu%2F8UWsqpM9wqUeaXE%2F%2BJX0heuxH%2BKGSlJkpRbQleHDx6whNEqkKAmVk7J56Hl4To%2FWf26wlX1R1bkQHb4%3D

Response headers

status
200
date
Sun, 22 Dec 2019 06:59:13 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=df8df8209170f8533acecd64a59ee922b1576997953; expires=Tue, 21-Jan-20 06:59:13 GMT; path=/; domain=.gamecopyworld.eu; HttpOnly; SameSite=Lax; Secure PHPSESSID=cd0doda747t1vkhqhhpshgapf7; path=/
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
max-age=0, private, no-store, no-cache, must-revalidate
pragma
no-cache
vary
Accept-Encoding
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
5490363a6f7772db-AMS
content-encoding
br
colorbox.css
gamecopyworld.eu/games/cb/
4 KB
1 KB
Stylesheet
General
Full URL
https://gamecopyworld.eu/games/cb/colorbox.css
Requested by
Host: gamecopyworld.eu
URL: https://gamecopyworld.eu/games/pc_mars_war_logs.shtml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.31.93.39 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b9bccdbe5e54a43b311d387bcd57a43b5063c962af7ba60bef421aa61a6e491

Request headers

Referer
https://gamecopyworld.eu/games/pc_mars_war_logs.shtml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 22 Dec 2019 06:59:13 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 24 Dec 2014 21:50:46 GMT
server
cloudflare
age
224632
etag
W/"f3f-50afd48af3980-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=604800
cf-ray
5490363acfa372db-AMS
expires
Thu, 26 Dec 2019 16:35:21 GMT
jquery.min.js
gamecopyworld.eu/games/js/
94 KB
32 KB
Script
General
Full URL
https://gamecopyworld.eu/games/js/jquery.min.js
Requested by
Host: gamecopyworld.eu
URL: https://gamecopyworld.eu/games/pc_mars_war_logs.shtml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.31.93.39 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0

Request headers

Referer
https://gamecopyworld.eu/games/pc_mars_war_logs.shtml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 22 Dec 2019 06:59:13 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 16 Jan 2015 20:08:19 GMT
server
cloudflare
age
122757
etag
W/"176bb-50cca88a512c0-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=604800
cf-ray
5490363acfa472db-AMS
expires
Fri, 27 Dec 2019 20:53:16 GMT
jquery.colorbox-min.js
gamecopyworld.eu/games/cb/
11 KB
4 KB
Script
General
Full URL
https://gamecopyworld.eu/games/cb/jquery.colorbox-min.js
Requested by
Host: gamecopyworld.eu
URL: https://gamecopyworld.eu/games/pc_mars_war_logs.shtml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.31.93.39 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
efa2ec1d872cdd22f2ca6aedea7b686c7eda3867f5d28c1321891a775edb7ad8

Request headers

Referer
https://gamecopyworld.eu/games/pc_mars_war_logs.shtml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 22 Dec 2019 06:59:13 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 24 Dec 2014 21:50:47 GMT
server
cloudflare
age
101280
etag
W/"2de3-50afd48be7bc0-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=604800
cf-ray
5490363acfa672db-AMS
expires
Sat, 28 Dec 2019 02:51:13 GMT
cookieconsent.min.css
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/
4 KB
1 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.css
Requested by
Host: gamecopyworld.eu
URL: https://gamecopyworld.eu/games/pc_mars_war_logs.shtml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4104 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
456ab1a71507ed91abae14c9d08faffb373a7bc711a66e44341b7b8b7bb72ab4
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://gamecopyworld.eu/games/pc_mars_war_logs.shtml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 22 Dec 2019 06:59:13 GMT
content-encoding
br
cf-cache-status
HIT
age
21631896
cf-ray
5490363acb8ecba0-VIE
status
200
strict-transport-security
max-age=15780000; includeSubDomains
alt-svc
h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
last-modified
Thu, 17 May 2018 09:18:32 GMT
server
cloudflare
etag
W/"5afd48e8-f62"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
expires
Fri, 11 Dec 2020 06:59:13 GMT
cache-control
public, max-age=30672000
timing-allow-origin
*
served-in-seconds
0.005
cookieconsent.min.js
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/
19 KB
6 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.js
Requested by
Host: gamecopyworld.eu
URL: https://gamecopyworld.eu/games/pc_mars_war_logs.shtml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4104 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
af4c6683814aa527caf53bde3d021e6aafe00833b45f2dead043c87ed7864674
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://gamecopyworld.eu/games/pc_mars_war_logs.shtml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 22 Dec 2019 06:59:13 GMT
content-encoding
br
cf-cache-status
HIT
age
21631895
cf-ray
5490363acb90cba0-VIE
status
200
strict-transport-security
max-age=15780000; includeSubDomains
alt-svc
h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
last-modified
Thu, 17 May 2018 09:18:36 GMT
server
cloudflare
etag
W/"5afd48ec-4d5a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Fri, 11 Dec 2020 06:59:13 GMT
cache-control
public, max-age=30672000
timing-allow-origin
*
served-in-seconds
0.025
gcw.css
gamecopyworld.eu/games/
7 KB
957 B
Stylesheet
General
Full URL
https://gamecopyworld.eu/games/gcw.css?r=37806
Requested by
Host: gamecopyworld.eu
URL: https://gamecopyworld.eu/games/pc_mars_war_logs.shtml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.31.93.39 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
72f290002a25197ad5535e752cc1cb65c859d1292a14e5c675b6270e27f652b8

Request headers

Referer
https://gamecopyworld.eu/games/pc_mars_war_logs.shtml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 22 Dec 2019 06:59:13 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 01 Jul 2019 19:34:16 GMT
server
cloudflare
etag
W/"1b1b-58ca3b6b8f133-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=604800
cf-ray
5490363acfa872db-AMS
expires
Sun, 29 Dec 2019 06:59:13 GMT
h1.gif
gamecopyworld.eu/games/
42 B
172 B
Image
General
Full URL
https://gamecopyworld.eu/games/h1.gif
Requested by
Host: gamecopyworld.eu
URL: https://gamecopyworld.eu/games/pc_mars_war_logs.shtml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.31.93.39 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://gamecopyworld.eu/games/pc_mars_war_logs.shtml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 22 Dec 2019 06:59:13 GMT
cf-cache-status
HIT
last-modified
Wed, 07 Oct 1998 21:02:18 GMT
server
cloudflare
age
224632
etag
"2a-339a24b1fea80"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
status
200
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
5490363acfaa72db-AMS
content-length
42
expires
Thu, 26 Dec 2019 16:35:21 GMT
is_lb_harley_1.jpg
gamecopyworld.eu/ddd/ii/tc/
88 KB
88 KB
Image
General
Full URL
https://gamecopyworld.eu/ddd/ii/tc/is_lb_harley_1.jpg
Requested by
Host: gamecopyworld.eu
URL: https://gamecopyworld.eu/games/pc_mars_war_logs.shtml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.31.93.39 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
17acbfa149f7a2c600a5e6aba0ce4d505d84368216f12aee7fecdd53a4f24daf

Request headers

Referer
https://gamecopyworld.eu/games/pc_mars_war_logs.shtml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 22 Dec 2019 06:59:13 GMT
cf-cache-status
HIT
last-modified
Thu, 03 Oct 2019 16:35:37 GMT
server
cloudflare
age
549665
etag
"16087-594042cdeff53"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
5490363acfab72db-AMS
content-length
90247
expires
Tue, 14 Jan 2020 22:18:08 GMT
email.gif
gamecopyworld.eu/games/images/
16 KB
16 KB
Image
General
Full URL
https://gamecopyworld.eu/games/images/email.gif
Requested by
Host: gamecopyworld.eu
URL: https://gamecopyworld.eu/games/pc_mars_war_logs.shtml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.31.93.39 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
342eb91d51c7a9e6f87b1b8b9090b371fcd6940d6e976dc69060f01d95361681

Request headers

Referer
https://gamecopyworld.eu/games/pc_mars_war_logs.shtml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 22 Dec 2019 06:59:13 GMT
cf-cache-status
HIT
last-modified
Sun, 19 Jul 1998 08:15:50 GMT
server
cloudflare
age
101280
etag
"3e75-3334e42b8b980"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
status
200
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
5490363aefb972db-AMS
content-length
15989
expires
Sat, 28 Dec 2019 02:51:13 GMT
gcw_logo_xmas.gif
gamecopyworld.eu/games/images/
9 KB
9 KB
Image
General
Full URL
https://gamecopyworld.eu/games/images/gcw_logo_xmas.gif
Requested by
Host: gamecopyworld.eu
URL: https://gamecopyworld.eu/games/pc_mars_war_logs.shtml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.31.93.39 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a132e5b21436b719a779f3cb9ac1119326186271f984b938dd7864815f6e534

Request headers

Referer
https://gamecopyworld.eu/games/pc_mars_war_logs.shtml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 22 Dec 2019 06:59:13 GMT
cf-cache-status
HIT
last-modified
Thu, 21 Dec 2000 20:27:24 GMT
server
cloudflare
age
344205
etag
"234f-378f7c2684300"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
status
200
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
5490363b2fda72db-AMS
content-length
9039
expires
Wed, 25 Dec 2019 07:22:28 GMT
h1.gif
gamecopyworld.eu/games/images/
42 B
101 B
Image
General
Full URL
https://gamecopyworld.eu/games/images/h1.gif
Requested by
Host: gamecopyworld.eu
URL: https://gamecopyworld.eu/games/pc_mars_war_logs.shtml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.31.93.39 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://gamecopyworld.eu/games/pc_mars_war_logs.shtml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 22 Dec 2019 06:59:13 GMT
cf-cache-status
HIT
last-modified
Wed, 07 Oct 1998 21:02:18 GMT
server
cloudflare
age
122757
etag
"2a-339a24b1fea80"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
status
200
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
5490363b2fdc72db-AMS
content-length
42
expires
Fri, 27 Dec 2019 20:53:16 GMT
linkworld.gif
gamecopyworld.eu/games/images/
2 KB
2 KB
Image
General
Full URL
https://gamecopyworld.eu/games/images/linkworld.gif
Requested by
Host: gamecopyworld.eu
URL: https://gamecopyworld.eu/games/pc_mars_war_logs.shtml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.31.93.39 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
95af585291f2fb21865cb55c59d9c8fcf9c7a5bef0f525033a15a22f846454a2

Request headers

Referer
https://gamecopyworld.eu/games/pc_mars_war_logs.shtml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 22 Dec 2019 06:59:13 GMT
cf-cache-status
HIT
last-modified
Sun, 26 Dec 1999 13:43:02 GMT
server
cloudflare
age
514669
etag
"882-35c9407912580"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
status
200
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
5490363b3fe272db-AMS
content-length
2178
expires
Mon, 23 Dec 2019 08:01:24 GMT
pc_mars_war_logs.jpg
gamecopyworld.eu/games/images/
22 KB
22 KB
Image
General
Full URL
https://gamecopyworld.eu/games/images/pc_mars_war_logs.jpg
Requested by
Host: gamecopyworld.eu
URL: https://gamecopyworld.eu/games/pc_mars_war_logs.shtml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.31.93.39 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6cd4f9a5632b15e92a7340e3ad8f329ffbec5a0d098374fdd6ffed682b9b0c98

Request headers

Referer
https://gamecopyworld.eu/games/pc_mars_war_logs.shtml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 22 Dec 2019 06:59:13 GMT
cf-cache-status
MISS
last-modified
Fri, 26 Apr 2013 17:18:40 GMT
server
cloudflare
etag
"58f2-4db46b9e79c00"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
5490363b3fe372db-AMS
content-length
22770
expires
Tue, 21 Jan 2020 06:59:13 GMT
flag_uk.gif
gamecopyworld.eu/games/images/
76 B
268 B
Image
General
Full URL
https://gamecopyworld.eu/games/images/flag_uk.gif
Requested by
Host: gamecopyworld.eu
URL: https://gamecopyworld.eu/games/pc_mars_war_logs.shtml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.31.93.39 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b4502a5a623952c46395d726a3b6e303ffd954cc38388abc49dedd3d18b1295

Request headers

Referer
https://gamecopyworld.eu/games/pc_mars_war_logs.shtml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 22 Dec 2019 06:59:13 GMT
cf-cache-status
HIT
last-modified
Fri, 05 Jan 2001 21:17:48 GMT
server
cloudflare
age
116316
etag
"4c-37a2636457700"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
status
200
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
5490363b3fe572db-AMS
content-length
76
expires
Fri, 27 Dec 2019 22:40:37 GMT
dsk.gif
gamecopyworld.eu/games/images/
133 B
288 B
Image
General
Full URL
https://gamecopyworld.eu/games/images/dsk.gif
Requested by
Host: gamecopyworld.eu
URL: https://gamecopyworld.eu/games/pc_mars_war_logs.shtml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.31.93.39 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb247ae5fff70e8b751cf1fa1326f1a5164692094fbae47eca64f6a5a584f098

Request headers

Referer
https://gamecopyworld.eu/games/pc_mars_war_logs.shtml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 22 Dec 2019 06:59:13 GMT
cf-cache-status
HIT
last-modified
Fri, 05 Jan 2001 21:20:02 GMT
server
cloudflare
age
116316
etag
"85-37a263e422480"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
status
200
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
5490363b3fe672db-AMS
content-length
133
expires
Fri, 27 Dec 2019 22:40:37 GMT
p1.js
gamecopyworld.eu/games/js/
0
0
Script
General
Full URL
https://gamecopyworld.eu/games/js/p1.js
Requested by
Host: gamecopyworld.eu
URL: https://gamecopyworld.eu/games/pc_mars_war_logs.shtml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.31.93.39 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://gamecopyworld.eu/games/pc_mars_war_logs.shtml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 Dec 2019 06:59:13 GMT
content-encoding
br
cf-cache-status
BYPASS
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
status
404
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
cf-ray
5490363b3fe772db-AMS
@_ff_bt.php
s1.filetarget.net/ Frame BA86
Redirect Chain
  • https://s1.filetarget.net/!_bt.php?sz=bn&sn=gcweu&bg=gcw_hdr&do=1&ns=0&nf=
  • https://s1.filetarget.net/@_ff_bt.php
0
0
Document
General
Full URL
https://s1.filetarget.net/@_ff_bt.php
Requested by
Host: gamecopyworld.eu
URL: https://gamecopyworld.eu/games/pc_mars_war_logs.shtml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681f:4f72 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
s1.filetarget.net
:scheme
https
:path
/@_ff_bt.php
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://gamecopyworld.eu/games/pc_mars_war_logs.shtml
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://gamecopyworld.eu/games/pc_mars_war_logs.shtml

Response headers

status
200
date
Sun, 22 Dec 2019 06:59:13 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=d24d1921df7c38ccebad64b7cd19ce5511576997953; expires=Tue, 21-Jan-20 06:59:13 GMT; path=/; domain=.filetarget.net; HttpOnly; SameSite=Lax
vary
Accept-Encoding
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
5490363bf8d2cb9c-VIE
content-encoding
br

Redirect headers

status
302
date
Sun, 22 Dec 2019 06:59:13 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=d24d1921df7c38ccebad64b7cd19ce5511576997953; expires=Tue, 21-Jan-20 06:59:13 GMT; path=/; domain=.filetarget.net; HttpOnly; SameSite=Lax
location
@_ff_bt.php
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
5490363ba807cb9c-VIE
@_kgn.php
s1.filetarget.net/ Frame 328D
Redirect Chain
  • https://s1.filetarget.net/!_top.php?sz=bn&sn=gcweu&bg=gcw&ns=0&nf=
  • https://s1.filetarget.net/!_bn.php?sz=bn&sn=gcweu&bg=gcw&cn=DE&df=&ns=0&id=&nf=0&kw=
  • https://s1.filetarget.net/!_geo.php?sz=bn&sn=gcweu&bg=gcw&cn=DE&df=&ns=1&id=&nf=0&sk=
  • https://s1.filetarget.net/@_mwb.php?sz=bn&sn=gcweu&bg=gcw&cn=DE&df=&ns=1&id=&nf=0
  • https://s1.filetarget.net/!_bn.php?sz=bn&sn=gcweu&bg=gcw&ng=&ns=1&cn=DE&kw=&bt=&nu=&sk=&dn=&id=
  • https://s1.filetarget.net/@_kgn.php?sz=bn&sn=gcweu&bg=gcw&cn=DE&df=&ns=1&id=&nf=0
0
0
Document
General
Full URL
https://s1.filetarget.net/@_kgn.php?sz=bn&sn=gcweu&bg=gcw&cn=DE&df=&ns=1&id=&nf=0
Requested by
Host: gamecopyworld.eu
URL: https://gamecopyworld.eu/games/pc_mars_war_logs.shtml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681f:4f72 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
s1.filetarget.net
:scheme
https
:path
/@_kgn.php?sz=bn&sn=gcweu&bg=gcw&cn=DE&df=&ns=1&id=&nf=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://gamecopyworld.eu/games/pc_mars_war_logs.shtml
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://gamecopyworld.eu/games/pc_mars_war_logs.shtml

Response headers

status
200
date
Sun, 22 Dec 2019 06:59:14 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=d5152e8c394ba600ee2254699535e515e1576997954; expires=Tue, 21-Jan-20 06:59:14 GMT; path=/; domain=.filetarget.net; HttpOnly; SameSite=Lax
vary
Accept-Encoding
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
5490363cdb65cb9c-VIE
content-encoding
br

Redirect headers

status
302
date
Sun, 22 Dec 2019 06:59:14 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=d5152e8c394ba600ee2254699535e515e1576997954; expires=Tue, 21-Jan-20 06:59:14 GMT; path=/; domain=.filetarget.net; HttpOnly; SameSite=Lax
location
@_kgn.php?sz=bn&sn=gcweu&bg=gcw&cn=DE&df=&ns=1&id=&nf=0
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
5490363caaf0cb9c-VIE
!_games.php
s1.filetarget.net/ Frame 3E1E
Redirect Chain
  • https://s1.filetarget.net/!_sk.php?sz=sk&sn=gcweu&bg=gcw&ns=0&nf=
  • https://s1.filetarget.net/!_games.php?sz=sk&sn=gcweu&bg=gcw&cn=DE&ns=1&id=&nf=0&pr=1
0
0
Document
General
Full URL
https://s1.filetarget.net/!_games.php?sz=sk&sn=gcweu&bg=gcw&cn=DE&ns=1&id=&nf=0&pr=1
Requested by
Host: gamecopyworld.eu
URL: https://gamecopyworld.eu/games/pc_mars_war_logs.shtml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681f:4f72 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
s1.filetarget.net
:scheme
https
:path
/!_games.php?sz=sk&sn=gcweu&bg=gcw&cn=DE&ns=1&id=&nf=0&pr=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://gamecopyworld.eu/games/pc_mars_war_logs.shtml
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://gamecopyworld.eu/games/pc_mars_war_logs.shtml

Response headers

status
200
date
Sun, 22 Dec 2019 06:59:13 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=d24d1921df7c38ccebad64b7cd19ce5511576997953; expires=Tue, 21-Jan-20 06:59:13 GMT; path=/; domain=.filetarget.net; HttpOnly; SameSite=Lax
vary
Accept-Encoding
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
5490363bf8c6cb9c-VIE
content-encoding
br

Redirect headers

status
302
date
Sun, 22 Dec 2019 06:59:13 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=d24d1921df7c38ccebad64b7cd19ce5511576997953; expires=Tue, 21-Jan-20 06:59:13 GMT; path=/; domain=.filetarget.net; HttpOnly; SameSite=Lax
location
!_games.php?sz=sk&sn=gcweu&bg=gcw&cn=DE&ns=1&id=&nf=0&pr=1
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
5490363ba80ecb9c-VIE
@_gsde.php
s1.filetarget.net/ Frame 3B3F
Redirect Chain
  • https://s1.filetarget.net/!_bs.php?sz=bs&bl=1&sn=gcweu&bg=gcw&ns=0&nf=
  • https://s1.filetarget.net/!_geo.php?sz=sk&sn=gcweu&bg=gcw&cn=DE&id=&nf=0&sk=
  • https://s1.filetarget.net/@_gsde.php?sz=sk&sn=gcweu&bg=gcw&cn=DE&df=&ns=0&id=&nf=0
0
0
Document
General
Full URL
https://s1.filetarget.net/@_gsde.php?sz=sk&sn=gcweu&bg=gcw&cn=DE&df=&ns=0&id=&nf=0
Requested by
Host: gamecopyworld.eu
URL: https://gamecopyworld.eu/games/pc_mars_war_logs.shtml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681f:4f72 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
s1.filetarget.net
:scheme
https
:path
/@_gsde.php?sz=sk&sn=gcweu&bg=gcw&cn=DE&df=&ns=0&id=&nf=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://gamecopyworld.eu/games/pc_mars_war_logs.shtml
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://gamecopyworld.eu/games/pc_mars_war_logs.shtml

Response headers

status
200
date
Sun, 22 Dec 2019 06:59:13 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=d24d1921df7c38ccebad64b7cd19ce5511576997953; expires=Tue, 21-Jan-20 06:59:13 GMT; path=/; domain=.filetarget.net; HttpOnly; SameSite=Lax
vary
Accept-Encoding
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
5490363c3977cb9c-VIE
content-encoding
br

Redirect headers

status
302
date
Sun, 22 Dec 2019 06:59:13 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=d24d1921df7c38ccebad64b7cd19ce5511576997953; expires=Tue, 21-Jan-20 06:59:13 GMT; path=/; domain=.filetarget.net; HttpOnly; SameSite=Lax
location
@_gsde.php?sz=sk&sn=gcweu&bg=gcw&cn=DE&df=&ns=0&id=&nf=0
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
5490363bf8dacb9c-VIE
@_tc.php
s1.filetarget.net/ Frame 95A5
Redirect Chain
  • https://s1.filetarget.net/!_btm.php?sz=bn&sn=gcweu&bg=gcw&ns=0&nf=
  • https://s1.filetarget.net/@_tc.php?sz=bn&sn=gcweu&bg=gcw&cn=DE&df=&ns=0&id=&nf=0&np=1
0
0
Document
General
Full URL
https://s1.filetarget.net/@_tc.php?sz=bn&sn=gcweu&bg=gcw&cn=DE&df=&ns=0&id=&nf=0&np=1
Requested by
Host: gamecopyworld.eu
URL: https://gamecopyworld.eu/games/pc_mars_war_logs.shtml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681f:4f72 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
s1.filetarget.net
:scheme
https
:path
/@_tc.php?sz=bn&sn=gcweu&bg=gcw&cn=DE&df=&ns=0&id=&nf=0&np=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://gamecopyworld.eu/games/pc_mars_war_logs.shtml
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://gamecopyworld.eu/games/pc_mars_war_logs.shtml

Response headers

status
200
date
Sun, 22 Dec 2019 06:59:13 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=d24d1921df7c38ccebad64b7cd19ce5511576997953; expires=Tue, 21-Jan-20 06:59:13 GMT; path=/; domain=.filetarget.net; HttpOnly; SameSite=Lax
vary
Accept-Encoding
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
5490363bf8d5cb9c-VIE
content-encoding
br

Redirect headers

status
302
date
Sun, 22 Dec 2019 06:59:13 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=d24d1921df7c38ccebad64b7cd19ce5511576997953; expires=Tue, 21-Jan-20 06:59:13 GMT; path=/; domain=.filetarget.net; HttpOnly; SameSite=Lax
location
@_tc.php?sz=bn&sn=gcweu&bg=gcw&cn=DE&df=&ns=0&id=&nf=0&np=1
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
5490363ba80ccb9c-VIE
p2.js
b.bnrsis.com/
36 KB
36 KB
Script
General
Full URL
https://b.bnrsis.com/p2.js
Requested by
Host: gamecopyworld.eu
URL: https://gamecopyworld.eu/games/pc_mars_war_logs.shtml
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
130.185.144.4 , United Kingdom, ASN20860 (IOMART-AS, GB),
Reverse DNS
Software
nginx/1.8.0 /
Resource Hash
391a8cca20070bde455a1f46cd51fbf91051e77dfc54583ac8d173864e4a0a6f

Request headers

Referer
https://gamecopyworld.eu/games/pc_mars_war_logs.shtml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 22 Dec 2019 06:59:13 GMT
Last-Modified
Fri, 20 Dec 2019 10:18:00 GMT
Server
nginx/1.8.0
Accept-Ranges
bytes
ETag
"5dfc9fd8-8f4a"
Content-Length
36682
Content-Type
application/javascript
pc_guacamelee_super_turbo_championship_edition.shtml
gamecopyworld.eu/games/
Redirect Chain
  • https://gamecopyworld.eu/games/i/tc/pm/a1520.mp4
  • http://gamecopyworld.eu/games/pc_guacamelee_super_turbo_championship_edition.shtml
0
-1 B
Media
General
Full URL
http://gamecopyworld.eu/games/pc_guacamelee_super_turbo_championship_edition.shtml
Requested by
Host: gamecopyworld.eu
URL: https://gamecopyworld.eu/games/pc_mars_war_logs.shtml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.31.93.39 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 22 Dec 2019 06:59:14 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location
http://gamecopyworld.eu/games/pc_guacamelee_super_turbo_championship_edition.shtml
content-type
text/html; charset=UTF-8
status
301
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
cf-ray
5490363c88a372db-AMS

Redirect headers

pragma
no-cache
date
Sun, 22 Dec 2019 06:59:14 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status
301
content-type
text/html; charset=UTF-8
location
http://gamecopyworld.eu/games/pc_guacamelee_super_turbo_championship_edition.shtml
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
cf-ray
5490363c88a372db-AMS
pc_guacamelee_super_turbo_championship_edition.shtml
gamecopyworld.eu/games/
Redirect Chain
  • http://gamecopyworld.eu/games/pc_guacamelee_super_turbo_championship_edition.shtml
  • https://gamecopyworld.eu/games/pc_guacamelee_super_turbo_championship_edition.shtml
0
0

e0863_5_2.mp4
gamecopyworld.eu/games/i/tc/pm/
87 KB
0
Media
General
Full URL
https://gamecopyworld.eu/games/i/tc/pm/e0863_5_2.mp4
Requested by
Host: gamecopyworld.eu
URL: https://gamecopyworld.eu/games/pc_mars_war_logs.shtml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.31.93.39 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://gamecopyworld.eu/games/pc_mars_war_logs.shtml
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Range
bytes=0-

Response headers

date
Sun, 22 Dec 2019 06:59:14 GMT
cf-cache-status
DYNAMIC
last-modified
Sun, 31 Mar 2019 07:05:56 GMT
server
cloudflare
etag
"14bb89-5855e890bdadd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status
206
content-type
video/mp4
Content-Range
bytes 0-1358728/1358729
cache-control
max-age=0
accept-ranges
bytes
cf-ray
5490363e098d72db-AMS
Content-Length
1358729
expires
Sun, 22 Dec 2019 06:59:14 GMT
e0863_5_2.mp4
gamecopyworld.eu/games/i/tc/pm/
15 KB
15 KB
Media
General
Full URL
https://gamecopyworld.eu/games/i/tc/pm/e0863_5_2.mp4
Requested by
Host: gamecopyworld.eu
URL: https://gamecopyworld.eu/games/pc_mars_war_logs.shtml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.31.93.39 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b09247a6f6514fe97e6b539e952ccfb5de1cfec7ff1b47ac9fd45dbdf7e1859

Request headers

Referer
https://gamecopyworld.eu/games/pc_mars_war_logs.shtml
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Range
bytes=1343488-

Response headers

date
Sun, 22 Dec 2019 06:59:14 GMT
cf-cache-status
DYNAMIC
last-modified
Sun, 31 Mar 2019 07:05:56 GMT
server
cloudflare
etag
"14bb89-5855e890bdadd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status
206
content-type
video/mp4
Content-Range
bytes 1343488-1358728/1358729
cache-control
max-age=0
accept-ranges
bytes
cf-ray
5490363e39aa72db-AMS
Content-Length
15241
expires
Sun, 22 Dec 2019 06:59:14 GMT
e0863_5_2.mp4
gamecopyworld.eu/games/i/tc/pm/
1 MB
0
Media
General
Full URL
https://gamecopyworld.eu/games/i/tc/pm/e0863_5_2.mp4
Requested by
Host: gamecopyworld.eu
URL: https://gamecopyworld.eu/games/pc_mars_war_logs.shtml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.31.93.39 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://gamecopyworld.eu/games/pc_mars_war_logs.shtml
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Range
bytes=65536-

Response headers

date
Sun, 22 Dec 2019 06:59:14 GMT
cf-cache-status
DYNAMIC
last-modified
Sun, 31 Mar 2019 07:05:56 GMT
server
cloudflare
etag
"14bb89-5855e890bdadd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status
206
content-type
video/mp4
Content-Range
bytes 65536-1358728/1358729
cache-control
max-age=0
accept-ranges
bytes
cf-ray
5490363e79ca72db-AMS
Content-Length
1293193
expires
Sun, 22 Dec 2019 06:59:14 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
gamecopyworld.eu
URL
https://gamecopyworld.eu/games/pc_guacamelee_super_turbo_championship_edition.shtml

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| $ function| jQuery function| cbox object| cookieconsent string| TotemToolsObject function| tl

2 Cookies

Domain/Path Name / Value
gamecopyworld.eu/ Name: PHPSESSID
Value: cd0doda747t1vkhqhhpshgapf7
.gamecopyworld.eu/ Name: __cfduid
Value: df8df8209170f8533acecd64a59ee922b1576997953

1 Console Messages

Source Level URL
Text
console-api error URL: https://b.bnrsis.com/p2.js(Line 7)
Message:
%c<TOTEMTOOL> %cUnable to load media (src: i/tc/pm/a1520.mp4) font-weight:700 font-weight:400

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adserver.adreactor.com
adservice.google.com
adservice.google.de
b.bnrsis.com
cdnjs.cloudflare.com
d2.consoletarget.com
gamecopyworld.eu
googleads.g.doubleclick.net
pagead2.googlesyndication.com
s1.filetarget.net
www.googletagservices.com
gamecopyworld.eu
104.24.111.143
104.31.93.39
130.185.144.4
2606:4700:30::681f:4f72
2606:4700::6811:4104
2a00:1450:4001:81c::2002
46.166.179.121
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
060c126a38460626d946329d21b142e8549a27661bd40dbb5b61dd015b5bc44c
0b4502a5a623952c46395d726a3b6e303ffd954cc38388abc49dedd3d18b1295
17acbfa149f7a2c600a5e6aba0ce4d505d84368216f12aee7fecdd53a4f24daf
1a132e5b21436b719a779f3cb9ac1119326186271f984b938dd7864815f6e534
20cdda5f0e51f5dac5693ffe15fb394528dd838e9887a785de1d02e3bb2a418f
2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0
342eb91d51c7a9e6f87b1b8b9090b371fcd6940d6e976dc69060f01d95361681
391a8cca20070bde455a1f46cd51fbf91051e77dfc54583ac8d173864e4a0a6f
456ab1a71507ed91abae14c9d08faffb373a7bc711a66e44341b7b8b7bb72ab4
4b9bccdbe5e54a43b311d387bcd57a43b5063c962af7ba60bef421aa61a6e491
5b09247a6f6514fe97e6b539e952ccfb5de1cfec7ff1b47ac9fd45dbdf7e1859
63890326f558587b0840eb0a6e6377f1bf39264e015e568f4c2a03aefce3f929
64954d2f921bac2482e4983a2e07a271120dd998622a8c6ecda044cbe45176da
68bcdec2fdc6ce23468b97a8c39a3f9eb86233e03be5072bf3b438ac1433714d
6cd4f9a5632b15e92a7340e3ad8f329ffbec5a0d098374fdd6ffed682b9b0c98
72f290002a25197ad5535e752cc1cb65c859d1292a14e5c675b6270e27f652b8
74d258275df103b6a2667bbaf1efe0c41caa2472e56ca2859fb32d43d3fa519a
7702c887b838440da6bc9b24fcada415c791be2c5a3ed90159fe2e243b4917e0
95af585291f2fb21865cb55c59d9c8fcf9c7a5bef0f525033a15a22f846454a2
af4c6683814aa527caf53bde3d021e6aafe00833b45f2dead043c87ed7864674
c625a2066a674604ba2aac23404fa46feff44eabaec7ca90e7ca56c21806f2d3
cb247ae5fff70e8b751cf1fa1326f1a5164692094fbae47eca64f6a5a584f098
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efa2ec1d872cdd22f2ca6aedea7b686c7eda3867f5d28c1321891a775edb7ad8
fc8bb5d365aa0bc67b9f47e6e8562968a01fe9a34f1a5a504a22b333093944b7