playcs.yikm.net Open in urlscan Pro
64.64.249.2 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://playcs.yikm.net/
Submission: On April 18 via manual (April 18th 2023, 11:48:07 am UTC) from US — Scanned from DE

Summary HTTP 59 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 13 IPs in 4 countries across 12 domains to perform 59 HTTP transactions. The main IP is 64.64.249.2, located in Los Angeles, United States and belongs to IT7NET, CA. The main domain is playcs.yikm.net.
TLS certificate: Issued by TrustAsia RSA DV TLS CA G2 on March 2nd 2023. Valid for: a year.

This is the only time playcs.yikm.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
7	64.64.249.2 64.64.249.2	25820 (IT7NET) (IT7NET)
2	163.181.56.169 163.181.56.169	24429 (TAOBAO Zh...) (TAOBAO Zhejiang Taobao Network Co.)
11	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
12	61.160.236.93 61.160.236.93	23650 (CHINANET-...) (CHINANET-JIANGSU-PROVINCE-IDC AS Number for CHINANET jiangsu province backbone)
5	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
2	103.235.46.191 103.235.46.191	55967 (BAIDU Bei...) (BAIDU Beijing Baidu Netcom Science and Technology Co.)
2	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
59	13

7 64.64.249.2 (Los Angeles, United States)

ASN25820 (IT7NET, CA)
PTR: 64.64.249.2.16clouds.com

playcs.yikm.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 163.181.56.169 (Frankfurt am Main, Germany)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)

cdn.staticfile.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 61.160.236.93 (China)

ASN23650 (CHINANET-JIANGSU-PROVINCE-IDC AS Number for CHINANET jiangsu province backbone, CN)

img.1990i.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 103.235.46.191 (Hong Kong)

ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)

hm.baidu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 129 tpc.googlesyndication.com — Cisco Umbrella Rank: 177	298 KB
12	1990i.com img.1990i.com	1 MB
7	yikm.net playcs.yikm.net	169 KB
5	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 67	55 KB
4	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 130 www.google.com — Cisco Umbrella Rank: 16	2 KB
3	gstatic.com www.gstatic.com	15 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 119	2 KB
2	baidu.com hm.baidu.com — Cisco Umbrella Rank: 6664	12 KB
2	google.de adservice.google.de — Cisco Umbrella Rank: 5261	696 B
2	staticfile.org cdn.staticfile.org — Cisco Umbrella Rank: 43373	84 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 238	49 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1132	601 B
59	12

	Domain	Requested by
12	img.1990i.com	playcs.yikm.net
10	pagead2.googlesyndication.com	playcs.yikm.net pagead2.googlesyndication.com tpc.googlesyndication.com
9	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
7	playcs.yikm.net	playcs.yikm.net
5	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
3	www.gstatic.com	googleads.g.doubleclick.net
2	www.google.com	1 redirects tpc.googlesyndication.com
2	fonts.googleapis.com	googleads.g.doubleclick.net
2	hm.baidu.com	playcs.yikm.net
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	cdn.staticfile.org	playcs.yikm.net cdn.staticfile.org
1	www.googletagservices.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
59	14

This site contains links to these domains. Also see Links.

Domain
mail.qq.com

Subject Issuer	Validity	Valid
playcs.yikm.net TrustAsia RSA DV TLS CA G2	`2023-03-02` - `2024-03-01`	a year	crt.sh
*.staticfile.org GeoTrust RSA CN CA G2	`2022-09-05` - `2023-10-03`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
img.1990i.com TrustAsia RSA DV TLS CA G2	`2023-04-03` - `2024-05-02`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
baidu.com GlobalSign RSA OV SSL CA 2018	`2022-07-05` - `2023-08-06`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh

This page contains 9 frames:

Primary Page: https://playcs.yikm.net/
Frame ID: AAFD16D9BF8DCA2E5C420D05FEF09D5E
Requests: 36 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230413/r20190131/zrt_lookup.html
Frame ID: 59AB3DE0F867A480EC148319A94DE09F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2537602355535235&output=html&adk=1812271804&adf=3025194257&lmt=1681818477&plat=1%3A16777216%2C2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fplaycs.yikm.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681818477213&bpp=6&bdt=190&idt=188&shv=r20230413&mjsv=m202304120201&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6412677836417&frm=20&pv=2&ga_vid=388385906.1681818477&ga_sid=1681818477&ga_hid=204684929&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44759837%2C31071258%2C31071755%2C31073585%2C31073788%2C44788442&oid=2&pvsid=1228140184457733&tmod=299998907&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=229
Frame ID: 6DF29A24F5C7501708E9D92241D96A18
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230413/r20110914/zrt_lookup.html?fsb=1
Frame ID: E1D14911928DC538609748C668F3F2FC
Requests: 6 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: F03E14E5E25330EEE3744880EAD35CA4
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: B1320EEAF1F04DBE9B3142D952715C05
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/kBq9KUdG_fSJS_g22hG5IJOh94ldGEt94wg22nyNOr4.js
Frame ID: 7E910E3DBAC3541DA7A44B9C406FA804
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 6285703AA4515AE4A773BA0114137544
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: AE104A26EEA610533CA215E09F4E732B
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

在线玩cs1.6,无需下载客户端

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

animate.css (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css

Baidu Analytics (百度统计) (Analytics) Expand

Overall confidence: 100%
Detected patterns

hm\.baidu\.com/hm\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

OWL Carousel (Widgets) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*href="[^"]+owl\.carousel(?:\.min)?\.css

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

59
Requests

100 %
HTTPS

69 %
IPv6

12
Domains

14
Subdomains

13
IPs

4
Countries

1738 kB
Transfer

3168 kB
Size

7
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: http://mail.qq.com/cgi-bin/qm_share?t=qm_mailme&email=7IqPlYOZlIWsioOUgY2FgMKPg4E
Title: 意见反馈

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 47

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

59 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
playcs.yikm.net/ 35 KB
4 KB 618ms
178ms Document
text/html 64.64.249.2
IT7NET

General

Check archive.org

Show headers Download Go to

Full URL: https://playcs.yikm.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 64.64.249.2 Los Angeles, United States, ASN25820 (IT7NET, CA),
Reverse DNS: 64.64.249.2.16clouds.com
Software: nginx/1.12.2 /
Resource Hash: 32de6a9300cf92e7b9bafb3dd3dfabcec444c72445af64209f674597d8a0a8a0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Language: de-DE
Content-Type: text/html;charset=UTF-8
Date: Tue, 18 Apr 2023 11:47:56 GMT
Server: nginx/1.12.2
Transfer-Encoding: chunked

GET
H/1.1 200
OK font-awesome.min.css
cdn.staticfile.org/font-awesome/4.7.0/css/ 30 KB
8 KB 72ms
8ms Stylesheet
text/css 163.181.56.169
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.staticfile.org/font-awesome/4.7.0/css/font-awesome.min.css
Requested by: Host: playcs.yikm.net
URL: https://playcs.yikm.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 163.181.56.169 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash: 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://playcs.yikm.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

X-Log: X-Log
Date: Tue, 18 Apr 2023 06:35:59 GMT
Via: cache10.l2de2[0,0,304-0,H], cache3.l2de2[1,0], ens-cache2.de4[0,0,200-0,H], ens-cache2.de4[1,0]
Content-Encoding: gzip
X-Svr: IO
X-Reqid: m5gAAACLzon481YX
Age: 18718
X-Swift-CacheTime: 86393
X-Cache: HIT TCP_MEM_HIT dirn:8:360862401
Content-Transfer-Encoding: binary
Content-Disposition: inline; filename="font-awesome.min.css"; filename*=utf-8''font-awesome.min.css
Connection: keep-alive
X-Swift-SaveTime: Tue, 18 Apr 2023 06:36:06 GMT
Content-Length: 6968
Last-Modified: Wed, 26 Oct 2016 03:05:20 GMT
Server: Tengine
Etag: "FlEsfXkDPjAoqb5htUDPGmhwyJb4.gz"
Access-Control-Max-Age: 2592000
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
Ali-Swift-Global-Savetime: 1681799759
Access-Control-Expose-Headers: X-Log, X-Reqid
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
X-Qiniu-Zone: 0
Timing-Allow-Origin: *
EagleId: 2ff62b1a16818184770595477e

GET
H/1.1 200
OK bootstrap.min.css
playcs.yikm.net/assets/css/ 189 KB
36 KB 200ms
199ms Stylesheet
text/css 64.64.249.2
IT7NET

General

Check archive.org

Show headers Download Go to

Full URL: https://playcs.yikm.net/assets/css/bootstrap.min.css
Requested by: Host: playcs.yikm.net
URL: https://playcs.yikm.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 64.64.249.2 Los Angeles, United States, ASN25820 (IT7NET, CA),
Reverse DNS: 64.64.249.2.16clouds.com
Software: nginx/1.12.2 /
Resource Hash: fb1763b59f9f5764294b5af9fa5250835ae608282fe6f2f2213a5952aacf1fbf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://playcs.yikm.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Tue, 18 Apr 2023 11:47:57 GMT
Content-Encoding: gzip
Last-Modified: Wed, 03 Aug 2022 20:45:32 GMT
Server: nginx/1.12.2
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/css

GET
H/1.1 200
OK style2.css
playcs.yikm.net/assets/css/ 103 KB
23 KB 231ms
230ms Stylesheet
text/css 64.64.249.2
IT7NET

General

Check archive.org

Show headers Download Go to

Full URL: https://playcs.yikm.net/assets/css/style2.css
Requested by: Host: playcs.yikm.net
URL: https://playcs.yikm.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 64.64.249.2 Los Angeles, United States, ASN25820 (IT7NET, CA),
Reverse DNS: 64.64.249.2.16clouds.com
Software: nginx/1.12.2 /
Resource Hash: 7764969e552b83982e6388316606211ce35735bcd2dae7b82509fc8c6858a031

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://playcs.yikm.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Tue, 18 Apr 2023 11:47:57 GMT
Content-Encoding: gzip
Last-Modified: Wed, 04 Jan 2023 09:29:02 GMT
Server: nginx/1.12.2
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/css

GET
H/1.1 200
OK style.css
playcs.yikm.net/assets/css/ 297 KB
49 KB 610ms
307ms Stylesheet
text/css 64.64.249.2
IT7NET

General

Check archive.org

Show headers Download Go to

Full URL: https://playcs.yikm.net/assets/css/style.css
Requested by: Host: playcs.yikm.net
URL: https://playcs.yikm.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 64.64.249.2 Los Angeles, United States, ASN25820 (IT7NET, CA),
Reverse DNS: 64.64.249.2.16clouds.com
Software: nginx/1.12.2 /
Resource Hash: 6e51e2b45543acd28b12fa04a3e98708a7524b187162c2dc638198a092924c8d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://playcs.yikm.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Tue, 18 Apr 2023 11:47:57 GMT
Content-Encoding: gzip
Last-Modified: Fri, 26 Aug 2022 00:41:52 GMT
Server: nginx/1.12.2
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/css

GET
H/1.1 200
OK hud_v2.css
playcs.yikm.net/css/ 24 KB
6 KB 456ms
154ms Stylesheet
text/css 64.64.249.2
IT7NET

General

Check archive.org

Show headers Download Go to

Full URL: https://playcs.yikm.net/css/hud_v2.css?v=7
Requested by: Host: playcs.yikm.net
URL: https://playcs.yikm.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 64.64.249.2 Los Angeles, United States, ASN25820 (IT7NET, CA),
Reverse DNS: 64.64.249.2.16clouds.com
Software: nginx/1.12.2 /
Resource Hash: 808f8bc48b32aed870131d6778213ef8243bb9ff73c803ac193da27613f94573

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://playcs.yikm.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Tue, 18 Apr 2023 11:47:57 GMT
Content-Encoding: gzip
Last-Modified: Thu, 20 Oct 2022 04:01:35 GMT
Server: nginx/1.12.2
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/css

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 137 KB
47 KB 128ms
69ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2537602355535235

Requested by

Host: playcs.yikm.net
URL: https://playcs.yikm.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

30c5c0346947fa3f57734e801de2da5895e43565821ea283a6c0b63bef1641fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://playcs.yikm.net/
Origin: https://playcs.yikm.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 11:47:57 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47820
x-xss-protection: 0
server: cafe
etag: 13743504647124051089
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 18 Apr 2023 11:47:57 GMT

GET
H/1.1 200
OK cslogo1.png
img.1990i.com/cs/img/logo/ 37 KB
37 KB 990ms
476ms Image
image/png 61.160.236.93
CHINANET-JIANGSU-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.1990i.com/cs/img/logo/cslogo1.png
Requested by: Host: playcs.yikm.net
URL: https://playcs.yikm.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 61.160.236.93 , China, ASN23650 (CHINANET-JIANGSU-PROVINCE-IDC AS Number for CHINANET jiangsu province backbone, CN),
Reverse DNS
Software: nginx/1.20.2 /
Resource Hash: 7c4dac3aeec35ebe83e584037539b4414022295489192f91412138bc0d8696c7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://playcs.yikm.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Tue, 18 Apr 2023 11:47:44 GMT
Content-Encoding: gzip
Last-Modified: Wed, 17 Aug 2022 12:54:28 GMT
Server: nginx/1.20.2
ETag: W/"62fce504-9302"
Transfer-Encoding: chunked
Content-Type: image/png
Cache-Control: max-age=604800
Connection: keep-alive
Expires: Tue, 25 Apr 2023 11:47:44 GMT

GET
H/1.1 200
OK cslogo2.png
img.1990i.com/cs/img/logo/ 42 KB
42 KB 989ms
475ms Image
image/png 61.160.236.93
CHINANET-JIANGSU-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.1990i.com/cs/img/logo/cslogo2.png
Requested by: Host: playcs.yikm.net
URL: https://playcs.yikm.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 61.160.236.93 , China, ASN23650 (CHINANET-JIANGSU-PROVINCE-IDC AS Number for CHINANET jiangsu province backbone, CN),
Reverse DNS
Software: nginx/1.20.2 /
Resource Hash: f7b285dad3a08b17accaeb3edda2c0663a7e9fc8a09bd040e80c09b5cc14df2c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://playcs.yikm.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Tue, 18 Apr 2023 11:47:44 GMT
Content-Encoding: gzip
Last-Modified: Wed, 17 Aug 2022 12:53:25 GMT
Server: nginx/1.20.2
ETag: W/"62fce4c5-a70d"
Transfer-Encoding: chunked
Content-Type: image/png
Cache-Control: max-age=604800
Connection: keep-alive
Expires: Tue, 25 Apr 2023 11:47:44 GMT

GET
H/1.1 200
OK zm_snowbase.png
img.1990i.com/cs/img/maplogo/ 15 KB
15 KB 990ms
473ms Image
image/png 61.160.236.93
CHINANET-JIANGSU-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.1990i.com/cs/img/maplogo/zm_snowbase.png
Requested by: Host: playcs.yikm.net
URL: https://playcs.yikm.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 61.160.236.93 , China, ASN23650 (CHINANET-JIANGSU-PROVINCE-IDC AS Number for CHINANET jiangsu province backbone, CN),
Reverse DNS
Software: nginx/1.20.2 /
Resource Hash: 075952d834817f3035bbc370388b8ac3761f26a73c266d28ebe81536927f56b2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://playcs.yikm.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Tue, 18 Apr 2023 11:47:44 GMT
Content-Encoding: gzip
Last-Modified: Thu, 03 Nov 2022 06:36:50 GMT
Server: nginx/1.20.2
ETag: W/"63636182-3c4b"
Transfer-Encoding: chunked
Content-Type: image/png
Cache-Control: max-age=604800
Connection: keep-alive
Expires: Tue, 25 Apr 2023 11:47:44 GMT

GET
H/1.1 200
OK ze_campescape_lg.png
img.1990i.com/cs/img/maplogo/ 54 KB
54 KB 1885ms
420ms Image
image/png 61.160.236.93
CHINANET-JIANGSU-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.1990i.com/cs/img/maplogo/ze_campescape_lg.png
Requested by: Host: playcs.yikm.net
URL: https://playcs.yikm.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 61.160.236.93 , China, ASN23650 (CHINANET-JIANGSU-PROVINCE-IDC AS Number for CHINANET jiangsu province backbone, CN),
Reverse DNS
Software: nginx/1.20.2 /
Resource Hash: 318276e5b21c78666139a288ce749a227cfc9306d8785f223d94648ae811dcc1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://playcs.yikm.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Tue, 18 Apr 2023 11:47:45 GMT
Content-Encoding: gzip
Last-Modified: Thu, 19 Jan 2023 12:02:07 GMT
Server: nginx/1.20.2
ETag: W/"63c9313f-d7f7"
Transfer-Encoding: chunked
Content-Type: image/png
Cache-Control: max-age=604800
Connection: keep-alive
Expires: Tue, 25 Apr 2023 11:47:45 GMT

GET
H/1.1 200
OK deathrun_bandicoot1.png
img.1990i.com/cs/img/maplogo/ 40 KB
40 KB 1976ms
465ms Image
image/png 61.160.236.93
CHINANET-JIANGSU-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.1990i.com/cs/img/maplogo/deathrun_bandicoot1.png
Requested by: Host: playcs.yikm.net
URL: https://playcs.yikm.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 61.160.236.93 , China, ASN23650 (CHINANET-JIANGSU-PROVINCE-IDC AS Number for CHINANET jiangsu province backbone, CN),
Reverse DNS
Software: nginx/1.20.2 /
Resource Hash: db5307fdda9a09e78038fcdcdc7041672cb97e2b6aced6cdc9fdd25d3601330e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://playcs.yikm.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Tue, 18 Apr 2023 11:47:45 GMT
Content-Encoding: gzip
Last-Modified: Wed, 05 Apr 2023 05:30:24 GMT
Server: nginx/1.20.2
ETag: W/"642d0770-9fdb"
Transfer-Encoding: chunked
Content-Type: image/png
Cache-Control: max-age=604800
Connection: keep-alive
Expires: Tue, 25 Apr 2023 11:47:45 GMT

GET
H/1.1 200
OK de_inferno.png
img.1990i.com/cs/img/maplogo/ 388 KB
389 KB 1949ms
246ms Image
image/png 61.160.236.93
CHINANET-JIANGSU-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.1990i.com/cs/img/maplogo/de_inferno.png
Requested by: Host: playcs.yikm.net
URL: https://playcs.yikm.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 61.160.236.93 , China, ASN23650 (CHINANET-JIANGSU-PROVINCE-IDC AS Number for CHINANET jiangsu province backbone, CN),
Reverse DNS
Software: nginx/1.20.2 /
Resource Hash: 939b80b461069c7bdc26c53119f7239adfdb6c2633ee8be07e52c1e482db24aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://playcs.yikm.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Tue, 18 Apr 2023 11:47:45 GMT
Content-Encoding: gzip
Last-Modified: Thu, 20 Oct 2022 04:16:22 GMT
Server: nginx/1.20.2
ETag: W/"6350cb96-61154"
Transfer-Encoding: chunked
Content-Type: image/png
Cache-Control: max-age=604800
Connection: keep-alive
Expires: Tue, 25 Apr 2023 11:47:45 GMT

GET
H/1.1 200
OK cs_ship.png
img.1990i.com/cs/img/maplogo/ 42 KB
42 KB 517ms
426ms Image
image/png 61.160.236.93
CHINANET-JIANGSU-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.1990i.com/cs/img/maplogo/cs_ship.png
Requested by: Host: playcs.yikm.net
URL: https://playcs.yikm.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 61.160.236.93 , China, ASN23650 (CHINANET-JIANGSU-PROVINCE-IDC AS Number for CHINANET jiangsu province backbone, CN),
Reverse DNS
Software: nginx/1.20.2 /
Resource Hash: cc20714fb078dae243e4a4e563fc06ed133efb3ce9836929bb31abcbde1660d7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://playcs.yikm.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Tue, 18 Apr 2023 11:47:44 GMT
Content-Encoding: gzip
Last-Modified: Sun, 05 Mar 2023 05:02:26 GMT
Server: nginx/1.20.2
ETag: W/"64042262-a7b2"
Transfer-Encoding: chunked
Content-Type: image/png
Cache-Control: max-age=604800
Connection: keep-alive
Expires: Tue, 25 Apr 2023 11:47:44 GMT

GET
H/1.1 200
OK de_dust2.png
img.1990i.com/cs/img/maplogo/ 274 KB
274 KB 433ms
240ms Image
image/png 61.160.236.93
CHINANET-JIANGSU-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.1990i.com/cs/img/maplogo/de_dust2.png
Requested by: Host: playcs.yikm.net
URL: https://playcs.yikm.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 61.160.236.93 , China, ASN23650 (CHINANET-JIANGSU-PROVINCE-IDC AS Number for CHINANET jiangsu province backbone, CN),
Reverse DNS
Software: nginx/1.20.2 /
Resource Hash: 5c1110a5c13872734b494c7c9b589e30b01b99f779d16aee311ab828cb4e1df6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://playcs.yikm.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Tue, 18 Apr 2023 11:47:44 GMT
Content-Encoding: gzip
Last-Modified: Thu, 18 Aug 2022 13:43:49 GMT
Server: nginx/1.20.2
ETag: W/"62fe4215-446f1"
Transfer-Encoding: chunked
Content-Type: image/png
Cache-Control: max-age=604800
Connection: keep-alive
Expires: Tue, 25 Apr 2023 11:47:44 GMT

GET
H/1.1 200
OK css_dust2sky_go.png
img.1990i.com/cs/img/maplogo/ 35 KB
35 KB 1359ms
848ms Image
image/png 61.160.236.93
CHINANET-JIANGSU-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.1990i.com/cs/img/maplogo/css_dust2sky_go.png
Requested by: Host: playcs.yikm.net
URL: https://playcs.yikm.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 61.160.236.93 , China, ASN23650 (CHINANET-JIANGSU-PROVINCE-IDC AS Number for CHINANET jiangsu province backbone, CN),
Reverse DNS
Software: nginx/1.20.2 /
Resource Hash: 471a52e9ddb5b3b9e7d584857d60f65cc3050fcf4add327a9eeb93dee940db4e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://playcs.yikm.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Tue, 18 Apr 2023 11:47:44 GMT
Content-Encoding: gzip
Last-Modified: Sat, 21 Jan 2023 03:13:08 GMT
Server: nginx/1.20.2
ETag: W/"63cb5844-8ac7"
Transfer-Encoding: chunked
Content-Type: image/png
Cache-Control: max-age=604800
Connection: keep-alive
Expires: Tue, 25 Apr 2023 11:47:44 GMT

GET
H/1.1 200
OK cs_zhasini.png
img.1990i.com/cs/img/maplogo/ 58 KB
59 KB 660ms
241ms Image
image/png 61.160.236.93
CHINANET-JIANGSU-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.1990i.com/cs/img/maplogo/cs_zhasini.png
Requested by: Host: playcs.yikm.net
URL: https://playcs.yikm.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 61.160.236.93 , China, ASN23650 (CHINANET-JIANGSU-PROVINCE-IDC AS Number for CHINANET jiangsu province backbone, CN),
Reverse DNS
Software: nginx/1.20.2 /
Resource Hash: e6021642bf72a21003c1478df64d6006d68c7a239f06c26a0a7224fa94186b8f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://playcs.yikm.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Tue, 18 Apr 2023 11:47:44 GMT
Content-Encoding: gzip
Last-Modified: Sat, 04 Mar 2023 05:30:26 GMT
Server: nginx/1.20.2
ETag: W/"6402d772-e982"
Transfer-Encoding: chunked
Content-Type: image/png
Cache-Control: max-age=604800
Connection: keep-alive
Expires: Tue, 25 Apr 2023 11:47:44 GMT

GET
H/1.1 200
OK fy_iceworld2k.png
img.1990i.com/cs/img/maplogo/ 21 KB
21 KB 510ms
213ms Image
image/png 61.160.236.93
CHINANET-JIANGSU-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.1990i.com/cs/img/maplogo/fy_iceworld2k.png
Requested by: Host: playcs.yikm.net
URL: https://playcs.yikm.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 61.160.236.93 , China, ASN23650 (CHINANET-JIANGSU-PROVINCE-IDC AS Number for CHINANET jiangsu province backbone, CN),
Reverse DNS
Software: nginx/1.20.2 /
Resource Hash: 34a2a91df1ea246a4b9c235a36b39be41aa88900231625a54052830986a8e26f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://playcs.yikm.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Tue, 18 Apr 2023 11:47:44 GMT
Content-Encoding: gzip
Last-Modified: Mon, 13 Mar 2023 07:05:21 GMT
Server: nginx/1.20.2
ETag: W/"640ecb31-5409"
Transfer-Encoding: chunked
Content-Type: image/png
Cache-Control: max-age=604800
Connection: keep-alive
Expires: Tue, 25 Apr 2023 11:47:44 GMT

GET
H/1.1 200
OK fy_fodder1.png
img.1990i.com/cs/img/maplogo/ 40 KB
41 KB 657ms
238ms Image
image/png 61.160.236.93
CHINANET-JIANGSU-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.1990i.com/cs/img/maplogo/fy_fodder1.png
Requested by: Host: playcs.yikm.net
URL: https://playcs.yikm.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 61.160.236.93 , China, ASN23650 (CHINANET-JIANGSU-PROVINCE-IDC AS Number for CHINANET jiangsu province backbone, CN),
Reverse DNS
Software: nginx/1.20.2 /
Resource Hash: bf007abacad91883025987c075279b565fa51e1990992da742e64d9b464d28ae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://playcs.yikm.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Tue, 18 Apr 2023 11:47:44 GMT
Content-Encoding: gzip
Last-Modified: Wed, 05 Apr 2023 06:45:12 GMT
Server: nginx/1.20.2
ETag: W/"642d18f8-a13b"
Transfer-Encoding: chunked
Content-Type: image/png
Cache-Control: max-age=604800
Connection: keep-alive
Expires: Tue, 25 Apr 2023 11:47:44 GMT

GET
H/1.1 200
OK jquery-2.0.0.min.js Show response
playcs.yikm.net/js/ 81 KB
33 KB 472ms
186ms Script
application/javascript 64.64.249.2
IT7NET

General

Check archive.org

Show headers Download Go to

Full URL: https://playcs.yikm.net/js/jquery-2.0.0.min.js
Requested by: Host: playcs.yikm.net
URL: https://playcs.yikm.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 64.64.249.2 Los Angeles, United States, ASN25820 (IT7NET, CA),
Reverse DNS: 64.64.249.2.16clouds.com
Software: nginx/1.12.2 /
Resource Hash: 91e8044a4b1bfce3c131d5579965a9808b42cdb9a350a53928d54cd35d6c1451

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://playcs.yikm.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Tue, 18 Apr 2023 11:47:57 GMT
Content-Encoding: gzip
Last-Modified: Mon, 26 Sep 2022 12:39:14 GMT
Server: nginx/1.12.2
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: application/javascript

GET
H/1.1 200
OK index.min.js Show response
playcs.yikm.net/js/ 42 KB
18 KB 631ms
332ms Script
application/javascript 64.64.249.2
IT7NET

General

Check archive.org

Show headers Download Go to

Full URL: https://playcs.yikm.net/js/index.min.js?v=2
Requested by: Host: playcs.yikm.net
URL: https://playcs.yikm.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 64.64.249.2 Los Angeles, United States, ASN25820 (IT7NET, CA),
Reverse DNS: 64.64.249.2.16clouds.com
Software: nginx/1.12.2 /
Resource Hash: f2b86ea7fb021e6b7da9cc39318dd778729f975df7c16c46d03fcd7568a959ff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://playcs.yikm.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Tue, 18 Apr 2023 11:47:57 GMT
Content-Encoding: gzip
Last-Modified: Thu, 02 Mar 2023 06:16:48 GMT
Server: nginx/1.12.2
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: application/javascript

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304120201/ 348 KB
116 KB 90ms
74ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304120201/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2537602355535235&plah=playcs.yikm.net

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2537602355535235

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ea563b0b868a6978bb3936e7d6588c716d0bf24c7b2445a4b221a4bcddc63b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://playcs.yikm.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 11:47:57 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 119208
x-xss-protection: 0
server: cafe
etag: 1473748112427228105
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 18 Apr 2023 11:47:57 GMT

GET
H/1.1 200
OK fontawesome-webfont.woff2
cdn.staticfile.org/font-awesome/4.7.0/fonts/ 75 KB
76 KB 33ms
9ms Font
application/font-woff2 163.181.56.169
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.staticfile.org/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: cdn.staticfile.org
URL: https://cdn.staticfile.org/font-awesome/4.7.0/css/font-awesome.min.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 163.181.56.169 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://cdn.staticfile.org/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://playcs.yikm.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

X-Log: X-Log
Date: Mon, 17 Apr 2023 13:02:31 GMT
Via: cache17.l2de2[0,0,304-0,H], cache11.l2de2[1,0], ens-cache9.de4[0,0,200-0,H], ens-cache8.de4[2,0]
X-Svr: IO
X-Reqid: LHYAAAAB09d7ulYX
Age: 81925
X-Swift-CacheTime: 71600
X-Cache: HIT TCP_HIT dirn:10:106129885
Content-Transfer-Encoding: binary
Content-Disposition: inline; filename="fontawesome-webfont.woff2"; filename*=utf-8''fontawesome-webfont.woff2
Connection: keep-alive
X-Swift-SaveTime: Mon, 17 Apr 2023 17:09:12 GMT
Content-Length: 77160
Last-Modified: Tue, 25 Oct 2016 16:32:06 GMT
Server: Tengine
Etag: "Ftb0jLp9B2-28v1rqZOnW53B7L8M"
Access-Control-Max-Age: 2592000
Vary: Origin
Content-Type: application/font-woff2
Access-Control-Allow-Origin: *
Ali-Swift-Global-Savetime: 1681736552
Access-Control-Expose-Headers: X-Log, X-Reqid
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
X-Qiniu-Zone: 0
Timing-Allow-Origin: *
EagleId: 2ff62b2016818184772052272e

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230413/r20190131/ Frame 59AB 10 KB
5 KB 41ms
6ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230413/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2537602355535235

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://playcs.yikm.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 61808
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 17 Apr 2023 18:37:49 GMT
etag: 2378337311435320485
expires: Mon, 01 May 2023 18:37:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 383 B
601 B 43ms
15ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=playcs.yikm.net&callback=_gfp_s_&client=ca-pub-2537602355535235

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304120201/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2537602355535235&plah=playcs.yikm.net

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

83ac2764b622f72ab8126b194f250075141b7a36bf010326dfbf37bf291100b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://playcs.yikm.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 11:47:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 249
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 89ms
17ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=playcs.yikm.net

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://playcs.yikm.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 11:47:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 43ms
20ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=playcs.yikm.net

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://playcs.yikm.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 11:47:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 44ms
43ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&cls=menu-backdrop&ign=false&pw=1600&ph=1200&x=0&y=1060.8

Requested by

Host: playcs.yikm.net
URL: https://playcs.yikm.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://playcs.yikm.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Apr 2023 11:47:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 44ms
43ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&cls=menu-backdrop&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: playcs.yikm.net
URL: https://playcs.yikm.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://playcs.yikm.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Apr 2023 11:47:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6DF2 159 KB
46 KB 1105ms
1104ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2537602355535235&output=html&adk=1812271804&adf=3025194257&lmt=1681818477&plat=1%3A16777216%2C2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fplaycs.yikm.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681818477213&bpp=6&bdt=190&idt=188&shv=r20230413&mjsv=m202304120201&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6412677836417&frm=20&pv=2&ga_vid=388385906.1681818477&ga_sid=1681818477&ga_hid=204684929&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44759837%2C31071258%2C31071755%2C31073585%2C31073788%2C44788442&oid=2&pvsid=1228140184457733&tmod=299998907&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=229

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

986d16914e407ebf1ea15324d9d9d9b72818264e3c577fe11da2d68497913b74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://playcs.yikm.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 46455
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 18 Apr 2023 11:47:58 GMT
expires: Tue, 18 Apr 2023 11:47:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK hm.js Show response
hm.baidu.com/ 29 KB
12 KB 1932ms
354ms Script
application/javascript 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to

Full URL

https://hm.baidu.com/hm.js?0ff039a569d6695a2ce69332cd833f32

Requested by

Host: playcs.yikm.net
URL: https://playcs.yikm.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

ae12f731ef7c3815bf41887ddc4d9b0c376c173ab20fb453a1711b1c7981d44e

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://playcs.yikm.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Tue, 18 Apr 2023 11:47:59 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=172800
Server: apache
Etag: 73b718e3c0415e2d6496d1efb7a5220f
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type: application/javascript
Cache-Control: max-age=0, must-revalidate
Content-Length: 11263

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304120201/ 150 KB
51 KB 71ms
71ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304120201/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fd4f90e90338539dec46c009508419b26a86094e75670977332b36c0da16a6bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://playcs.yikm.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 11:47:58 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52058
x-xss-protection: 0
server: cafe
etag: 15508023193235675821
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 18 Apr 2023 11:47:58 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 33ms
19ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=playcs.yikm.net

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://playcs.yikm.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 11:47:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 27ms
18ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=playcs.yikm.net

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://playcs.yikm.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 11:47:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230413/r20110914/ Frame E1D1 10 KB
4 KB 27ms
20ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230413/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://playcs.yikm.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 45114
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 17 Apr 2023 23:16:04 GMT
etag: 2378337311435320485
expires: Mon, 01 May 2023 23:16:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame E1D1 4 KB
1 KB 62ms
16ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230413/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1ae367420c242e83f64dd6cba96fca46a5285d40116c0e849c7752d40303c1ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 18 Apr 2023 11:47:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 18 Apr 2023 10:51:15 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 18 Apr 2023 11:47:58 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame E1D1 205 B
295 B 50ms
9ms Image
image/png 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230413/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 02:33:13 GMT
x-content-type-options: nosniff
age: 33285
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 17 Apr 2024 02:33:13 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame E1D1 604 B
1 KB 48ms
8ms Image
image/png 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230413/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 11:20:52 GMT
x-content-type-options: nosniff
age: 1626
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 17 Apr 2024 11:20:52 GMT

GET
H2 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230413/r20110914/elements/html/ Frame E1D1 13 KB
6 KB 54ms
12ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230413/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230413/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e719752a773076ca8e3f549032753877c83cafb2a640feb0886d9af24a3b44d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 00:56:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 39075
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5669
x-xss-protection: 0
server: cafe
etag: 11655758664418369095
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 02 May 2023 00:56:43 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230413/r20110914/elements/html/ Frame E1D1 19 KB
8 KB 53ms
10ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230413/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230413/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c5663a1ab2a975aedc88dbbf644d92980a966b614286321a39baac756077b738

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 16:23:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69884
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8167
x-xss-protection: 0
server: cafe
etag: 3140062999518874537
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 01 May 2023 16:23:14 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame F03E 8 KB
966 B 17ms
16ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230413/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

05ee926cc9bf2039ad93af941a67d23d84bd78ecd9d6ef53ff85eeaf744cbd89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 18 Apr 2023 11:47:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 18 Apr 2023 10:12:18 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 18 Apr 2023 11:47:58 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230413/r20110914/client/ Frame F03E 2 KB
846 B 10ms
9ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230413/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230413/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 18:48:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61141
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 01 May 2023 18:48:57 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230413/r20110914/ Frame F03E 22 KB
9 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230413/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230413/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

26f2c1abc7720059c2f88aac37f0b15cd551c1b69b522eef0bf782cefcc98dc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 16:08:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70780
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8756
x-xss-protection: 0
server: cafe
etag: 5179999606349116156
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 01 May 2023 16:08:18 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230413/r20110914/client/ Frame F03E 3 KB
1 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230413/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230413/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 08:06:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13279
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 02 May 2023 08:06:39 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230413/r20110914/client/ Frame F03E 20 KB
8 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230413/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230413/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1b3b73852f7856f1a0f317701846bc7853eb5b127ba882c23c5073dbe6d022d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 15:59:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71288
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8509
x-xss-protection: 0
server: cafe
etag: 3034682829645713766
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 01 May 2023 15:59:50 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F03E 159 KB
49 KB 75ms
20ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230413/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cbeee230de9adc4b4765d4387c54fa936a5c26f8306fe0e6f5f8415284f56c33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 11:47:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49801
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1681299295334834"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 18 Apr 2023 11:47:59 GMT

GET
H2 200 c15427455071565d8097eb04c444439b.js Show response
www.gstatic.com/mysidia/ Frame F03E 33 KB
14 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/c15427455071565d8097eb04c444439b.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230413/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

02fb5a960b6817695b363d2294c0945cc75bf10cd17e5a03b3ff68229b9f0d77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 19:53:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 57281
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14106
x-xss-protection: 0
last-modified: Fri, 14 Apr 2023 00:44:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 16 Jul 2023 19:53:17 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame B132 143 B
166 B 7ms
6ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230413/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230413/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 842
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 18 Apr 2023 11:33:57 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame B132
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

20ms
19ms

Document
text/html

2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230413/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 18 Apr 2023 11:47:59 GMT
expires: Tue, 18 Apr 2023 11:47:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 18 Apr 2023 11:47:59 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 kBq9KUdG_fSJS_g22hG5IJOh94ldGEt94wg22nyNOr4.js Show response
pagead2.googlesyndication.com/bg/ Frame 7E91 36 KB
14 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/kBq9KUdG_fSJS_g22hG5IJOh94ldGEt94wg22nyNOr4.js

Requested by

Host: playcs.yikm.net
URL: https://playcs.yikm.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

901abd294746fdf4894bf836da11b92093a1f7895d184b7de30836da7c8d3abe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 05:50:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21433
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14442
x-xss-protection: 0
last-modified: Tue, 11 Apr 2023 10:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 17 Apr 2024 05:50:46 GMT

GET
H/1.1 200
OK hm.gif
hm.baidu.com/ 43 B
299 B 362ms
362ms Image
image/gif 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=117020886&si=0ff039a569d6695a2ce69332cd833f32&v=1.3.0&lv=1&sn=59310&r=0&ww=1600&u=https%3A%2F%2Fplaycs.yikm.net%2F&tt=%E5%9C%A8%E7%BA%BF%E7%8E%A9cs1.6%2C%E6%97%A0%E9%9C%80%E4%B8%8B%E8%BD%BD%E5%AE%A2%E6%88%B7%E7%AB%AF

Requested by

Host: playcs.yikm.net
URL: https://playcs.yikm.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://playcs.yikm.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 18 Apr 2023 11:48:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
Server: apache
Content-Type: image/gif
Cache-Control: private, max-age=0, no-cache
Content-Length: 43

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 58ms
57ms XHR
application/json 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230413&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3e0f4cad38c3a175ba3b40ff9d8d76345b75ab962a448658f7acf0c40d1a3475

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://playcs.yikm.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 11:48:01 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11325
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://playcs.yikm.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 11:48:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 18 Apr 2023 11:48:01 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6285 13 KB
5 KB 9ms
7ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://playcs.yikm.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 11406
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 18 Apr 2023 08:37:55 GMT
expires: Wed, 17 Apr 2024 08:37:55 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame AE10 783 B
971 B 17ms
16ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

422e4cfc07e1b63b3f2baab6d12f7da09dfe423b1baa61fa6dcf98d85f1eb632

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-2cXaPdL-VxzC4M_ZkiANOg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://playcs.yikm.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-2cXaPdL-VxzC4M_ZkiANOg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 18 Apr 2023 11:48:01 GMT
expires: Tue, 18 Apr 2023 11:48:01 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 kBq9KUdG_fSJS_g22hG5IJOh94ldGEt94wg22nyNOr4.js Show response
pagead2.googlesyndication.com/bg/ Frame 6285 36 KB
14 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/kBq9KUdG_fSJS_g22hG5IJOh94ldGEt94wg22nyNOr4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

901abd294746fdf4894bf836da11b92093a1f7895d184b7de30836da7c8d3abe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 05:50:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21435
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14442
x-xss-protection: 0
last-modified: Tue, 11 Apr 2023 10:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 17 Apr 2024 05:50:46 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame AE10 0
0 40ms
40ms Image
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230413&jk=1228140184457733&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 6285 0
10 B 7ms
6ms Image
text/plain 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?xCZV5g
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 11:48:01 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 44ms
43ms Image
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230413&jk=1228140184457733&bg=!xMelx5PNAAZA7GLoYOw7ADkAdvg8WhC0HvV7EzLtFj5_SPHJPbI2ZMp_RW-NgpOMx25taRcpYftIVsNd0OZExpY4O96Wbc9ZLzYCAAAA21IAAAAEaAEHmQLxDUO4iDk5tLMbGrP2Iw4WDfnPXo9MX06-8L8hdIfIw7iux4q_LqTWI0Q1BInflfZVOcoE4Kff5ap4GWUghCrjo03uI3nbQ222PjnX5tGg828kIjytUPAGncxErXJbTlJs8NGyhDvKlnJnCUPD__3Kpr1A5EHb95NcoFAl52djG5-_iLBQwewYSJiXLB0l8HhT_Oe4EUjF_NOqllnnKxnQSojKPG-H-vNN-rEP1uWTnZ4HodzXm-Tklq8FLLH-ENu5TiWm20V6OQdqBnKVC6aNkOTO1eMoX9fbc2rkZ-v_CQNfHEcmkWTpBUGUSLa7BrtbpFisRp3GqJ-vzX3SNfSgcCoC_55-KcRMXlWG9ES3pIohmY6v9DwOFnc4-W6-0j2oSNkb7vrWFt5_VWLb_ZGiTz7Ta9RaxbKnLfrWrL2182ECmAfi-aayNHqgMmAo4F9DVgTwIBDfdM8HP2o3F8-xwOJ1bkMtm_X1tBuhKYeBlrqz7PrfJ7UhacWrjDk48CfnRBDr14PxqmmleXXd1moI5-_SEvt6yNw8RjW0oW4wsqhTcMk2IvX63srhilzAry2yCLVp0WZnjWmr93LCboV4Qi06W0DlYZ41IdLCNSHbz0CzbwMmPqsCmzaW_1o0UoIsyDg8zSr6QYb3AAJBctzqnf3AH65SHAQcmjsmzx9KAe_2z7S0Mg_fJ5fH_H4L6aVw0FtYCgIR3u2XjU_spVIhKQ75DN_bgF8gZWSMGu-bZgktgbdWrcLNhW2HQrhsK4U9kCwi7jg8uqPQvFD0AfK9fwtdVoNPS0IDVmhgKGD6grqHkwMEB8VLbkzntJY-SFTqFuR_qVCtXZYHydXGVrC7AnlP1aEkQNaDMCnjKbT37BnW_pIAhmb1QHGikiD17SoCwp3asSwoLOhQDMKr4Rn_kfshVlti6pG_OQfc-vKy8yZTzo3WTVU51a6qwUA0XxUoZuFBnr5DQd_v-c8ttYheZ2SanGgZM7w0T13DKyblkQ98
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://playcs.yikm.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

54 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.yikm.net/	1970-01-20 20:31:54	Name: __gads Value: ID=cfac918df5831129-22ee64c79edd00c7:T=1681818477:RT=1681818477:S=ALNI_Ma05G2qIuFIDyTbTS8Y4NQuW2SaEQ
.yikm.net/	1970-01-20 20:31:54	Name: __gpi Value: UID=00000bd8007dd529:T=1681818477:RT=1681818477:S=ALNI_MbhV_gQIqBqh7B_tt0iMfZZVSu61w
.doubleclick.net/	1970-01-20 11:10:19	Name: test_cookie Value: CheckForPermission
.doubleclick.net/	1970-01-20 11:10:22	Name: DSID Value: NO_DATA
.hm.baidu.com/	1970-01-20 20:46:18	Name: HMACCOUNT_BFESS Value: 6AAF9D53D8C07E14
.playcs.yikm.net/	1970-01-20 19:55:54	Name: Hm_lvt_0ff039a569d6695a2ce69332cd833f32 Value: 1681818480
.playcs.yikm.net/	1969-12-31 23:59:59	Name: Hm_lpvt_0ff039a569d6695a2ce69332cd833f32 Value: 1681818480

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
cdn.staticfile.org
fonts.googleapis.com
googleads.g.doubleclick.net
hm.baidu.com
img.1990i.com
pagead2.googlesyndication.com
partner.googleadservices.com
playcs.yikm.net
tpc.googlesyndication.com
www.google.com
www.googletagservices.com
www.gstatic.com
103.235.46.191
163.181.56.169
2a00:1450:4001:800::2002
2a00:1450:4001:802::2002
2a00:1450:4001:806::2002
2a00:1450:4001:809::2002
2a00:1450:4001:80b::2002
2a00:1450:4001:812::2003
2a00:1450:4001:812::200a
2a00:1450:4001:82a::2001
2a00:1450:4001:82b::2004
61.160.236.93
64.64.249.2
02fb5a960b6817695b363d2294c0945cc75bf10cd17e5a03b3ff68229b9f0d77
05ee926cc9bf2039ad93af941a67d23d84bd78ecd9d6ef53ff85eeaf744cbd89
075952d834817f3035bbc370388b8ac3761f26a73c266d28ebe81536927f56b2
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1ae367420c242e83f64dd6cba96fca46a5285d40116c0e849c7752d40303c1ab
26f2c1abc7720059c2f88aac37f0b15cd551c1b69b522eef0bf782cefcc98dc5
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
30c5c0346947fa3f57734e801de2da5895e43565821ea283a6c0b63bef1641fb
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
318276e5b21c78666139a288ce749a227cfc9306d8785f223d94648ae811dcc1
32de6a9300cf92e7b9bafb3dd3dfabcec444c72445af64209f674597d8a0a8a0
34a2a91df1ea246a4b9c235a36b39be41aa88900231625a54052830986a8e26f
3e0f4cad38c3a175ba3b40ff9d8d76345b75ab962a448658f7acf0c40d1a3475
422e4cfc07e1b63b3f2baab6d12f7da09dfe423b1baa61fa6dcf98d85f1eb632
471a52e9ddb5b3b9e7d584857d60f65cc3050fcf4add327a9eeb93dee940db4e
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5c1110a5c13872734b494c7c9b589e30b01b99f779d16aee311ab828cb4e1df6
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6e51e2b45543acd28b12fa04a3e98708a7524b187162c2dc638198a092924c8d
7764969e552b83982e6388316606211ce35735bcd2dae7b82509fc8c6858a031
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7c4dac3aeec35ebe83e584037539b4414022295489192f91412138bc0d8696c7
808f8bc48b32aed870131d6778213ef8243bb9ff73c803ac193da27613f94573
83ac2764b622f72ab8126b194f250075141b7a36bf010326dfbf37bf291100b8
901abd294746fdf4894bf836da11b92093a1f7895d184b7de30836da7c8d3abe
91e8044a4b1bfce3c131d5579965a9808b42cdb9a350a53928d54cd35d6c1451
939b80b461069c7bdc26c53119f7239adfdb6c2633ee8be07e52c1e482db24aa
986d16914e407ebf1ea15324d9d9d9b72818264e3c577fe11da2d68497913b74
9ea563b0b868a6978bb3936e7d6588c716d0bf24c7b2445a4b221a4bcddc63b5
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
ae12f731ef7c3815bf41887ddc4d9b0c376c173ab20fb453a1711b1c7981d44e
b1b3b73852f7856f1a0f317701846bc7853eb5b127ba882c23c5073dbe6d022d
bf007abacad91883025987c075279b565fa51e1990992da742e64d9b464d28ae
c5663a1ab2a975aedc88dbbf644d92980a966b614286321a39baac756077b738
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
cbeee230de9adc4b4765d4387c54fa936a5c26f8306fe0e6f5f8415284f56c33
cc20714fb078dae243e4a4e563fc06ed133efb3ce9836929bb31abcbde1660d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
db5307fdda9a09e78038fcdcdc7041672cb97e2b6aced6cdc9fdd25d3601330e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6021642bf72a21003c1478df64d6006d68c7a239f06c26a0a7224fa94186b8f
e719752a773076ca8e3f549032753877c83cafb2a640feb0886d9af24a3b44d3
f2b86ea7fb021e6b7da9cc39318dd778729f975df7c16c46d03fcd7568a959ff
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f7b285dad3a08b17accaeb3edda2c0663a7e9fc8a09bd040e80c09b5cc14df2c
fb1763b59f9f5764294b5af9fa5250835ae608282fe6f2f2213a5952aacf1fbf
fd4f90e90338539dec46c009508419b26a86094e75670977332b36c0da16a6bf

playcs.yikm.net Open in urlscan Pro 64.64.249.2 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

59 Requests

100 %HTTPS

69 %IPv6

12 Domains

14 Subdomains

13 IPs

4 Countries

1738 kBTransfer

3168 kBSize

7 Cookies

1 Outgoing links

Redirected requests

59 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

playcs.yikm.net Open in urlscan Pro
64.64.249.2 Public Scan

Screenshot
Live screenshot

Full Image

59
Requests

100 %
HTTPS

69 %
IPv6

12
Domains

14
Subdomains

13
IPs

4
Countries

1738 kB
Transfer

3168 kB
Size

7
Cookies

59 HTTP transactions
0 data transactions