www.trade.tf Open in urlscan Pro
2606:4700:3031::6815:7b6 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.trade.tf/
Submission: On January 19 via api (January 19th 2024, 9:20:29 pm UTC) from US — Scanned from US

Summary HTTP 129 Redirects Links 22 Behaviour Indicators

Summary

This website contacted 17 IPs in 1 countries across 12 domains to perform 129 HTTP transactions. The main IP is 2606:4700:3031::6815:7b6, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.trade.tf.
TLS certificate: Issued by E1 on January 2nd 2024. Valid for: 3 months.

This is the only time www.trade.tf was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
10	2606:4700:303... 2606:4700:3031::6815:7b6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2607:f8b0:400... 2607:f8b0:4004:c17::61	15169 (GOOGLE) (GOOGLE)
17	2607:f8b0:400... 2607:f8b0:4004:c0b::9d	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4004:c09::5f	15169 (GOOGLE) (GOOGLE)
15	23.40.179.161 23.40.179.161	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4 19	2607:f8b0:400... 2607:f8b0:4004:c1d::9b	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4004:c08::8a	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c09::9b	15169 (GOOGLE) (GOOGLE)
9	2607:f8b0:400... 2607:f8b0:4004:c09::5e	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4004:c19::5f	15169 (GOOGLE) (GOOGLE)
29	2607:f8b0:400... 2607:f8b0:4006:820::2001	15169 (GOOGLE) (GOOGLE)
5	2607:f8b0:400... 2607:f8b0:4004:c06::9c	15169 (GOOGLE) (GOOGLE)
4 5	2607:f8b0:400... 2607:f8b0:4006:81d::2004	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:81e::2003	15169 (GOOGLE) (GOOGLE)
8	172.253.122.155 172.253.122.155	15169 (GOOGLE) (GOOGLE)
129	17

10 2606:4700:3031::6815:7b6 (United States)

ASN13335 (CLOUDFLARENET, US)

www.trade.tf	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c17::61 (Washington, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2607:f8b0:4004:c0b::9d (Ashburn, United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4004:c09::5f (Ashburn, United States)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 23.40.179.161 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-40-179-161.deploy.static.akamaitechnologies.com

steamcdn-a.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2607:f8b0:4004:c1d::9b (Washington, United States) 4 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4004:c08::8a (Ashburn, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c09::9b (Ashburn, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2607:f8b0:4004:c09::5e (Ashburn, United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4004:c19::5f (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 2607:f8b0:4006:820::2001 (Colchester, United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4004:c06::9c (Washington, United States)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4006:81d::2004 (Colchester, United States) 4 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:81e::2003 (Colchester, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 172.253.122.155 (United States)

ASN15169 (GOOGLE, US)
PTR: bh-in-f155.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
46	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 110 tpc.googlesyndication.com — Cisco Umbrella Rank: 157	683 KB
20	doubleclick.net 4 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 38 stats.g.doubleclick.net — Cisco Umbrella Rank: 79	201 KB
15	akamaihd.net steamcdn-a.akamaihd.net — Cisco Umbrella Rank: 47180	93 KB
11	gstatic.com www.gstatic.com fonts.gstatic.com	131 KB
10	trade.tf www.trade.tf	206 KB
8	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 145
7	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 369 fonts.googleapis.com — Cisco Umbrella Rank: 28	81 KB
5	google.com 4 redirects www.google.com — Cisco Umbrella Rank: 2	899 B
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 230	325 KB
5	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 225	62 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	21 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 37	160 KB
129	12

	Domain	Requested by
29	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
19	googleads.g.doubleclick.net	4 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net
17	pagead2.googlesyndication.com	www.trade.tf pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com
15	steamcdn-a.akamaihd.net	www.trade.tf
10	www.trade.tf	www.trade.tf
9	www.gstatic.com	googleads.g.doubleclick.net
8	www.googleadservices.com	googleads.g.doubleclick.net www.trade.tf
5	www.google.com	4 redirects tpc.googlesyndication.com
5	www.googletagservices.com	googleads.g.doubleclick.net
5	cdnjs.cloudflare.com	www.trade.tf cdnjs.cloudflare.com
4	fonts.googleapis.com	googleads.g.doubleclick.net
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	ajax.googleapis.com	www.trade.tf
2	fonts.gstatic.com	fonts.googleapis.com
2	www.googletagmanager.com	www.trade.tf www.googletagmanager.com
1	stats.g.doubleclick.net	www.google-analytics.com
129	16

This site contains links to these domains. Also see Links.

Domain
cookiesandyou.com
backpack.tf
calculator.tf
tf2finance.com
steamcommunity.com
bazaar.tf
www.reddit.com
stntrading.eu
rep.tf
steamrep.com
one-crate-per-week.tumblr.com
www.steampowered.com
getbootstrap.com
fontawesome.com

Subject Issuer	Validity	Valid
trade.tf E1	`2024-01-02` - `2024-04-01`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
a248.e.akamai.net DigiCert TLS RSA SHA256 2020 CA1	`2023-05-16` - `2024-05-15`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh

This page contains 20 frames:

Primary Page: https://www.trade.tf/
Frame ID: C7D6015D9C9CFAD849A4DCCECFC75234
Requests: 46 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20190131/zrt_lookup_fy2021.html
Frame ID: 3AFC241619287CBD3412A80CEB377014
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4076213113591339&output=html&adk=1812271804&adf=3025194257&lmt=1705699222&plat=2%3A16777216%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x945_l&format=0x0&url=https%3A%2F%2Fwww.trade.tf%2F&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~3~4~6&aslcwct=150&asacwct=25&aslmct=0.7&asamct=0.7&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705699222422&bpp=7&bdt=646&idt=246&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6107269395400&frm=20&pv=2&ga_vid=141220164.1705699223&ga_sid=1705699223&ga_hid=747198708&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C44795921%2C95320890%2C95321626%2C95321862%2C95322163&oid=2&pvsid=1610472755000211&tmod=971595744&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=319
Frame ID: 1B18C652DA3504C4D93EFE0AB236EB27
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4076213113591339&output=html&h=600&slotname=6270017237&adk=2426417292&adf=1334588671&pi=t.ma~as.6270017237&w=160&fwrn=4&fwrnh=100&lmt=1705699222&rafmt=1&format=160x600&url=https%3A%2F%2Fwww.trade.tf%2F&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705699222429&bpp=3&bdt=653&idt=317&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6107269395400&frm=20&pv=1&ga_vid=141220164.1705699223&ga_sid=1705699223&ga_hid=747198708&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1439&ady=462&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C44795921%2C95320890%2C95321626%2C95321862%2C95322163&oid=2&pvsid=1610472755000211&tmod=971595744&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaE%7C&abl=CA&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=325
Frame ID: CA5B67AA03A450F14A396262DE5D002E
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4076213113591339&output=html&h=280&slotname=6270017237&adk=784790761&adf=398669345&pi=t.ma~as.6270017237&w=940&fwrn=4&fwrnh=100&lmt=1705699222&rafmt=1&format=940x280&url=https%3A%2F%2Fwww.trade.tf%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705699222432&bpp=3&bdt=656&idt=408&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600&nras=1&correlator=6107269395400&frm=20&pv=1&ga_vid=141220164.1705699223&ga_sid=1705699223&ga_hid=747198708&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=330&ady=575&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C44795921%2C95320890%2C95321626%2C95321862%2C95322163&oid=2&pvsid=1610472755000211&tmod=971595744&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CpeE%7C&abl=NS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=413
Frame ID: C2741CE8401799B514E6592B740724A5
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 31A5AA3B335E09262FA5FFC96F987308
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 9571245B8CE5D6E93B61659AE065073D
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 8B87D091E55A9EF0B3B3BE5D54DDDD8C
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: E426B991AA73F0A5555D3192EB3BEFF5
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: E4BD9FDE93B95222662D44CC1E7006A5
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: D22629C25B99D8DF20993007B2D9D684
Requests: 2 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Poppins%3A400%2C600
Frame ID: E73E774F4B216878FCDFE92DAA6B6477
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: D29555DF192BBA3A233E1DA111CADF29
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/WCj_J8NcEslNDYs839d7KGBgNEN8AJkC0oz39by2qQc.js
Frame ID: A092660A7321B430EF03FE054CD48E62
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/WCj_J8NcEslNDYs839d7KGBgNEN8AJkC0oz39by2qQc.js
Frame ID: DF7823A475B346DCBCDFC3FC60FC6A47
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/WCj_J8NcEslNDYs839d7KGBgNEN8AJkC0oz39by2qQc.js
Frame ID: C156B451E6EA253A1ACB1A3CBBE02F4F
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/WCj_J8NcEslNDYs839d7KGBgNEN8AJkC0oz39by2qQc.js
Frame ID: F1285AB9A4BAF5C7C4888E8B5C06E8FB
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/WCj_J8NcEslNDYs839d7KGBgNEN8AJkC0oz39by2qQc.js
Frame ID: 8150830CA08FB386CEAB1B492D3FF0B6
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 916804319AA066882184265D7A2F04D3
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 3340B411B74E22B6DED02610566E5273
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Trade.TF - Home

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AngularJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+(?:-?rc[.\d]*)*)/angular(?:\.min)?\.js
\bangular.{0,32}\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Osano (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cookieconsent\.min\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

129
Requests

97 %
HTTPS

88 %
IPv6

12
Domains

16
Subdomains

17
IPs

1
Countries

1964 kB
Transfer

5049 kB
Size

9
Cookies

22 Outgoing links

These are links going to different origins than the main page.

URL: https://cookiesandyou.com/
Title: Learn more about cookies, because I'm sure you love seeing this kind of popup

Search URL Search Domain Scan URL

URL: https://backpack.tf/pricelist/spreadsheet
Title: Backpack.tf

Search URL Search Domain Scan URL

URL: https://calculator.tf/
Title: Calculator.tf

Search URL Search Domain Scan URL

URL: http://tf2finance.com/
Title: TF2 Finance

Search URL Search Domain Scan URL

URL: https://steamcommunity.com/groups/trade_tf
Title: Join Trade.tf Steam Group

Search URL Search Domain Scan URL

URL: https://backpack.tf/
Title: backpack.tf

Search URL Search Domain Scan URL

URL: https://bazaar.tf/
Title: bazaar.tf

Search URL Search Domain Scan URL

URL: https://www.reddit.com/r/tf2trade/
Title: Reddit tf2trade

Search URL Search Domain Scan URL

URL: https://stntrading.eu/
Title: STN-Trading

Search URL Search Domain Scan URL

URL: https://rep.tf/
Title: Rep.tf

Search URL Search Domain Scan URL

URL: https://steamrep.com/
Title: SteamRep

Search URL Search Domain Scan URL

URL: https://one-crate-per-week.tumblr.com/
Title: One Crate Per Week

Search URL Search Domain Scan URL

URL: https://steamcommunity.com/groups/trade_tf/discussions
Title: Forums

Search URL Search Domain Scan URL

URL: https://steamcommunity.com/groups/trade_tf/discussions/3/
Title: Suggest a feature

Search URL Search Domain Scan URL

URL: https://steamcommunity.com/groups/trade_tf/discussions/
Title: Contact us

Search URL Search Domain Scan URL

URL: https://steamcommunity.com/profiles/76561198003911532/
Title: iKonakona

Search URL Search Domain Scan URL

URL: https://steamcommunity.com/profiles/76561197970267736
Title: Swag [Inc]

Search URL Search Domain Scan URL

URL: https://steamcommunity.com/profiles/76561197960539410
Title: ༺ buddhapest ༻

Search URL Search Domain Scan URL

URL: https://www.steampowered.com/
Title: Powered by Steam

Search URL Search Domain Scan URL

URL: https://backpack.tf/developer/particles
Title: backpack.tf

Search URL Search Domain Scan URL

URL: https://getbootstrap.com/
Title: Bootstrap

Search URL Search Domain Scan URL

URL: https://fontawesome.com/
Title: Font Awesome

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 61

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 66

https://googleads.g.doubleclick.net/pagead/adview?ai=ChRUtlueqZfbwOr3q0_wP9_aFsAL1o8iNdbXS9v-LErCQHxABIMCBiAJgyYaAgNyjxBCgAZyv-6gCyAECqAMByAPJBKoE9AFP0BwMIDUkQIAPvhGYI0EjjSetsG8EjRRFsOogDTxLQwBYF0qPnzsh_z16BRFPCJ6VA3nvM7NZpaIIrj6MugkEZx0slQ0B7X8xbhORnWxBUGuz5X49JeBUv4zkADNrMDmrEax9kj3-d86rhDIe5H-A0FrHw21tIQNNPzZ69dFraMYn5uxa9WcgBqyjDM1Q19sjJjFiV2cA2ZnncJ6urkvsh2bLOawLqREarXtDpUW0gU0SKmA223EyrDI0UyV1-vftfKPv82kyiezqugCBYiy-A9OACkDLBXu1ngqmGmW7kU3VHlONzaLDy3CRzLrMyeUcBA7wwASs9pr-5gSIBdSC4tRNkgUECAQYAZIFBAgFGASgBgKAB8zQhNcBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwQQ4YQ20ggfCIBhEAEYHzICigI6BIBAgEBIvf3BOlio35zisOqDA5oJ6gFodHRwczovL3d3dy5oZXJvLXdhcnMuY29tLz9kZWxheWVkc2lnbnVwPXRydWUmbnhfc291cmNlPWFkeF9hZHdvcmRzZGlzcGxheS5od193Yl91Y18tLmNjLXRpZXIxLmctbS5hLTI1NTQuYXUtcml2YWxzLm9wdC1wdXJjaGFzZTIuY29tLW5ld2FjLmNyLWJhZGNob2ljZThhLmNuLTk3MF8yNTAubHAtZGVsYXllZC5kdC1kaXNwbGF5LmNpZC0yMDg0NzI5Njg1Mi5hZ2lkLTE2NTA4NDA1MjI2OC5jc2QtMjgxMjIzLi2ACgHICwGiDAgqBgoErLqxAtoMEAoKEICFyby828GbDhICAQPYEw3QFQGYFgGAFwGyFxwKGggAEhRwdWItNDA3NjIxMzExMzU5MTMzORgA&sigh=yYOpZFPCYkw&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwAvHhf_d7hftyO_1BdoNLp_jVJ7lADu9jsXPcCteKZ7ad7Fgt2vOPhFjUQVHzMpElTrbMQYyMsm5QKWt1pMQgJBiuhg8NcKGRgG5cqWr-kYAQ&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x3da7ec19563a181d0000000000000000%22,%222%22:%220x5999e537037599210000000000000000%22,%223%22:%220xb0bb75c209733c850000000000000000%22,%224%22:%220xfec729d27d4e2db70000000000000000%22,%225%22:%220x26a2f32e7d5550d80000000000000000%22},%22debug_key%22:%2215556330112215714708%22,%22debug_reporting%22:true,%22destination%22:%22https://hero-wars.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22622778268%22],%2222%22:[%22true%22],%224%22:[%2201-19%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%228513378774024888177%22}&andc=true

Request Chain 88

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 102

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 104

https://googleads.g.doubleclick.net/pagead/adview?ai=CRmQ1lueqZb69Od6IoPMP64SwiAijwPiqdf3X_9yTEtiHxcWLDhABIMCBiAJgyYaAgNyjxBCgAcDEs98DyAECqAMByAPJBKoE8QFP0Bv7fKAk22TveCqICGRN_auLkA0Dg7xXJXqh8KvAVwfksGSrsMQsCG-qNmESwH7_64DWqiOxh-ME13iZqLbgjX4xHUYxXZCltWw4mJ0dtHNFpJg_crIS2pw9ROj8MvM2qxeKtqeQSR_KqW8_AYDzwEMl5TRrAVbM3vKEsnccqsY29Uanlmfwhg_UlliIKk7EWcjfjEgmS-g9zsI0RQqn242Ea_8dzDXW63xUokdjlTFjTtNd3GKDDVUfCjK9YxlcuY8kHNd41X7N6b5uld_C2mMdATgOv9SCpsryW6pO2RPLahHVVNTK2Dzu0zSr7tgawASDn_GK4ASIBcXqqqtKkgUECAQYAZIFBAgFGASgBgKAB6i7zCCoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBCApgfSCB8IgGEQARgfMgKKAjoEgECAQEi9_cE6WMe8m-Kw6oMDmglBaHR0cHM6Ly9yZWdpc3Rlci5rb2dnYW1lcy5jb20vZWxzd29yZG9ubGluZT9zaXRlPWdvb2dsZXVzYW5pbWUyLjCACgHICwGiDAgqBgoErLqxAtoMEQoLEODSk5-Lyr-SlAESAgED2BMM0BUBgBcBshccChoIABIUcHViLTQwNzYyMTMxMTM1OTEzMzkYAA&sigh=xUuv0UVdEk4&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTgAvHhf__Bg-FN5f95beVqzypQZOran8aRViasek9jIMsFmyK3RwKuEYYBBHemyP2ZFuncD7IdIKom5wxem8v-ed5rqDdxHGmxtHLGRB2xgB&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xf0bdb138b475bdb0000000000000000%22,%222%22:%220xbf7965c768b615040000000000000000%22,%223%22:%220x9cfc79be21e0180a0000000000000000%22,%224%22:%220xd379f17688bae5d30000000000000000%22,%225%22:%220xf84249f1e1335e740000000000000000%22},%22debug_key%22:%225375801272350044925%22,%22debug_reporting%22:true,%22destination%22:%22https://koggames.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221005380160%22],%2222%22:[%22true%22],%224%22:[%2201-19%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%229199175991693337793%22}&andc=true

Request Chain 107

https://googleads.g.doubleclick.net/pagead/adview?ai=C4vkQlueqZb-9Od6IoPMP64SwiAjyve21dYX-2PGiEq7N8NnlQBABIMCBiAJgyYaAgNyjxBCgAanU8toDyAEBqAMByAPLBKoE8wFP0Ko07F5Yk6gXZG1MTMzBNYXagcYQV5sKoYyYvU_Xgsm-tv2uJTxKt5fsyi2q4EVgcsnpvEvEIBlh3uP4BLhUZ2CMh3QHl1jhpcv_9rRjZA3dwpGvKmszcIH1CrI_7WuvMP4JV95e4ew_x3v4A0OrfeaS7gWErStAY7J_AGeKHdLxJUEVJeE5FAK5VB-Eknc6l9KPqq1EH7JvWBCKJUDGop_G_TipEgPfz4gI3tgCOdBqy5J1g_TsL699tygZQeSJThKqPU4sYjF6a-BgEynW2memF2lxJ753-55_ghrcIjTnC0CoZMw206E2PrJ31zRD39XABNmS_IHOBIgFgKi1h02SBQQIBBgBkgUECAUYBIAHv6uNJagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcEEMTxD9IIHwiAYRABGB8yAooCOgSAQIBASL39wTpYx7yb4rDqgwOaCR1odHRwczovL3d3dy5icmFuZHNtYXJ0dXNhLmNvbYAKAcgLAaIMCCoGCgSsurEC2gwQCgoQ4JHpubHepu01EgIBA9gTCogUAtAVAZgWAYAXAbIXHAoaCAASFHB1Yi00MDc2MjEzMTEzNTkxMzM5GAA&sigh=bDm2WyA1UMs&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTgAvHhf__Bg-FN5f95beVqzypQZOran8aRViasek9jIMsFmyK3RwKuEYYBBHemyP2ZFuncD7IdIKom5wxem8v-ed5rqDdxHGmxtHLGRB2xgB&template_id=5001&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x32bbf1dfa66b09d70000000000000000%22,%222%22:%220x3a910a25d03ffd810000000000000000%22,%223%22:%220x858bed0b8e4e58330000000000000000%22,%224%22:%220x383fef1f6baaf5530000000000000000%22,%225%22:%220xeabc974f9f4205e60000000000000000%22},%22debug_key%22:%227002517923185613913%22,%22debug_reporting%22:true,%22destination%22:%22https://brandsmartusa.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22995928617%22],%2222%22:[%22true%22],%224%22:[%2201-19%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%229058871250058886625%22}&andc=true

Request Chain 108

https://googleads.g.doubleclick.net/pagead/adview?ai=C0KzGlueqZZzjOdTl0_wP1cm4-APpqqSxdMG8kLCNEeWP_MIDEAEgwIGIAmDJhoCA3KPEEKAB_9uKyAPIAQGoAwHIA8sEqgT5AU_QpmoSSeAQqDBCXm9AIGY406AclCShdw27S-1kebUHqdAr2bavpVBVDI-A3m0Dc7LPHa5AfKUia0QlVgXKGBAXzWWNgyRVtdIREZyKra2qGrBHVc4oRps4hEkdq_2xozT4pCRnZ8rkNf0Tu7RVuYN041Ug9ZhlUwXMwB3fDwy7ItCRKhUKmXATKAq58dpIUpSaCaGHAnSfHA_lFfni_dIgdFHVYKX75zHSvCip6rJ6ED4nENo7QKC2QJaFVfLIDFsTJqhxBAqs7DJTZXyQHpdINJLrggDDwj-Se218VHtbjg2VSILu0NCd4HafSiLOOM9gSHsNYEoI3cAEmrPYkMwDiAXbvoSYLJIFBAgEGAGSBQQIBRgEgAfR262iAqgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcEEL3bBdIIHwiAYRABGB8yAooCOgSAQIBASL39wTpY58qb4rDqgwOaCYoBaHR0cHM6Ly93d3cuZ3JhbW1hcmx5LmNvbS9hP3V0bV9tZWRpdW09Y3BjJnV0bV9zb3VyY2U9Z2RuJnV0bV9jYW1wYWlnbj0xMTg2MTU2NTI3NSZ1dG1fY29udGVudD02NDIzNjI2MTMwNjkmdXRtX3Rlcm09d3d3LnRyYWRlLnRmJmRldmljZT1jgAoByAsB2gwQCgoQ0JGV54_cxahhEgIBA9gTC4gUAdAVAYAXAbIXHAoaCAASFHB1Yi00MDc2MjEzMTEzNTkxMzM5GAA&sigh=63QxTpcw-cY&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwAvHhf_aqC9k4-4wqiJCTm2_z-xfx5Fy2zjALFKE04OlbelOpOgRTIrlOeSRiSGx_VD7pftpT_b7e0EMMLY-h_rUhAgiG5Mnni7x3v24GwYAQ&template_id=5001&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xc792fb3ca8270cc0000000000000000%22,%222%22:%220xe657f7a5f2954d170000000000000000%22,%223%22:%220x33f56bce77df10380000000000000000%22,%224%22:%220xdfff109d5a79ebc90000000000000000%22,%225%22:%220xd94b17f4d276b4c30000000000000000%22},%22debug_key%22:%221414790328753953439%22,%22debug_reporting%22:true,%22destination%22:%22https://grammarly.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22956476927%22],%2222%22:[%22true%22],%224%22:[%2201-19%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%225224734907819616657%22}&andc=true

Request Chain 109

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

129 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.trade.tf/ 30 KB
7 KB 554ms
242ms Document
text/html 2606:4700:3031::6815:7b6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.trade.tf/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:7b6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 23d67cf6d8761c0e509eea047f2bab73bc2b2361cbe95a806f0a4e9bb7e93903

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 84821f06a97e4974-MIA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 19 Jan 2024 21:20:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mvkqpTgZ5LJ5W0iTXqi7MQpGGGENRdNddUFdQ%2B1pedEomCmC8kt6PGCRCpRxAte9Ugu%2FtWsBYvYs5B5o8gO4ebIgK2KhUzYaDulPQkmwS2%2FgTikwc16iv5QQ%2B0GreNu6rgjZxWux4dXjvOw%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 slate.min.css
www.trade.tf/static/bootstrap/css/ 127 KB
20 KB 267ms
262ms Stylesheet
text/css 2606:4700:3031::6815:7b6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.trade.tf/static/bootstrap/css/slate.min.css
Requested by: Host: www.trade.tf
URL: https://www.trade.tf/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:7b6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: daf05b85df73e0361ce7c486d0c8e4e9ee2a87135ff13da6ef3183230e89d28a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.trade.tf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 21:20:22 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 28 Dec 2017 19:38:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"5a454828-1fc9e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RO2i5epknwdzLKRRWKPNOr4Oaxucgx%2FoTWt995VjpLPW7xSQZ%2BXvoNJ67mEU%2BobTzNBagOMyQp%2BCHeHNgJkBRAccNMMqlg971umD81GKye51RR384g5vpVksDUC1brM4rGh4z7KJFYMsbA0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=2592000
cf-ray: 84821f083bec4974-MIA
alt-svc: h3=":443"; ma=86400
expires: Sun, 18 Feb 2024 21:20:21 GMT

GET
H2 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/3.2.1/css/ 22 KB
4 KB 121ms
42ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/3.2.1/css/font-awesome.min.css

Requested by

Host: www.trade.tf
URL: https://www.trade.tf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

326b994ec59c7334f52211fbd5aa909a36b98d1717cb798bfcd3af8d4cbdb6ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.trade.tf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 21:20:21 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1214183
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 3555
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-5644"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LrjxeCPo27j6WElILbtHkrSejui8CiN4NbVuAB6R8bzRO%2BRSl%2Fvm28C2w2lGQpAcyJvA1alRkKs0F0%2BH7fkQGOaKs1ylk1ijJ0vBxZOKdkBdYGjMN0js1jTkrtjgmkQjthMfluoUjxcNjBxLHsXMW1bQ"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 84821f08bbec6dda-MIA
expires: Wed, 08 Jan 2025 21:20:21 GMT

GET
H2 200 dealstf.css
www.trade.tf/static/css/ 38 KB
7 KB 48ms
44ms Stylesheet
text/css 2606:4700:3031::6815:7b6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.trade.tf/static/css/dealstf.css?v=1158e2e13894f1369179e77b29fd99dc
Requested by: Host: www.trade.tf
URL: https://www.trade.tf/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:7b6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc1870914d241976837c4cf1cc02d03d2d809d19b36dfbe4654c2ebba4ea37fb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.trade.tf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 21:20:21 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 15 Jan 2024 15:48:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 178210
etag: W/"65a553ca-9837"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ghFhLuDdrhFEQqgeROFmb7iI82BKZMhbRkB12wYRMepJa8T6wZ%2BIvZlLO9X%2BGcdIfK9gOTTTPHpL5EYFgFn55275eiioyk%2BiIbmWwX6xB7kJzUZ47Xe4xfHQ4lLdKlSDWpcOr4kBUe%2BF284%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=2592000
cf-ray: 84821f083bed4974-MIA
alt-svc: h3=":443"; ma=86400
expires: Fri, 16 Feb 2024 19:50:11 GMT

GET
H2 200 cookieconsent.min.css
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/ 4 KB
1 KB 161ms
81ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.css

Requested by

Host: www.trade.tf
URL: https://www.trade.tf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

79b378e8f3c1fece39a1472a2e7d920ab80eb5881525a1622d9dbaa954aa23c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.trade.tf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 21:20:21 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 562
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 975
last-modified: Mon, 04 May 2020 16:09:17 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e2d-fe0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jznRy4Zr7Ag50rhek1WzkRgPUgHRJzfQYxfDeZ7w6xjI%2FsVM1LPNL%2FoN%2B12Dh%2B4K%2FHOiVtJn2MNLP1QG5UsGi%2FdztY6pNcFQ382U1G5nXKoN%2BSB13ZsrCrWErvgi%2FunaED6GrzWK8W05W0dO3RKdDnWD"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 84821f08bbe86dda-MIA
expires: Wed, 08 Jan 2025 21:20:21 GMT

GET
H2 200 cookieconsent.min.js Show response
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/ 20 KB
6 KB 122ms
43ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js

Requested by

Host: www.trade.tf
URL: https://www.trade.tf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cb41292903f6bd996333bdfe6fbc58e1dbdb6109074505ee3ea46373bb23be70

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.trade.tf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 21:20:21 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 5739920
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5978
last-modified: Mon, 04 May 2020 16:09:17 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e2d-5148"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1uIdpBzz8H7PlwdFcbYWS41Ulty6c81XqT5VOS6R46MuSTa%2BAgqquTPay6I92zuPoAsaSiSOFuvvCtZc5WSjJ%2Bcg%2FRWtsVi55e0IUK8t1CZ7rYchzE1eoaveAPqaUrcco1cTW9am62g1%2BABODhii6uhw"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 84821f08bbee6dda-MIA
expires: Wed, 08 Jan 2025 21:20:21 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 189 KB
68 KB 213ms
85ms Script
application/javascript 2607:f8b0:4004:c17::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-113015528-1

Requested by

Host: www.trade.tf
URL: https://www.trade.tf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7910a51a82fc1e1dd8546981b72cc66ac2755725d8a25d529c23c0b71c5b5169

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.trade.tf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 21:20:22 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 69406
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 19 Jan 2024 21:20:22 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 149 KB
51 KB 220ms
93ms Script
text/javascript 2607:f8b0:4004:c0b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.trade.tf
URL: https://www.trade.tf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c0b::9d Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

52a823d5b5f84e0b155d06eaef9870f69066ea636604e9ac9b5a325290cb6e3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.trade.tf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 21:20:22 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51590
x-xss-protection: 0
server: cafe
etag: 17946771224407293576
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Fri, 19 Jan 2024 21:20:22 GMT

GET
H2 200 angular.min.js Show response
ajax.googleapis.com/ajax/libs/angularjs/1.2.27/ 105 KB
39 KB 190ms
63ms Script
text/javascript 2607:f8b0:4004:c09::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/angularjs/1.2.27/angular.min.js

Requested by

Host: www.trade.tf
URL: https://www.trade.tf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::5f Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

518c6c0658bec1cf1c1ecd52570d2161fde5950954c0bb8a9d18a2df4dc8be4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.trade.tf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 20:20:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 89988
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40236
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 Jan 2025 20:20:33 GMT

GET
H2 200 angular-animate.min.js Show response
ajax.googleapis.com/ajax/libs/angularjs/1.2.27/ 11 KB
5 KB 186ms
60ms Script
text/javascript 2607:f8b0:4004:c09::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/angularjs/1.2.27/angular-animate.min.js

Requested by

Host: www.trade.tf
URL: https://www.trade.tf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::5f Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7cb917e3a229afc9ff9d7213791f72df91e26b4712a601b0ffe848eb34e9abae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.trade.tf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 21:20:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4448
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 18 Jan 2025 21:20:21 GMT

GET
H2 200 steam.png
www.trade.tf/static/img/ 5 KB
5 KB 46ms
43ms Image
image/png 2606:4700:3031::6815:7b6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.trade.tf/static/img/steam.png
Requested by: Host: www.trade.tf
URL: https://www.trade.tf/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:7b6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b7ebcdfa3017de021ad7fb7198717178c8a79e69b0f38aa2bb455a020e60b41c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.trade.tf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 21:20:21 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 178210
alt-svc: h3=":443"; ma=86400
content-length: 4847
last-modified: Thu, 28 Dec 2017 19:38:16 GMT
server: cloudflare
etag: "5a454828-12ef"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L0QkE%2FP2BFgADpH7Pn%2BUYg4uwVi%2BgVNos2nElj72ORyGx2hAoD8BuJEro280saV98n0uPczoUHgX2r7I4mfeOLKH6Q78oCHW4tm4x7gDm0NGXwnqgK5IDBvLkjhah4zuDy91497lngfrhAI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 84821f084bef4974-MIA
expires: Fri, 16 Feb 2024 19:50:11 GMT

GET
H2 200 mvm_ticket.174c8f33d98ff44117cce8ed73a689bbd2328281.png
steamcdn-a.akamaihd.net/apps/440/icons/ 10 KB
10 KB 274ms
75ms Image
image/png 23.40.179.161
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://steamcdn-a.akamaihd.net/apps/440/icons/mvm_ticket.174c8f33d98ff44117cce8ed73a689bbd2328281.png
Requested by: Host: www.trade.tf
URL: https://www.trade.tf/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.40.179.161 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-40-179-161.deploy.static.akamaitechnologies.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 1cafba9bd21c8f8c31cb6eb55f0c29a6b6afe26272fec3b6ba2e343e95c5d46a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.trade.tf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 21:20:22 GMT
last-modified: Fri, 20 Oct 2017 21:18:59 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "59ea6843-2847"
content-type: image/png
cache-control: public, max-age=314083142
accept-ranges: bytes
content-length: 10311
expires: Mon, 02 Jan 2034 02:39:24 GMT

GET
H2 200 key.be0a5e2cda3a039132c35b67319829d785e50352.png
steamcdn-a.akamaihd.net/apps/440/icons/ 6 KB
6 KB 229ms
78ms Image
image/png 23.40.179.161
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://steamcdn-a.akamaihd.net/apps/440/icons/key.be0a5e2cda3a039132c35b67319829d785e50352.png
Requested by: Host: www.trade.tf
URL: https://www.trade.tf/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.40.179.161 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-40-179-161.deploy.static.akamaitechnologies.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: ca7f8c61cf9109d6421ac472d3d16cc65d0b4f8557062c69cc75f7ec927e7330

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.trade.tf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 21:20:22 GMT
last-modified: Fri, 20 Oct 2017 21:18:55 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "59ea683f-1625"
content-type: image/png
cache-control: public, max-age=313993581
accept-ranges: bytes
content-length: 5669
expires: Sun, 01 Jan 2034 01:46:43 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.11.3/ 94 KB
33 KB 67ms
59ms Script
text/javascript 2607:f8b0:4004:c09::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js

Requested by

Host: www.trade.tf
URL: https://www.trade.tf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::5f Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.trade.tf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 20:11:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 90538
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33507
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 Jan 2025 20:11:24 GMT

GET
H2 200 bootstrap.min.js Show response
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/2.3.2/js/ 28 KB
7 KB 50ms
47ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/2.3.2/js/bootstrap.min.js

Requested by

Host: www.trade.tf
URL: https://www.trade.tf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b260d056edb6c39eeeed00ffc7bccded9160bb9c1f03c62d77a99181ae88a08b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.trade.tf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 21:20:22 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 3875150
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 6700
last-modified: Mon, 04 May 2020 16:17:20 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04010-6fd7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2PdXW%2FcNOmvAuRc6%2FLQVVfD022ZJhaTvChuu4f517jHssAbwh5j20bnOg0gVvB%2FjYk0TdJAtuLPc38O%2BOHZpyILGwRacbrLjbezrbRCRzqlnmwnnd%2B9PNvU4VC8F5A3lt5a5zY5F3KHlXrrUSencqEtR"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 84821f0a1d826dda-MIA
expires: Wed, 08 Jan 2025 21:20:22 GMT

GET
H3 200 globals.js Show response
www.trade.tf/static/js/ 151 KB
45 KB 85ms
84ms Script
application/javascript 2606:4700:3031::6815:7b6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.trade.tf/static/js/globals.js?v=656b50305d095afa0445e243b426dcf9
Requested by: Host: www.trade.tf
URL: https://www.trade.tf/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:7b6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d888f2002c589f694e31873f974324ddccff9c3acc0dba35792144ce5c5e2965

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.trade.tf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 21:20:22 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 10 Jan 2024 01:06:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 773624
etag: W/"659ded9e-25aa6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Stzk2H8JrHj7rIeKHS7mGNSRo1RbiN41jrShHwQOhs6SkvH%2Br3%2Bnjvqk8FBdFIWN%2Bcs2IXW7cmaD%2FkeUHqWZl7nRkuc3H%2BJ6LMCh0XpzWXwdu7Gsu7Zk4VqlyQBa0yl3xkHH4NdEXOLbOKo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2592000
cf-ray: 84821f0a0d3b5c69-MIA
alt-svc: h3=":443"; ma=86400
expires: Fri, 09 Feb 2024 22:26:38 GMT

GET
H3 200 tradetf.js Show response
www.trade.tf/static/js/ 6 KB
2 KB 120ms
119ms Script
application/javascript 2606:4700:3031::6815:7b6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.trade.tf/static/js/tradetf.js?v=949f3c9a7225e25dcaea9c5751ca1b58
Requested by: Host: www.trade.tf
URL: https://www.trade.tf/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:7b6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7ec5f169c1fd3e7e173dd916e16142c95740686e5f1ef4fc27aac740b7526df3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.trade.tf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 21:20:22 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 28 Dec 2017 19:38:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1449022
etag: W/"5a454828-16c3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EB7Rk8%2FjRWoRHmI%2FIRZ7M0phRbKJOpiNLZ%2Fm%2F4tAAqdjmsOJVSo0axN4ti1P5HexTtEoWMVHy8Fy1bPDYFNyhAXv1j9FCX0zYjlRbzT%2B1TdX8JDwxnYK%2Bm5wUh4zQq%2BPbUYZyHPJjQVDrPs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2592000
cf-ray: 84821f0a0d3e5c69-MIA
alt-svc: h3=":443"; ma=86400
expires: Fri, 02 Feb 2024 02:50:00 GMT

GET
H3 200 trade-logo.png
www.trade.tf/static/img/ 2 KB
2 KB 120ms
120ms Image
image/png 2606:4700:3031::6815:7b6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.trade.tf/static/img/trade-logo.png
Requested by: Host: www.trade.tf
URL: https://www.trade.tf/static/css/dealstf.css?v=1158e2e13894f1369179e77b29fd99dc
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:7b6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a179272b1532b5d0ab551004e01d698d9a84a6aa96f8fc7b466fdbb49a94f5a2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.trade.tf/static/css/dealstf.css?v=1158e2e13894f1369179e77b29fd99dc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 21:20:22 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1731823
alt-svc: h3=":443"; ma=86400
content-length: 1793
last-modified: Thu, 28 Dec 2017 19:38:16 GMT
server: cloudflare
etag: "5a454828-701"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L02woG2RKFW4e%2BKOVrXYv4pqHCFVb8TFr01ZjrohDEhlcXW1oQW0V%2FACuoBjZ0llSTd5IctW3mEiK9%2FtLFTH4qO2WGUPhZ9zs1rpfVI1rK%2FzhHKt%2FV5jaYIGjJf7zpR%2FrkYObPSdjDzq0GA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 84821f0a1d465c69-MIA
expires: Mon, 29 Jan 2024 20:16:39 GMT

GET
H3 200 engi_store_432_434E50.jpg
www.trade.tf/static/img/ 104 KB
104 KB 47ms
46ms Image
image/jpeg 2606:4700:3031::6815:7b6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.trade.tf/static/img/engi_store_432_434E50.jpg
Requested by: Host: www.trade.tf
URL: https://www.trade.tf/static/css/dealstf.css?v=1158e2e13894f1369179e77b29fd99dc
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:7b6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7d89922dac3b2e4a94617d95927549b79c65a12188423b4cbfa4d4729a66838a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.trade.tf/static/css/dealstf.css?v=1158e2e13894f1369179e77b29fd99dc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 21:20:22 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1637188
alt-svc: h3=":443"; ma=86400
content-length: 106137
last-modified: Thu, 28 Dec 2017 19:38:16 GMT
server: cloudflare
etag: "5a454828-19e99"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wYel4Rj3GJEM2jz7NfhlcIRmBgFaL4%2FycFIEQ17OyJHziSVH6TlUn%2BTmEgD0%2FWnFigMhwjkKU0kx7%2FG59wNWjHMrVKV02%2Bb4htQAX3SYQvcaIrdkiJcXly9E4z55hcntVs%2FTf1jY1Jk6GIA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 84821f0a1d4a5c69-MIA
expires: Tue, 30 Jan 2024 22:33:54 GMT

GET
H3 200 fontawesome-webfont.woff
cdnjs.cloudflare.com/ajax/libs/font-awesome/3.2.1/font/ 43 KB
43 KB 78ms
42ms Font
application/octet-stream 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/3.2.1/font/fontawesome-webfont.woff?v=3.2.1

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/3.2.1/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

97aa2b34732c852c83a87a12c82d2231892fb82470f53271cdd612587b12bb22

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/3.2.1/css/font-awesome.min.css
Origin: https://www.trade.tf
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 21:20:22 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 739091
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 43576
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-aa34"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=58h4QEP3NXEqdjKQQwRw0QtwxrLqXkNNuM64OdH0FC%2BindFlYoIyr9JnAp%2Bism089cHsGuKuyfWQ0B2nzkQ6MqhelBQxwYgztm0kQ7bZ4RcIhNPIs%2BfLHNFxoyf%2FS7%2FaDiICRn1XVmLzeC2D%2BYJGhxw9"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 84821f0a4ed07498-MIA
expires: Wed, 08 Jan 2025 21:20:22 GMT

GET
H2 200 c_pickaxe.eda38e0c44a0a13cfbc8089d699e369dde3b65f6.png
steamcdn-a.akamaihd.net/apps/440/icons/ 4 KB
4 KB 104ms
100ms Image
image/png 23.40.179.161
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://steamcdn-a.akamaihd.net/apps/440/icons/c_pickaxe.eda38e0c44a0a13cfbc8089d699e369dde3b65f6.png
Requested by: Host: www.trade.tf
URL: https://www.trade.tf/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.40.179.161 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-40-179-161.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 67cf9d45d8e56e929fca5c04b19d3978aa635ccdd565217f68555092b82b67ad

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.trade.tf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 21:20:22 GMT
last-modified: Fri, 20 Oct 2017 21:08:41 GMT
server: nginx
etag: "59ea65d9-e78"
content-type: image/png
cache-control: public, max-age=314654979
accept-ranges: bytes
content-length: 3704
expires: Sun, 08 Jan 2034 17:30:01 GMT

GET
H2 200 pile_of_junk3.6f7e42fae0507065287c7b5c51aa05c2420161ba.png
steamcdn-a.akamaihd.net/apps/440/icons/ 10 KB
10 KB 105ms
102ms Image
image/png 23.40.179.161
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://steamcdn-a.akamaihd.net/apps/440/icons/pile_of_junk3.6f7e42fae0507065287c7b5c51aa05c2420161ba.png
Requested by: Host: www.trade.tf
URL: https://www.trade.tf/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.40.179.161 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-40-179-161.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: c27f15b93735a79566c424c2fc8d881c2b88e9df031621d8dc791f6f8701ef6d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.trade.tf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 21:20:22 GMT
last-modified: Fri, 20 Oct 2017 21:19:02 GMT
server: nginx
etag: "59ea6846-26b0"
content-type: image/png
cache-control: public, max-age=315078807
accept-ranges: bytes
content-length: 9904
expires: Fri, 13 Jan 2034 15:13:49 GMT

GET
H2 200 earbuds.5816fc8fd4e6be4bd274b050fab0526d13bfe7b3.png
steamcdn-a.akamaihd.net/apps/440/icons/ 2 KB
2 KB 133ms
130ms Image
image/png 23.40.179.161
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://steamcdn-a.akamaihd.net/apps/440/icons/earbuds.5816fc8fd4e6be4bd274b050fab0526d13bfe7b3.png
Requested by: Host: www.trade.tf
URL: https://www.trade.tf/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.40.179.161 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-40-179-161.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 15a9c499d86f4844d0e2cd387d3dd88e1c3735c902673f0762beaaf1480c9ddc

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.trade.tf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 21:20:22 GMT
last-modified: Fri, 20 Oct 2017 21:08:50 GMT
server: nginx
etag: "59ea65e2-76a"
content-type: image/png
cache-control: public, max-age=313634303
accept-ranges: bytes
content-length: 1898
expires: Tue, 27 Dec 2033 21:58:45 GMT

GET
H2 200 knife_shield.d32ee782841ae325c17664770e41a3dc388a227a.png
steamcdn-a.akamaihd.net/apps/440/icons/ 9 KB
9 KB 120ms
117ms Image
image/png 23.40.179.161
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://steamcdn-a.akamaihd.net/apps/440/icons/knife_shield.d32ee782841ae325c17664770e41a3dc388a227a.png
Requested by: Host: www.trade.tf
URL: https://www.trade.tf/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.40.179.161 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-40-179-161.deploy.static.akamaitechnologies.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 951aa021e9f474890ed99ac351a517943b153aabe3872d8d80d441ddefff0624

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.trade.tf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 21:20:22 GMT
last-modified: Fri, 20 Oct 2017 21:18:56 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "59ea6840-2381"
content-type: image/png
cache-control: public, max-age=315255246
accept-ranges: bytes
content-length: 9089
expires: Sun, 15 Jan 2034 16:14:28 GMT

GET
H2 200 disco_fever.c37411bd2ebf7d31836745ebefc65feb807a3f4e.png
steamcdn-a.akamaihd.net/apps/440/icons/ 6 KB
6 KB 108ms
105ms Image
image/png 23.40.179.161
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://steamcdn-a.akamaihd.net/apps/440/icons/disco_fever.c37411bd2ebf7d31836745ebefc65feb807a3f4e.png
Requested by: Host: www.trade.tf
URL: https://www.trade.tf/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.40.179.161 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-40-179-161.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 82306dc4e66c96d254282f864ada3466f081b6ea21ef90c83657f4529d806e27

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.trade.tf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 21:20:22 GMT
last-modified: Fri, 08 Jul 2016 00:06:57 GMT
server: nginx
etag: "577eeea1-185d"
content-type: image/png
cache-control: public, max-age=313939783
accept-ranges: bytes
content-length: 6237
expires: Sat, 31 Dec 2033 10:50:05 GMT

GET
H3 200 Flame%20Thrower.png
www.trade.tf/static/img/440/australium/128/ 10 KB
11 KB 195ms
193ms Image
image/png 2606:4700:3031::6815:7b6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.trade.tf/static/img/440/australium/128/Flame%20Thrower.png
Requested by: Host: www.trade.tf
URL: https://www.trade.tf/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:7b6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0aebdf62672da67c3427908d34b03431aa9dcdd125adf3ced02dc693ee6dc89e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.trade.tf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 21:20:22 GMT
cf-cache-status: MISS
last-modified: Thu, 28 Dec 2017 19:38:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5a454828-281c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LWN38avWIPTyOOy4o%2FKlM5WL2pc0LXvZMiCcladJC4MM%2FcnxMEhwdscCamowBcOfrLi6HjLou9Uf202T05yfei0BmuBlhoqDLzGOt4xprwDOshLW%2FUydKColNsCI2gMHjNl0LFaYf3kNW4M%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 84821f0b4f315c69-MIA
alt-svc: h3=":443"; ma=86400
content-length: 10268
expires: Sun, 18 Feb 2024 21:20:22 GMT

GET
H2 200 c_dex_arm.e35f4aa351fd9f154ff53dbdfe6afe04eace9c19.png
steamcdn-a.akamaihd.net/apps/440/icons/ 7 KB
7 KB 112ms
110ms Image
image/png 23.40.179.161
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://steamcdn-a.akamaihd.net/apps/440/icons/c_dex_arm.e35f4aa351fd9f154ff53dbdfe6afe04eace9c19.png
Requested by: Host: www.trade.tf
URL: https://www.trade.tf/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.40.179.161 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-40-179-161.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 303975a8c50f7d21403d170dcbca826784fcd9d8943100a6e23c32bb8963775f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.trade.tf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 21:20:22 GMT
last-modified: Fri, 20 Oct 2017 21:08:39 GMT
server: nginx
etag: "59ea65d7-1bba"
content-type: image/png
cache-control: public, max-age=315258377
accept-ranges: bytes
content-length: 7098
expires: Sun, 15 Jan 2034 17:06:39 GMT

GET
H2 200 c_russian_riot.dc3602ef56c25c1220a729e443e126d1b0d4a8c5.png
steamcdn-a.akamaihd.net/apps/440/icons/ 4 KB
4 KB 117ms
115ms Image
image/png 23.40.179.161
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://steamcdn-a.akamaihd.net/apps/440/icons/c_russian_riot.dc3602ef56c25c1220a729e443e126d1b0d4a8c5.png
Requested by: Host: www.trade.tf
URL: https://www.trade.tf/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.40.179.161 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-40-179-161.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 3a2f2b9547a70ee2dd2a8aa071d62f1e1dc33c042a129dc1c6a5bb05bb6f95d5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.trade.tf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 21:20:22 GMT
last-modified: Fri, 20 Oct 2017 21:08:42 GMT
server: nginx
etag: "59ea65da-f7e"
content-type: image/png
cache-control: public, max-age=315258425
accept-ranges: bytes
content-length: 3966
expires: Sun, 15 Jan 2034 17:07:27 GMT

GET
H2 200 c_tomislav.63b27a0a5c67654fd012428ea06236be9ace35e9.png
steamcdn-a.akamaihd.net/apps/440/icons/ 7 KB
7 KB 114ms
112ms Image
image/png 23.40.179.161
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://steamcdn-a.akamaihd.net/apps/440/icons/c_tomislav.63b27a0a5c67654fd012428ea06236be9ace35e9.png
Requested by: Host: www.trade.tf
URL: https://www.trade.tf/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.40.179.161 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-40-179-161.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 887d1c436fde0c833b411997660080f321868123daa9c5138b4dade31b0cc410

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.trade.tf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 21:20:22 GMT
last-modified: Fri, 20 Oct 2017 21:08:44 GMT
server: nginx
etag: "59ea65dc-1d2b"
content-type: image/png
cache-control: public, max-age=314006822
accept-ranges: bytes
content-length: 7467
expires: Sun, 01 Jan 2034 05:27:24 GMT

GET
H2 200 c_dex_sniperrifle.81e976fb35c261054d3537c3d74d7559a4dac397.png
steamcdn-a.akamaihd.net/apps/440/icons/ 5 KB
5 KB 109ms
108ms Image
image/png 23.40.179.161
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://steamcdn-a.akamaihd.net/apps/440/icons/c_dex_sniperrifle.81e976fb35c261054d3537c3d74d7559a4dac397.png
Requested by: Host: www.trade.tf
URL: https://www.trade.tf/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.40.179.161 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-40-179-161.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: cacb6c284c3f25344eeb2defdde16d679624451996aa3fe8a7adae92dc2d0d7c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.trade.tf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 21:20:22 GMT
last-modified: Wed, 07 Oct 2015 00:41:26 GMT
server: nginx
etag: "56146a36-140f"
content-type: image/png
cache-control: public, max-age=315255238
accept-ranges: bytes
content-length: 5135
expires: Sun, 15 Jan 2034 16:14:20 GMT

GET
H2 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401160101/ 402 KB
136 KB 112ms
111ms Script
text/javascript 2607:f8b0:4004:c0b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401160101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c0b::9d Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

10e99aecf6203286f7eced9c2e3f0a0f79515161048acc88703c8a1689b84eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.trade.tf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 21:20:22 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 139587
x-xss-protection: 0
server: cafe
etag: 11339921433502012018
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 19 Jan 2024 21:20:22 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240118/r20190131/ Frame 3AFC 9 KB
4 KB 198ms
66ms Document
text/html 2607:f8b0:4004:c1d::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240118/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.trade.tf/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 27115
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4173
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 19 Jan 2024 13:48:27 GMT
etag: 9219409622527106327
expires: Fri, 02 Feb 2024 13:48:27 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 280 KB
92 KB 89ms
88ms Script
application/javascript 2607:f8b0:4004:c17::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-DNWGQF789W&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-113015528-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

957ba3d011c26237204cc699388f2a515274e031c5bd87f7d302f610d115a74e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.trade.tf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 21:20:22 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 94160
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 19 Jan 2024 21:20:22 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 442ms
58ms Script
text/javascript 2607:f8b0:4004:c08::8a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-113015528-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::8a Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.trade.tf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 19 Jan 2024 19:59:39 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 4843
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Fri, 19 Jan 2024 21:59:39 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1B18 526 KB
101 KB 782ms
778ms Document
text/html 2607:f8b0:4004:c1d::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4076213113591339&output=html&adk=1812271804&adf=3025194257&lmt=1705699222&plat=2%3A16777216%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x945_l&format=0x0&url=https%3A%2F%2Fwww.trade.tf%2F&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~3~4~6&aslcwct=150&asacwct=25&aslmct=0.7&asamct=0.7&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705699222422&bpp=7&bdt=646&idt=246&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6107269395400&frm=20&pv=2&ga_vid=141220164.1705699223&ga_sid=1705699223&ga_hid=747198708&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C44795921%2C95320890%2C95321626%2C95321862%2C95322163&oid=2&pvsid=1610472755000211&tmod=971595744&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=319

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401160101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fc55a512d324d3a696078ab55aa6f919f284b15169ca30e74afa80fdf48e419c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.trade.tf/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 103114
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 19 Jan 2024 21:20:23 GMT
expires: Fri, 19 Jan 2024 21:20:23 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 115ms
114ms Image
image/gif 2607:f8b0:4004:c0b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&id=trade_tf_navbar&cls=navbar%20navbar-inverse%20navbar-fixed-top&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: www.trade.tf
URL: https://www.trade.tf/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c0b::9d Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.trade.tf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jan 2024 21:20:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame CA5B 130 KB
43 KB 631ms
630ms Document
text/html 2607:f8b0:4004:c1d::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4076213113591339&output=html&h=600&slotname=6270017237&adk=2426417292&adf=1334588671&pi=t.ma~as.6270017237&w=160&fwrn=4&fwrnh=100&lmt=1705699222&rafmt=1&format=160x600&url=https%3A%2F%2Fwww.trade.tf%2F&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705699222429&bpp=3&bdt=653&idt=317&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6107269395400&frm=20&pv=1&ga_vid=141220164.1705699223&ga_sid=1705699223&ga_hid=747198708&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1439&ady=462&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C44795921%2C95320890%2C95321626%2C95321862%2C95322163&oid=2&pvsid=1610472755000211&tmod=971595744&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaE%7C&abl=CA&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=325

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401160101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f1d64384d4281692b8288d9c7b12c437c8c68f0ed524cbffa961183af79900b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.trade.tf/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 43827
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 19 Jan 2024 21:20:23 GMT
expires: Fri, 19 Jan 2024 21:20:23 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
www.google-analytics.com/g/ 0
160 B 177ms
115ms Ping
text/plain 2607:f8b0:4004:c08::8a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-DNWGQF789W&gtm=45je41h0v9100353369&_p=1705699222058&gcd=11l1l1l1l1&dma=0&cid=141220164.1705699223&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=1&sid=1705699222&sct=1&seg=0&dl=https%3A%2F%2Fwww.trade.tf%2F&dt=Trade.TF%20-%20Home&en=page_view&_fv=1&_ss=1&tfd=1622
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DNWGQF789W&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c08::8a Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.trade.tf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jan 2024 21:20:22 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.trade.tf
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C274 103 KB
39 KB 898ms
897ms Document
text/html 2607:f8b0:4004:c1d::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4076213113591339&output=html&h=280&slotname=6270017237&adk=784790761&adf=398669345&pi=t.ma~as.6270017237&w=940&fwrn=4&fwrnh=100&lmt=1705699222&rafmt=1&format=940x280&url=https%3A%2F%2Fwww.trade.tf%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705699222432&bpp=3&bdt=656&idt=408&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600&nras=1&correlator=6107269395400&frm=20&pv=1&ga_vid=141220164.1705699223&ga_sid=1705699223&ga_hid=747198708&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=330&ady=575&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C44795921%2C95320890%2C95321626%2C95321862%2C95322163&oid=2&pvsid=1610472755000211&tmod=971595744&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CpeE%7C&abl=NS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=413

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401160101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4a18fcc906bc39c7a49f4b3e3b4575dbc86817e956716f08cb967c96247f7c31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.trade.tf/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 39375
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 19 Jan 2024 21:20:23 GMT
expires: Fri, 19 Jan 2024 21:20:23 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
92 B 67ms
65ms XHR
text/plain 2607:f8b0:4004:c08::8a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=747198708&t=pageview&_s=1&dl=https%3A%2F%2Fwww.trade.tf%2F&ul=en-us&de=UTF-8&dt=Trade.TF%20-%20Home&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1376073750&gjid=2130386130&cid=141220164.1705699223&tid=UA-113015528-1&_gid=1338597320.1705699223&_r=1&gtm=457e41h0&gcd=11l1l1l1l1&dma=0&jsscut=1&z=936818141

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::8a Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.trade.tf/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 19 Jan 2024 21:20:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.trade.tf
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
344 B 355ms
69ms XHR
text/plain 2607:f8b0:4004:c09::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-113015528-1&cid=141220164.1705699223&jid=1376073750&gjid=2130386130&_gid=1338597320.1705699223&_u=YADAAUAAAAAAACAAI~&z=607349521

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::9b Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.trade.tf/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 19 Jan 2024 21:20:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.trade.tf
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 4b0ef9dfa83525e0607f42119c034d23.js Show response
www.gstatic.com/mysidia/ Frame CA5B 9 KB
4 KB 426ms
63ms Script
text/javascript 2607:f8b0:4004:c09::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/4b0ef9dfa83525e0607f42119c034d23.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4076213113591339&output=html&h=600&slotname=6270017237&adk=2426417292&adf=1334588671&pi=t.ma~as.6270017237&w=160&fwrn=4&fwrnh=100&lmt=1705699222&rafmt=1&format=160x600&url=https%3A%2F%2Fwww.trade.tf%2F&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705699222429&bpp=3&bdt=653&idt=317&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6107269395400&frm=20&pv=1&ga_vid=141220164.1705699223&ga_sid=1705699223&ga_hid=747198708&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1439&ady=462&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C44795921%2C95320890%2C95321626%2C95321862%2C95322163&oid=2&pvsid=1610472755000211&tmod=971595744&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaE%7C&abl=CA&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=325

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::5e Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97c530c44249746307c2b01b37eed0f53757d139bc4243798f468c71da9844da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 20:31:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 89331
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4079
x-xss-protection: 0
last-modified: Sat, 13 Jan 2024 00:04:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 17 Apr 2024 20:31:32 GMT

GET
H2 200 67b2cf2770e31c0fa9735c0b8b540980.js Show response
www.gstatic.com/mysidia/ Frame CA5B 11 KB
5 KB 420ms
58ms Script
text/javascript 2607:f8b0:4004:c09::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/67b2cf2770e31c0fa9735c0b8b540980.js?tag=text/vanilla_highlight

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::5e Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

559ed27b48f52ad1c65466a95a120b8264f7dea4a23d31f2ebb3b5beca3321f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 20:19:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 90083
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4763
x-xss-protection: 0
last-modified: Sat, 13 Jan 2024 00:04:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 17 Apr 2024 20:19:00 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame CA5B 14 KB
2 KB 429ms
79ms Stylesheet
text/css 2607:f8b0:4004:c19::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c19::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 19 Jan 2024 21:20:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 19 Jan 2024 20:11:30 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 19 Jan 2024 21:20:23 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame CA5B 2 KB
903 B 109ms
94ms Script
text/javascript 2607:f8b0:4006:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2001 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 18:28:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10293
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Feb 2024 18:28:51 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/ Frame CA5B 23 KB
9 KB 85ms
79ms Script
text/javascript 2607:f8b0:4006:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2001 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 05:04:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58582
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9276
x-xss-protection: 0
server: cafe
etag: 3558958386372919956
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Feb 2024 05:04:02 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame CA5B 3 KB
1 KB 88ms
83ms Script
text/javascript 2607:f8b0:4006:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2001 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 05:04:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58581
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Feb 2024 05:04:03 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame CA5B 20 KB
9 KB 370ms
71ms Script
text/javascript 2607:f8b0:4006:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2001 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 05:04:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58581
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Feb 2024 05:04:02 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame CA5B 206 KB
66 KB 360ms
61ms Script
text/javascript 2607:f8b0:4004:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 21:20:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66453
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1705495733332172"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 19 Jan 2024 21:20:23 GMT

GET
H2 200 4cee352c918c506f58256258d534a665.js Show response
www.gstatic.com/mysidia/ Frame CA5B 37 KB
15 KB 64ms
59ms Script
text/javascript 2607:f8b0:4004:c09::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/4cee352c918c506f58256258d534a665.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::5e Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e6b20a1535a6d3ca3d7a611ae199a6f4b464e0b67b450379ed43a7ef3e66957c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 20:13:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 90393
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15452
x-xss-protection: 0
last-modified: Thu, 11 Jan 2024 04:29:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 17 Apr 2024 20:13:51 GMT

GET
H2 200 11165646953868668903
tpc.googlesyndication.com/simgad/ Frame C274 105 KB
105 KB 159ms
138ms Image
image/png 2607:f8b0:4006:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11165646953868668903?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qk_z0-4mYb6kFA6CaaXeVLXKroxrg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4076213113591339&output=html&h=280&slotname=6270017237&adk=784790761&adf=398669345&pi=t.ma~as.6270017237&w=940&fwrn=4&fwrnh=100&lmt=1705699222&rafmt=1&format=940x280&url=https%3A%2F%2Fwww.trade.tf%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705699222432&bpp=3&bdt=656&idt=408&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600&nras=1&correlator=6107269395400&frm=20&pv=1&ga_vid=141220164.1705699223&ga_sid=1705699223&ga_hid=747198708&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=330&ady=575&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C44795921%2C95320890%2C95321626%2C95321862%2C95322163&oid=2&pvsid=1610472755000211&tmod=971595744&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CpeE%7C&abl=NS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=413

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2001 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f8b7b245e7262218d4538b19885a64b081576f07b03ea51bffba8c56df8b460

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 18:33:30 GMT
x-content-type-options: nosniff
age: 442013
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 107528
x-xss-protection: 0
last-modified: Wed, 20 Dec 2023 15:14:52 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 13 Jan 2025 18:33:30 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/ Frame C274 23 KB
9 KB 102ms
82ms Script
text/javascript 2607:f8b0:4006:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2001 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 05:04:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58581
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9276
x-xss-protection: 0
server: cafe
etag: 3558958386372919956
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Feb 2024 05:04:02 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame C274 3 KB
1 KB 184ms
164ms Script
text/javascript 2607:f8b0:4006:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2001 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 05:04:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58581
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Feb 2024 05:04:03 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame C274 20 KB
8 KB 91ms
72ms Script
text/javascript 2607:f8b0:4006:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2001 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 05:04:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58581
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Feb 2024 05:04:02 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame C274 206 KB
65 KB 182ms
161ms Script
text/javascript 2607:f8b0:4004:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 21:20:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66453
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1705495733332172"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 19 Jan 2024 21:20:24 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame C274 36 KB
15 KB 185ms
165ms Script
text/javascript 2607:f8b0:4006:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2001 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7e84408aa66b9c10dd6e2d630f717b4b4f03345cd77fc5360f4ccba99ce1fa74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 05:04:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58581
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14790
x-xss-protection: 0
server: cafe
etag: 14910708302111541132
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Feb 2024 05:04:03 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401160101/ 162 KB
55 KB 90ms
88ms Script
text/javascript 2607:f8b0:4004:c0b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401160101/reactive_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401160101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c0b::9d Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

20e85cee4c73000e0f9e0e3a78c26545b87cbb9d0a47382427e1070274826540

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.trade.tf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 21:20:24 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56364
x-xss-protection: 0
server: cafe
etag: 10202209526529794295
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 19 Jan 2024 21:20:24 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 31A5 143 B
166 B 62ms
61ms Document
text/html 2607:f8b0:4004:c1d::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4076213113591339&output=html&h=280&slotname=6270017237&adk=784790761&adf=398669345&pi=t.ma~as.6270017237&w=940&fwrn=4&fwrnh=100&lmt=1705699222&rafmt=1&format=940x280&url=https%3A%2F%2Fwww.trade.tf%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705699222432&bpp=3&bdt=656&idt=408&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600&nras=1&correlator=6107269395400&frm=20&pv=1&ga_vid=141220164.1705699223&ga_sid=1705699223&ga_hid=747198708&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=330&ady=575&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C44795921%2C95320890%2C95321626%2C95321862%2C95322163&oid=2&pvsid=1610472755000211&tmod=971595744&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CpeE%7C&abl=NS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=413
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 2595
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 19 Jan 2024 20:37:09 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 11036997108986828905
tpc.googlesyndication.com/simgad/ Frame CA5B 3 KB
3 KB 77ms
77ms Image
image/png 2607:f8b0:4006:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11036997108986828905?w=100&h=100&tw=1&q=75

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2001 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2c64ed3a67221afbf3f21495b8b1e55f2315207cbce5ad711b671650d854f4c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Sat, 18 Jan 2025 13:31:10 GMT
date: Fri, 19 Jan 2024 13:31:10 GMT
x-content-type-options: nosniff
age: 28154
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2947
x-xss-protection: 0
last-modified: Wed, 16 Dec 2020 19:35:25 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
DATA 200
OK truncated
/ Frame C274 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ca16ded22f5c6b2fca8de062fa86b2bb50ba9f37f8d4c4f40adbcecf6b3864ee

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 9571 143 B
166 B 63ms
62ms Document
text/html 2607:f8b0:4004:c1d::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4076213113591339&output=html&h=600&slotname=6270017237&adk=2426417292&adf=1334588671&pi=t.ma~as.6270017237&w=160&fwrn=4&fwrnh=100&lmt=1705699222&rafmt=1&format=160x600&url=https%3A%2F%2Fwww.trade.tf%2F&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705699222429&bpp=3&bdt=653&idt=317&shv=r20240118&mjsv=m202401160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6107269395400&frm=20&pv=1&ga_vid=141220164.1705699223&ga_sid=1705699223&ga_hid=747198708&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1439&ady=462&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95320239%2C44759875%2C44759926%2C44795921%2C95320890%2C95321626%2C95321862%2C95322163&oid=2&pvsid=1610472755000211&tmod=971595744&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaE%7C&abl=CA&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=325
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 2595
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 19 Jan 2024 20:37:09 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame CA5B 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4e15c385bbc95be117a93a41082312cc2be10812628f4655060f68f2249ee08f

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 31A5
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

69ms
67ms

Document
text/html

2607:f8b0:4004:c1d::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 19 Jan 2024 21:20:24 GMT
expires: Fri, 19 Jan 2024 21:20:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 19 Jan 2024 21:20:24 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/ Frame 8B87 9 KB
4 KB 61ms
60ms Document
text/html 2607:f8b0:4004:c1d::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401160101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.trade.tf/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 27175
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4173
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 19 Jan 2024 13:47:29 GMT
etag: 9219409622527106327
expires: Fri, 02 Feb 2024 13:47:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/ Frame E426 9 KB
4 KB 61ms
60ms Document
text/html 2607:f8b0:4004:c1d::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401160101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.trade.tf/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 27175
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4173
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 19 Jan 2024 13:47:29 GMT
etag: 9219409622527106327
expires: Fri, 02 Feb 2024 13:47:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/ Frame E4BD 9 KB
4 KB 63ms
63ms Document
text/html 2607:f8b0:4004:c1d::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401160101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.trade.tf/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 27175
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4173
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 19 Jan 2024 13:47:29 GMT
etag: 9219409622527106327
expires: Fri, 02 Feb 2024 13:47:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame CA5B 33 KB
34 KB 200ms
65ms Font
font/woff2 2607:f8b0:4006:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2003 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 13:16:08 GMT
x-content-type-options: nosniff
age: 29056
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 18 Jan 2025 13:16:08 GMT

GET
H2

200

/
www.googleadservices.com/pagead/ar-adview/ Frame C274
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=ChRUtlueqZfbwOr3q0_wP9_aFsAL1o8iNdbXS9v-LErCQHxABIMCBiAJgyYaAgNyjxBCgAZyv-6gCyAECqAMByAPJBKoE9AFP0BwMIDUkQIAPvhGYI0EjjSetsG8EjRRFsOogDTxLQwBYF0q...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x3da7ec19563a181d0000000000000000%22,%222%22:%220x5999e537037599210000000000000000%22,%223%22:%220xb0bb75...

0
0

545ms
119ms

Fetch
text/css

172.253.122.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x3da7ec19563a181d0000000000000000%22,%222%22:%220x5999e537037599210000000000000000%22,%223%22:%220xb0bb75c209733c850000000000000000%22,%224%22:%220xfec729d27d4e2db70000000000000000%22,%225%22:%220x26a2f32e7d5550d80000000000000000%22},%22debug_key%22:%2215556330112215714708%22,%22debug_reporting%22:true,%22destination%22:%22https://hero-wars.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22622778268%22],%2222%22:[%22true%22],%224%22:[%2201-19%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%228513378774024888177%22}&andc=true

Requested by

Protocol

Server

172.253.122.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 21:20:25 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0x3da7ec19563a181d0000000000000000","2":"0x5999e537037599210000000000000000","3":"0xb0bb75c209733c850000000000000000","4":"0xfec729d27d4e2db70000000000000000","5":"0x26a2f32e7d5550d80000000000000000"},"debug_key":"15556330112215714708","debug_reporting":true,"destination":"https://hero-wars.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["622778268"],"22":["true"],"4":["01-19"],"6":["true"]},"priority":"500","source_event_id":"8513378774024888177"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 19 Jan 2024 21:20:25 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 19 Jan 2024 21:20:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x3da7ec19563a181d0000000000000000","2":"0x5999e537037599210000000000000000","3":"0xb0bb75c209733c850000000000000000","4":"0xfec729d27d4e2db70000000000000000","5":"0x26a2f32e7d5550d80000000000000000"},"debug_key":"15556330112215714708","debug_reporting":true,"destination":"https://hero-wars.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["622778268"],"22":["true"],"4":["01-19"],"6":["true"]},"priority":"500","source_event_id":"8513378774024888177"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame 8B87 4 KB
767 B 69ms
68ms Stylesheet
text/css 2607:f8b0:4004:c19::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c19::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 19 Jan 2024 21:20:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 19 Jan 2024 20:04:17 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 19 Jan 2024 21:20:24 GMT

GET
H3 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 8B87 205 B
229 B 60ms
59ms Image
image/png 2607:f8b0:4004:c09::5e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::5e Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 15:40:53 GMT
x-content-type-options: nosniff
age: 20371
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 18 Jan 2025 15:40:53 GMT

GET
H3 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 8B87 604 B
628 B 60ms
60ms Image
image/png 2607:f8b0:4004:c09::5e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::5e Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 17:29:01 GMT
x-content-type-options: nosniff
age: 13883
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 18 Jan 2025 17:29:01 GMT

GET
H3 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/elements/html/ Frame 8B87 16 KB
7 KB 65ms
65ms Script
text/javascript 2607:f8b0:4006:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2001 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

972f7a26f860f2f122dcf2a4c5cae616df3a4a83e0c8318a1afb824c766fb651

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 13:31:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28115
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6823
x-xss-protection: 0
server: cafe
etag: 11129212757755515379
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Feb 2024 13:31:49 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/elements/html/ Frame 8B87 22 KB
9 KB 65ms
65ms Script
text/javascript 2607:f8b0:4006:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2001 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a519c62e734157227e61ce5209158e1b7b484b5f2b68e3ccaed1ffe444de36d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 13:40:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27577
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9422
x-xss-protection: 0
server: cafe
etag: 10624764489894593518
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Feb 2024 13:40:47 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/ Frame E426 23 KB
9 KB 65ms
64ms Script
text/javascript 2607:f8b0:4006:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2001 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 05:04:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58582
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9276
x-xss-protection: 0
server: cafe
etag: 3558958386372919956
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Feb 2024 05:04:02 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame D226 143 B
166 B 61ms
60ms Document
text/html 2607:f8b0:4004:c1d::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 2595
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 19 Jan 2024 20:37:09 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame E426 3 KB
1 KB 86ms
85ms Script
text/javascript 2607:f8b0:4006:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2001 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 05:04:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58581
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Feb 2024 05:04:03 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame E426 20 KB
8 KB 65ms
64ms Script
text/javascript 2607:f8b0:4006:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2001 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 05:04:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58582
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Feb 2024 05:04:02 GMT

GET
H3 200 3171453192159423035
tpc.googlesyndication.com/simgad/ Frame E426 55 KB
55 KB 84ms
84ms Image
image/png 2607:f8b0:4006:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3171453192159423035?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qnOukS8Y92xZEaUpkHssMomP1RpXQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2001 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1be67bd50214d64bca913cdb60d892a3fa3878fe096cfb4c542576c672590c44

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 13:20:25 GMT
x-content-type-options: nosniff
age: 28799
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55962
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 00:23:30 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 18 Jan 2025 13:20:25 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame E426 206 KB
65 KB 66ms
65ms Script
text/javascript 2607:f8b0:4004:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 21:20:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66453
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1705495733332172"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 19 Jan 2024 21:20:24 GMT

GET
H3 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame E426 36 KB
14 KB 126ms
125ms Script
text/javascript 2607:f8b0:4006:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2001 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7e84408aa66b9c10dd6e2d630f717b4b4f03345cd77fc5360f4ccba99ce1fa74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 05:04:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58581
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14790
x-xss-protection: 0
server: cafe
etag: 14910708302111541132
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Feb 2024 05:04:03 GMT

GET
H3 200 4b0ef9dfa83525e0607f42119c034d23.js Show response
www.gstatic.com/mysidia/ Frame E4BD 9 KB
4 KB 59ms
59ms Script
text/javascript 2607:f8b0:4004:c09::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/4b0ef9dfa83525e0607f42119c034d23.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::5e Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97c530c44249746307c2b01b37eed0f53757d139bc4243798f468c71da9844da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 20:31:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 89332
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4079
x-xss-protection: 0
last-modified: Sat, 13 Jan 2024 00:04:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 17 Apr 2024 20:31:32 GMT

GET
H3 200 67b2cf2770e31c0fa9735c0b8b540980.js Show response
www.gstatic.com/mysidia/ Frame E4BD 11 KB
5 KB 60ms
59ms Script
text/javascript 2607:f8b0:4004:c09::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/67b2cf2770e31c0fa9735c0b8b540980.js?tag=text/vanilla_highlight_ms

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::5e Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

559ed27b48f52ad1c65466a95a120b8264f7dea4a23d31f2ebb3b5beca3321f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 20:11:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 90541
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4763
x-xss-protection: 0
last-modified: Sat, 13 Jan 2024 00:04:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 17 Apr 2024 20:11:23 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame E4BD 14 KB
1 KB 73ms
72ms Stylesheet
text/css 2607:f8b0:4004:c19::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c19::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 19 Jan 2024 21:20:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 19 Jan 2024 19:21:47 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 19 Jan 2024 21:20:24 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame E4BD 2 KB
822 B 123ms
122ms Script
text/javascript 2607:f8b0:4006:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2001 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 18:28:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10293
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Feb 2024 18:28:51 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/ Frame E4BD 23 KB
9 KB 123ms
123ms Script
text/javascript 2607:f8b0:4006:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2001 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 05:04:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58582
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9276
x-xss-protection: 0
server: cafe
etag: 3558958386372919956
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Feb 2024 05:04:02 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame E4BD 3 KB
1 KB 132ms
132ms Script
text/javascript 2607:f8b0:4006:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2001 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 05:04:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58581
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Feb 2024 05:04:03 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame E4BD 20 KB
8 KB 75ms
75ms Script
text/javascript 2607:f8b0:4006:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2001 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 05:04:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58582
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Feb 2024 05:04:02 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame E4BD 206 KB
65 KB 111ms
110ms Script
text/javascript 2607:f8b0:4004:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 21:20:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66453
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1705495733332172"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 19 Jan 2024 21:20:24 GMT

GET
H3 200 4cee352c918c506f58256258d534a665.js Show response
www.gstatic.com/mysidia/ Frame E4BD 37 KB
15 KB 75ms
75ms Script
text/javascript 2607:f8b0:4004:c09::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/4cee352c918c506f58256258d534a665.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::5e Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e6b20a1535a6d3ca3d7a611ae199a6f4b464e0b67b450379ed43a7ef3e66957c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 20:13:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 90393
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15452
x-xss-protection: 0
last-modified: Thu, 11 Jan 2024 04:29:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 17 Apr 2024 20:13:51 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 9571
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

73ms
73ms

Document
text/html

2607:f8b0:4004:c1d::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 19 Jan 2024 21:20:24 GMT
expires: Fri, 19 Jan 2024 21:20:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 19 Jan 2024 21:20:24 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 337ms
115ms Preflight
text/html 172.253.122.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.122.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 19 Jan 2024 21:20:24 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame E73E 2 KB
553 B 68ms
66ms Stylesheet
text/css 2607:f8b0:4004:c19::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Poppins%3A400%2C600

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c19::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e537bb0b81601eabcdc6dd4e2eb938917a7c6887765651882ec0ed5081c26c67

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 19 Jan 2024 21:20:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 19 Jan 2024 20:07:04 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 19 Jan 2024 21:20:24 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame E73E 2 KB
822 B 95ms
95ms Script
text/javascript 2607:f8b0:4006:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2001 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 18:28:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10293
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Feb 2024 18:28:51 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/ Frame E73E 23 KB
9 KB 90ms
84ms Script
text/javascript 2607:f8b0:4006:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2001 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 05:04:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58582
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9276
x-xss-protection: 0
server: cafe
etag: 3558958386372919956
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Feb 2024 05:04:02 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame E73E 3 KB
1 KB 92ms
86ms Script
text/javascript 2607:f8b0:4006:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2001 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 05:04:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58581
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Feb 2024 05:04:03 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame E73E 20 KB
8 KB 72ms
66ms Script
text/javascript 2607:f8b0:4006:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2001 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 05:04:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58582
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Feb 2024 05:04:02 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame E73E 206 KB
65 KB 99ms
94ms Script
text/javascript 2607:f8b0:4004:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 21:20:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66453
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1705495733332172"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 19 Jan 2024 21:20:24 GMT

GET
H3 200 4cee352c918c506f58256258d534a665.js Show response
www.gstatic.com/mysidia/ Frame E73E 37 KB
15 KB 65ms
60ms Script
text/javascript 2607:f8b0:4004:c09::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/4cee352c918c506f58256258d534a665.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c09::5e Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e6b20a1535a6d3ca3d7a611ae199a6f4b464e0b67b450379ed43a7ef3e66957c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 20:13:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 90393
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15452
x-xss-protection: 0
last-modified: Thu, 11 Jan 2024 04:29:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 17 Apr 2024 20:13:51 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/12004925240214649021/ Frame E4BD 2 KB
2 KB 69ms
68ms Image
image/jpeg 2607:f8b0:4006:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12004925240214649021/14763004658117789537?w=100&h=100&tw=1&q=75

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2001 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9626f37f05e0edd9c5aeb651564ec5661f7ab58ce74f6d4af99fbc69d64cc59a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Sat, 18 Jan 2025 15:25:23 GMT
date: Fri, 19 Jan 2024 15:25:23 GMT
x-content-type-options: nosniff
age: 21301
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2317
x-xss-protection: 0
last-modified: Fri, 05 Jan 2024 19:19:17 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame D295 143 B
166 B 71ms
60ms Document
text/html 2607:f8b0:4004:c1d::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 2595
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 19 Jan 2024 20:37:09 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame E4BD 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3eaa54443a56a1891d735540f7f7b9f901a5b98beec3e2393fa28c3824cbb644

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame E426 208 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cc055a1edcd53c5bab578c3cdba71ffc3c83bf968552e81e509dbd108973a503

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame E4BD 33 KB
33 KB 65ms
63ms Font
font/woff2 2607:f8b0:4006:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2003 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 13:16:08 GMT
x-content-type-options: nosniff
age: 29056
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 18 Jan 2025 13:16:08 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame D226
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

73ms
72ms

Document
text/html

2607:f8b0:4004:c1d::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 19 Jan 2024 21:20:25 GMT
expires: Fri, 19 Jan 2024 21:20:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 19 Jan 2024 21:20:24 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 WCj_J8NcEslNDYs839d7KGBgNEN8AJkC0oz39by2qQc.js Show response
pagead2.googlesyndication.com/bg/ Frame A092 50 KB
19 KB 59ms
58ms Script
text/javascript 2607:f8b0:4004:c0b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/WCj_J8NcEslNDYs839d7KGBgNEN8AJkC0oz39by2qQc.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c0b::9d Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5828ff27c35c12c94d0d8b3cdfd77b28606034437c009902d28cf7f5bcb6a907

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 15:11:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22156
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19599
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 18 Jan 2025 15:11:08 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame E426
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CRmQ1lueqZb69Od6IoPMP64SwiAijwPiqdf3X_9yTEtiHxcWLDhABIMCBiAJgyYaAgNyjxBCgAcDEs98DyAECqAMByAPJBKoE8QFP0Bv7fKAk22TveCqICGRN_auLkA0Dg7xXJXqh8KvAVwf...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xf0bdb138b475bdb0000000000000000%22,%222%22:%220xbf7965c768b615040000000000000000%22,%223%22:%220x9cfc79b...

0
0

121ms
120ms

Fetch
text/css

172.253.122.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xf0bdb138b475bdb0000000000000000%22,%222%22:%220xbf7965c768b615040000000000000000%22,%223%22:%220x9cfc79be21e0180a0000000000000000%22,%224%22:%220xd379f17688bae5d30000000000000000%22,%225%22:%220xf84249f1e1335e740000000000000000%22},%22debug_key%22:%225375801272350044925%22,%22debug_reporting%22:true,%22destination%22:%22https://koggames.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221005380160%22],%2222%22:[%22true%22],%224%22:[%2201-19%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%229199175991693337793%22}&andc=true

Requested by

Host: www.trade.tf
URL: https://www.trade.tf/

Protocol

Server

172.253.122.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 21:20:25 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0xf0bdb138b475bdb0000000000000000","2":"0xbf7965c768b615040000000000000000","3":"0x9cfc79be21e0180a0000000000000000","4":"0xd379f17688bae5d30000000000000000","5":"0xf84249f1e1335e740000000000000000"},"debug_key":"5375801272350044925","debug_reporting":true,"destination":"https://koggames.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1005380160"],"22":["true"],"4":["01-19"],"6":["true"]},"priority":"500","source_event_id":"9199175991693337793"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 19 Jan 2024 21:20:25 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 19 Jan 2024 21:20:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0xf0bdb138b475bdb0000000000000000","2":"0xbf7965c768b615040000000000000000","3":"0x9cfc79be21e0180a0000000000000000","4":"0xd379f17688bae5d30000000000000000","5":"0xf84249f1e1335e740000000000000000"},"debug_key":"5375801272350044925","debug_reporting":true,"destination":"https://koggames.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1005380160"],"22":["true"],"4":["01-19"],"6":["true"]},"priority":"500","source_event_id":"9199175991693337793"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 WCj_J8NcEslNDYs839d7KGBgNEN8AJkC0oz39by2qQc.js Show response
pagead2.googlesyndication.com/bg/ Frame DF78 50 KB
19 KB 60ms
58ms Script
text/javascript 2607:f8b0:4004:c0b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/WCj_J8NcEslNDYs839d7KGBgNEN8AJkC0oz39by2qQc.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c0b::9d Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5828ff27c35c12c94d0d8b3cdfd77b28606034437c009902d28cf7f5bcb6a907

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 15:11:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22156
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19599
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 18 Jan 2025 15:11:08 GMT

GET
H3 200 WCj_J8NcEslNDYs839d7KGBgNEN8AJkC0oz39by2qQc.js Show response
pagead2.googlesyndication.com/bg/ Frame C156 50 KB
19 KB 59ms
59ms Script
text/javascript 2607:f8b0:4004:c0b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/WCj_J8NcEslNDYs839d7KGBgNEN8AJkC0oz39by2qQc.js

Requested by

Host: www.trade.tf
URL: https://www.trade.tf/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c0b::9d Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5828ff27c35c12c94d0d8b3cdfd77b28606034437c009902d28cf7f5bcb6a907

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 15:11:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22156
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19599
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 18 Jan 2025 15:11:08 GMT

GET
H2

200

/
www.googleadservices.com/pagead/ar-adview/ Frame E4BD
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=C4vkQlueqZb-9Od6IoPMP64SwiAjyve21dYX-2PGiEq7N8NnlQBABIMCBiAJgyYaAgNyjxBCgAanU8toDyAEBqAMByAPLBKoE8wFP0Ko07F5Yk6gXZG1MTMzBNYXagcYQV5sKoYyYvU_Xgsm...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x32bbf1dfa66b09d70000000000000000%22,%222%22:%220x3a910a25d03ffd810000000000000000%22,%223%22:%220x858bed...

0
0

120ms
115ms

Fetch
text/css

172.253.122.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x32bbf1dfa66b09d70000000000000000%22,%222%22:%220x3a910a25d03ffd810000000000000000%22,%223%22:%220x858bed0b8e4e58330000000000000000%22,%224%22:%220x383fef1f6baaf5530000000000000000%22,%225%22:%220xeabc974f9f4205e60000000000000000%22},%22debug_key%22:%227002517923185613913%22,%22debug_reporting%22:true,%22destination%22:%22https://brandsmartusa.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22995928617%22],%2222%22:[%22true%22],%224%22:[%2201-19%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%229058871250058886625%22}&andc=true

Requested by

Host: www.trade.tf
URL: https://www.trade.tf/

Protocol

Server

172.253.122.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 21:20:25 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0x32bbf1dfa66b09d70000000000000000","2":"0x3a910a25d03ffd810000000000000000","3":"0x858bed0b8e4e58330000000000000000","4":"0x383fef1f6baaf5530000000000000000","5":"0xeabc974f9f4205e60000000000000000"},"debug_key":"7002517923185613913","debug_reporting":true,"destination":"https://brandsmartusa.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["995928617"],"22":["true"],"4":["01-19"],"6":["true"]},"priority":"500","source_event_id":"9058871250058886625"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 19 Jan 2024 21:20:25 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 19 Jan 2024 21:20:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x32bbf1dfa66b09d70000000000000000","2":"0x3a910a25d03ffd810000000000000000","3":"0x858bed0b8e4e58330000000000000000","4":"0x383fef1f6baaf5530000000000000000","5":"0xeabc974f9f4205e60000000000000000"},"debug_key":"7002517923185613913","debug_reporting":true,"destination":"https://brandsmartusa.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["995928617"],"22":["true"],"4":["01-19"],"6":["true"]},"priority":"500","source_event_id":"9058871250058886625"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2

200

/
www.googleadservices.com/pagead/ar-adview/ Frame CA5B
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=C0KzGlueqZZzjOdTl0_wP1cm4-APpqqSxdMG8kLCNEeWP_MIDEAEgwIGIAmDJhoCA3KPEEKAB_9uKyAPIAQGoAwHIA8sEqgT5AU_QpmoSSeAQqDBCXm9AIGY406AclCShdw27S-1kebUHqdA...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xc792fb3ca8270cc0000000000000000%22,%222%22:%220xe657f7a5f2954d170000000000000000%22,%223%22:%220x33f56bc...

0
0

120ms
119ms

Fetch
text/css

172.253.122.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xc792fb3ca8270cc0000000000000000%22,%222%22:%220xe657f7a5f2954d170000000000000000%22,%223%22:%220x33f56bce77df10380000000000000000%22,%224%22:%220xdfff109d5a79ebc90000000000000000%22,%225%22:%220xd94b17f4d276b4c30000000000000000%22},%22debug_key%22:%221414790328753953439%22,%22debug_reporting%22:true,%22destination%22:%22https://grammarly.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22956476927%22],%2222%22:[%22true%22],%224%22:[%2201-19%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%225224734907819616657%22}&andc=true

Requested by

Host: www.trade.tf
URL: https://www.trade.tf/

Protocol

Server

172.253.122.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 21:20:25 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0xc792fb3ca8270cc0000000000000000","2":"0xe657f7a5f2954d170000000000000000","3":"0x33f56bce77df10380000000000000000","4":"0xdfff109d5a79ebc90000000000000000","5":"0xd94b17f4d276b4c30000000000000000"},"debug_key":"1414790328753953439","debug_reporting":true,"destination":"https://grammarly.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["956476927"],"22":["true"],"4":["01-19"],"6":["true"]},"priority":"500","source_event_id":"5224734907819616657"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 19 Jan 2024 21:20:25 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 19 Jan 2024 21:20:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0xc792fb3ca8270cc0000000000000000","2":"0xe657f7a5f2954d170000000000000000","3":"0x33f56bce77df10380000000000000000","4":"0xdfff109d5a79ebc90000000000000000","5":"0xd94b17f4d276b4c30000000000000000"},"debug_key":"1414790328753953439","debug_reporting":true,"destination":"https://grammarly.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["956476927"],"22":["true"],"4":["01-19"],"6":["true"]},"priority":"500","source_event_id":"5224734907819616657"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame D295
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

80ms
69ms

Document
text/html

2607:f8b0:4004:c1d::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 19 Jan 2024 21:20:25 GMT
expires: Fri, 19 Jan 2024 21:20:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 19 Jan 2024 21:20:25 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 WCj_J8NcEslNDYs839d7KGBgNEN8AJkC0oz39by2qQc.js Show response
pagead2.googlesyndication.com/bg/ Frame F128 50 KB
19 KB 59ms
59ms Script
text/javascript 2607:f8b0:4004:c0b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/WCj_J8NcEslNDYs839d7KGBgNEN8AJkC0oz39by2qQc.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c0b::9d Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5828ff27c35c12c94d0d8b3cdfd77b28606034437c009902d28cf7f5bcb6a907

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 15:11:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22157
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19599
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 18 Jan 2025 15:11:08 GMT

GET
H3 200 WCj_J8NcEslNDYs839d7KGBgNEN8AJkC0oz39by2qQc.js Show response
pagead2.googlesyndication.com/bg/ Frame 8150 50 KB
19 KB 66ms
66ms Script
text/javascript 2607:f8b0:4004:c0b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/WCj_J8NcEslNDYs839d7KGBgNEN8AJkC0oz39by2qQc.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c0b::9d Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5828ff27c35c12c94d0d8b3cdfd77b28606034437c009902d28cf7f5bcb6a907

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 15:11:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22157
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19599
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 18 Jan 2025 15:11:08 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C274 42 B
64 B 250ms
123ms Fetch
image/gif 2607:f8b0:4004:c0b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvY0jr4DAeIAi_JArDiBRqxyoIqGZhqfEB7tz0I5RVMzDp-2RjK5v7Ip_5rrIMtDvi-2vCY29Asv5I63tqfCTrXYb0riXeTUJAjnGBH-QbVgy7sm8J94x48Zdn0X-0Bcsx0urk7blIiyHRtUbRP4n8hK2SI&sai=AMfl-YQMM-GaThVEVk1Tfd77xs7SLni9ZgV3IJvJlBoGLlrKx_KXTY8hObjt0KPFOdvSPvWQbX7P-9n-W8SV5Nm5J4uGHNkT81-3Me-XNI9rUQ9DeBjo7GFuHzzVQkDXO7_f0mcQ5E_uhC-_1d1_lnxYUw&sig=Cg0ArKJSzMggX3pKuJp6EAE&cid=CAQSTwAvHhf_d7hftyO_1BdoNLp_jVJ7lADu9jsXPcCteKZ7ad7Fgt2vOPhFjUQVHzMpElTrbMQYyMsm5QKWt1pMQgJBiuhg8NcKGRgG5cqWr-kYAQ&id=lidar2&mcvt=1000&p=0,0,242,940&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240117&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=784790761&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1705699222846&rpt=1472&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c0b::9d Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jan 2024 21:20:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 119ms
116ms Preflight
text/html 172.253.122.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.122.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 19 Jan 2024 21:20:25 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 121ms
120ms Preflight
text/html 172.253.122.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.122.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 19 Jan 2024 21:20:25 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H3 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 118ms
117ms Preflight
text/html 172.253.122.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.122.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 19 Jan 2024 21:20:25 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 91ms
89ms XHR
application/json 2607:f8b0:4004:c0b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240118&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401160101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c0b::9d Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

89a0709a2ddf78a2bd34277d6036c6160090df46d2589d4ffd95d682867f450b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.trade.tf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 21:20:25 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12328
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 128ms
127ms Script
text/javascript 2607:f8b0:4006:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401160101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2001 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.trade.tf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 21:20:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 19 Jan 2024 21:20:25 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame E426 42 B
64 B 123ms
120ms Fetch
image/gif 2607:f8b0:4004:c0b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuhZ2AOigEks7H4OzHeBR0WVEIY-_l5JoOZqFIgHDFVvw82EU-3jf08Q3CNWXF0EWWjbGTI5qLJ6tGf6Zyu7mVfSZ6BnadSAR2uVbtoCIRciNGi--7vlv6UgMguq0EmqJ8jVJQjqPAO4AdbQAQBFhosOMqo&sai=AMfl-YTRO_IKiIHVRpVAdpkwl8qOmuW8FrpUulDVzFaC7tS4iNa8gCblWN6cSNP_z7YJ6m_cf_JiwhrRBUs4O-DmpiqYTejH1_TM6cDtGJy3FM8ATU5Oh5oWwoOxgXPxtVvIRjW7ANpVRtPgsrFUfoxa&sig=Cg0ArKJSzNyBKjUNohEREAE&cid=CAQSTgAvHhf__Bg-FN5f95beVqzypQZOran8aRViasek9jIMsFmyK3RwKuEYYBBHemyP2ZFuncD7IdIKom5wxem8v-ed5rqDdxHGmxtHLGRB2xgB&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240117&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=1812271803&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1705699224265&rpt=412&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c0b::9d Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jan 2024 21:20:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 9168 13 KB
5 KB 79ms
74ms Document
text/html 2607:f8b0:4006:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2001 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.trade.tf/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 68689
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 19 Jan 2024 02:15:37 GMT
expires: Sat, 18 Jan 2025 02:15:37 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 3340 829 B
559 B 88ms
86ms Document
text/html 2607:f8b0:4006:81d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2004 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

5bbc0f95cf9364864f1a9dc9bf6bfb4958e90422f66ce3d13884632375337200

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-yarMEmOuSI9_rMIqRcSZUw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.trade.tf/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-yarMEmOuSI9_rMIqRcSZUw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 19 Jan 2024 21:20:26 GMT
expires: Fri, 19 Jan 2024 21:20:26 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame E4BD 42 B
64 B 151ms
139ms Fetch
image/gif 2607:f8b0:4004:c0b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsukL5OrSQpjXD1JK6m7P-ZZjfL7TEyyAd3uCJd_teicLL7rCr0levGgt-uH6VdWHnqY3W5hRA5RsrTr_h9Qg6E6Hh7kre3GCLTE76Drtt8mpVFPF-aAKHeAKbMh8yAh_yW8d8Nt4xTO28FdOvDusu2tbh8a&sai=AMfl-YSh4z2Lv7WCMGc8pQ3qg0MMqM2mtpK7d-1itwlM63vXx4SbDEzsbSZjxPXTk-4uomUkJk3yg72hP-Np3gaTh92BA-gsFL_SbuJIFlw33JM2sNWCT5TnzJYST6Ogp7nK-LZXTZuR823viO5005jI&sig=Cg0ArKJSzJcxi4v0Ao7vEAE&cid=CAQSTgAvHhf__Bg-FN5f95beVqzypQZOran8aRViasek9jIMsFmyK3RwKuEYYBBHemyP2ZFuncD7IdIKom5wxem8v-ed5rqDdxHGmxtHLGRB2xgB&id=lidar2&mcvt=1001&p=0,0,124,1005&mtos=307,1001,1001,1001,1001&tos=307,694,0,0,0&v=20240117&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1705699224268&rpt=687&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c0b::9d Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jan 2024 21:20:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame CA5B 42 B
64 B 150ms
138ms Fetch
image/gif 2607:f8b0:4004:c0b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuGFCXzRlaZegp1twUMHRnRm09u-9W95JfCOL2R6eNb6aCFrAixWcG7HKCuY-TJ3eVEWKluYTfdV5ZHl1xsvFOEUvfSsunIRzW5r-508fSpRxFWBAXUZnsErgCJb1atkcwKM9yKsUujU1kn7u0XqGYEDLYt&sai=AMfl-YTw-vj9V3_TSbRlV3zakmeKyTmQLeA0owcCnjGUoWNWRwempowyz50Jx4kJkYkMQO-7ZubocoBj5Xnd_u5Ig1V1DaINdW3Kj-BCWvGUJIGxnkHdJpy3u0-mAgWcW0l7uvBUxaY8re_pPFoMidtUpA&sig=Cg0ArKJSzHznqxSQDG4zEAE&cid=CAQSTwAvHhf_aqC9k4-4wqiJCTm2_z-xfx5Fy2zjALFKE04OlbelOpOgRTIrlOeSRiSGx_VD7pftpT_b7e0EMMLY-h_rUhAgiG5Mnni7x3v24GwYAQ&id=lidar2&mcvt=1003&p=0,0,600,160&mtos=1003,1003,1003,1003,1003&tos=1003,0,0,0,0&v=20240117&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2426417292&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1705699222756&rpt=2215&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c0b::9d Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Jan 2024 21:20:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 3340 0
0 135ms
124ms Image
text/html 2607:f8b0:4004:c0b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240118&jk=1610472755000211&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c0b::9d Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H3 200 IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js Show response
pagead2.googlesyndication.com/bg/ Frame 9168 39 KB
15 KB 81ms
70ms Script
text/javascript 2607:f8b0:4004:c0b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c0b::9d Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 18:54:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8746
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15219
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 18 Jan 2025 18:54:40 GMT

GET
H3 200 189_64.png
www.trade.tf/static/img/440/fx/ 4 KB
4 KB 55ms
52ms Image
image/png 2606:4700:3031::6815:7b6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.trade.tf/static/img/440/fx/189_64.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:7b6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff9fc1bb47cca0f2b1076a841b142854ce498378a988e8b97f1544bf067049bc

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.trade.tf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 21:20:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4505
alt-svc: h3=":443"; ma=86400
content-length: 3609
last-modified: Sun, 30 Jul 2023 20:16:54 GMT
server: cloudflare
etag: "64c6c536-e19"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KeQqXV6RDFM8vW5z8QTp0x%2BLeFqEMv%2FR%2FT6MoRJj%2F%2BMAppKQaSHilM3yMmqp7cv1ZBazKYjPkjJl%2Fd8fNXhUpPKrrKd4REMCgGVPkiPGHxYgyC%2F2fxM8R2M%2BOHTxXtgNg7oBUS8pzyXnPPg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 84821f244e525c69-MIA
expires: Sun, 18 Feb 2024 20:05:21 GMT

GET
H2 200 hwn2021_twisted_topper.b09260573cb44defd51313cd26807aee5ed18f56.png
steamcdn-a.akamaihd.net/apps/440/icons/ 5 KB
5 KB 88ms
85ms Image
image/png 23.40.179.161
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://steamcdn-a.akamaihd.net/apps/440/icons/hwn2021_twisted_topper.b09260573cb44defd51313cd26807aee5ed18f56.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.40.179.161 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-40-179-161.deploy.static.akamaitechnologies.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 4a6651968077a38b317393e98f48381f1192be298398185b3ec9d702e04987ad

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.trade.tf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 21:20:26 GMT
last-modified: Tue, 05 Oct 2021 21:29:30 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "615cc3ba-12c2"
content-type: image/png
cache-control: public, max-age=314038012
accept-ranges: bytes
content-length: 4802
expires: Sun, 01 Jan 2034 14:07:18 GMT

GET
H2 200 pile_of_junk3.6f7e42fae0507065287c7b5c51aa05c2420161ba.png
steamcdn-a.akamaihd.net/apps/440/icons/ 10 KB
10 KB 87ms
85ms Image
image/png 23.40.179.161
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://steamcdn-a.akamaihd.net/apps/440/icons/pile_of_junk3.6f7e42fae0507065287c7b5c51aa05c2420161ba.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.40.179.161 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-40-179-161.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: c27f15b93735a79566c424c2fc8d881c2b88e9df031621d8dc791f6f8701ef6d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.trade.tf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 21:20:26 GMT
last-modified: Fri, 20 Oct 2017 21:19:02 GMT
server: nginx
etag: "59ea6846-26b0"
content-type: image/png
cache-control: public, max-age=315078803
accept-ranges: bytes
content-length: 9904
expires: Fri, 13 Jan 2034 15:13:49 GMT

GET
H2 200 key.be0a5e2cda3a039132c35b67319829d785e50352.png
steamcdn-a.akamaihd.net/apps/440/icons/ 6 KB
6 KB 88ms
86ms Image
image/png 23.40.179.161
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://steamcdn-a.akamaihd.net/apps/440/icons/key.be0a5e2cda3a039132c35b67319829d785e50352.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.40.179.161 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-40-179-161.deploy.static.akamaitechnologies.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: ca7f8c61cf9109d6421ac472d3d16cc65d0b4f8557062c69cc75f7ec927e7330

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.trade.tf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 21:20:26 GMT
last-modified: Fri, 20 Oct 2017 21:18:55 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "59ea683f-1625"
content-type: image/png
cache-control: public, max-age=313993577
accept-ranges: bytes
content-length: 5669
expires: Sun, 01 Jan 2034 01:46:43 GMT

GET
H2 200 earbuds.5816fc8fd4e6be4bd274b050fab0526d13bfe7b3.png
steamcdn-a.akamaihd.net/apps/440/icons/ 2 KB
2 KB 88ms
87ms Image
image/png 23.40.179.161
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://steamcdn-a.akamaihd.net/apps/440/icons/earbuds.5816fc8fd4e6be4bd274b050fab0526d13bfe7b3.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.40.179.161 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-40-179-161.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 15a9c499d86f4844d0e2cd387d3dd88e1c3735c902673f0762beaaf1480c9ddc

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.trade.tf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 21:20:26 GMT
last-modified: Fri, 20 Oct 2017 21:08:50 GMT
server: nginx
etag: "59ea65e2-76a"
content-type: image/png
cache-control: public, max-age=313634299
accept-ranges: bytes
content-length: 1898
expires: Tue, 27 Dec 2033 21:58:45 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 9168 0
11 B 65ms
64ms Image
text/plain 2607:f8b0:4006:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?96NpBQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:820::2001 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 21:20:26 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 122ms
122ms Image
text/html 2607:f8b0:4004:c0b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240118&jk=1610472755000211&bg=!3t2l3ZLNAAa8BdJLnAU7ADQBe5WfOIX2bfgVhuGNPi5Am9hwpcUAqMJO2lnyfAaiJOrA7FLuc_nO5KDIisnRvtJ5bEtCAgAAASBSAAAABGgBBwoAL7jgcQU_aa2Gbk5M5gJs-dL8RKlmnUNNKJRnT8JxuyaMyC60jZMEdk4UpeRzkXrTmQKt1yuraHFVq6PagbYOk1okczHVXKrOAi9AINgg5VdWHCnCBAOUrEYZpREhmZLdDHeRDjxfq-URrMNGpj8g2snIHhfJleAri9nLLsBewbGuXVS1OA18-I-luyF-2AdRgY0pjBvYXq3odwgdnrMbO6QiQgDdUuJe8ANZPp14mGpP9MDVBc1xAIvAkIqxUOZrtuKZo8jMH0tGim28jmfvo_ocECy4YXjXcy4DYHnbxs6NRdH2A4Zkblk3HC9a84LRr2sFdocP2YCNmX_emgD75pc14mIu2f00SjQu7ndrTsKFQcfdilJ0Y78U2EbSYuV3soDX-S_v1KdwCrnlKY4axypcitc264vApPWC4Rz630pX0wSm4iZ42uxQQUmr9gE2YlKNc79RqnrwKU2jjhjVWj_JIeabYiX0SL9pCEWeILFgd3QGXsVwA8IVRf_fl2PuSi1SKlynAX0J92KHToToLA_iy36twi72W84df8_d6TrCI9VSvA-lXFULp1dciNu2sy_vfpSp48_tkiSnAE2GoH1VaZYAkTewalL_7YTT_vGCDptR_51bpCvpzaJNV0GBGyW9WV8HRFESxR9Qc217UZ2xOSjt0KKO6XWIhSsbbllkiuMqVYQ7D8uxuzuuvsdDyhiZtIYTC6e8TBHthfVtufOE5GNgX1qaN5ceo291LGDUbs4AsBPgv4RetzDSQKWuTC_IfKOVRQFSidL-aNhx-eUozrtp_ogQ2GuPDppgOalKchRJMPWDt06m77Rn1rJOuoQJwsPOFTuZBXJYUHR81z8Z9nbb2OMTn3Pma57Ywo4moBNIjAC6GG-mV-_VwVLEGRP8DhA-NfNhqbbAlFEUYteesNt-S8BE50vv5EScaNSbAtaBbk8Nq0fxmMwwO4bpkx_U4dJUgkgvR2fq1e6YNg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c0b::9d Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.trade.tf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

58 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.trade.tf/	1970-01-21 03:24:19	Name: _ga Value: GA1.2.141220164.1705699223
.trade.tf/	1970-01-20 17:49:45	Name: _gid Value: GA1.2.1338597320.1705699223
.trade.tf/	1970-01-20 17:48:19	Name: _gat_gtag_UA_113015528_1 Value: 1
.trade.tf/	1970-01-21 03:09:55	Name: __gads Value: ID=9851d9ca7934865b:T=1705699222:RT=1705699222:S=ALNI_MavTm4eLgP6N55mNqjZr0vmt39lpA
.trade.tf/	1970-01-21 03:09:55	Name: __gpi Value: UID=00000db889e974ae:T=1705699222:RT=1705699222:S=ALNI_MbaOyL-EZLL8HdXRtdmQFpOzihLoA
.doubleclick.net/	1970-01-21 03:24:19	Name: IDE Value: AHWqTUk0tvdGgpDLUUb_bzkP_U-uo8jG3WRU6Pz6OcQVXrfNupvsoZ_5L1g9zM9jF9k
.doubleclick.net/	1970-01-20 17:48:22	Name: DSID Value: NO_DATA
.trade.tf/	1970-01-21 03:24:19	Name: _ga_DNWGQF789W Value: GS1.1.1705699222.1.0.1705699224.0.0.0
.googleadservices.com/	1970-01-20 19:57:55	Name: ar_debug Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
stats.g.doubleclick.net
steamcdn-a.akamaihd.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.trade.tf
172.253.122.155
23.40.179.161
2606:4700:3031::6815:7b6
2606:4700::6811:190e
2607:f8b0:4004:c06::9c
2607:f8b0:4004:c08::8a
2607:f8b0:4004:c09::5e
2607:f8b0:4004:c09::5f
2607:f8b0:4004:c09::9b
2607:f8b0:4004:c0b::9d
2607:f8b0:4004:c17::61
2607:f8b0:4004:c19::5f
2607:f8b0:4004:c1d::9b
2607:f8b0:4006:81d::2004
2607:f8b0:4006:81e::2003
2607:f8b0:4006:820::2001
0aebdf62672da67c3427908d34b03431aa9dcdd125adf3ced02dc693ee6dc89e
10e99aecf6203286f7eced9c2e3f0a0f79515161048acc88703c8a1689b84eca
15a9c499d86f4844d0e2cd387d3dd88e1c3735c902673f0762beaaf1480c9ddc
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1be67bd50214d64bca913cdb60d892a3fa3878fe096cfb4c542576c672590c44
1cafba9bd21c8f8c31cb6eb55f0c29a6b6afe26272fec3b6ba2e343e95c5d46a
1f8b7b245e7262218d4538b19885a64b081576f07b03ea51bffba8c56df8b460
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
20e85cee4c73000e0f9e0e3a78c26545b87cbb9d0a47382427e1070274826540
23d67cf6d8761c0e509eea047f2bab73bc2b2361cbe95a806f0a4e9bb7e93903
2c64ed3a67221afbf3f21495b8b1e55f2315207cbce5ad711b671650d854f4c9
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
303975a8c50f7d21403d170dcbca826784fcd9d8943100a6e23c32bb8963775f
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
326b994ec59c7334f52211fbd5aa909a36b98d1717cb798bfcd3af8d4cbdb6ca
3a2f2b9547a70ee2dd2a8aa071d62f1e1dc33c042a129dc1c6a5bb05bb6f95d5
3eaa54443a56a1891d735540f7f7b9f901a5b98beec3e2393fa28c3824cbb644
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
4a18fcc906bc39c7a49f4b3e3b4575dbc86817e956716f08cb967c96247f7c31
4a6651968077a38b317393e98f48381f1192be298398185b3ec9d702e04987ad
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e15c385bbc95be117a93a41082312cc2be10812628f4655060f68f2249ee08f
518c6c0658bec1cf1c1ecd52570d2161fde5950954c0bb8a9d18a2df4dc8be4d
52a823d5b5f84e0b155d06eaef9870f69066ea636604e9ac9b5a325290cb6e3e
559ed27b48f52ad1c65466a95a120b8264f7dea4a23d31f2ebb3b5beca3321f6
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5828ff27c35c12c94d0d8b3cdfd77b28606034437c009902d28cf7f5bcb6a907
5bbc0f95cf9364864f1a9dc9bf6bfb4958e90422f66ce3d13884632375337200
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
67cf9d45d8e56e929fca5c04b19d3978aa635ccdd565217f68555092b82b67ad
69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7910a51a82fc1e1dd8546981b72cc66ac2755725d8a25d529c23c0b71c5b5169
79b378e8f3c1fece39a1472a2e7d920ab80eb5881525a1622d9dbaa954aa23c3
7a519c62e734157227e61ce5209158e1b7b484b5f2b68e3ccaed1ffe444de36d
7cb917e3a229afc9ff9d7213791f72df91e26b4712a601b0ffe848eb34e9abae
7d89922dac3b2e4a94617d95927549b79c65a12188423b4cbfa4d4729a66838a
7e84408aa66b9c10dd6e2d630f717b4b4f03345cd77fc5360f4ccba99ce1fa74
7ec5f169c1fd3e7e173dd916e16142c95740686e5f1ef4fc27aac740b7526df3
82306dc4e66c96d254282f864ada3466f081b6ea21ef90c83657f4529d806e27
887d1c436fde0c833b411997660080f321868123daa9c5138b4dade31b0cc410
89a0709a2ddf78a2bd34277d6036c6160090df46d2589d4ffd95d682867f450b
8f1d64384d4281692b8288d9c7b12c437c8c68f0ed524cbffa961183af79900b
951aa021e9f474890ed99ac351a517943b153aabe3872d8d80d441ddefff0624
957ba3d011c26237204cc699388f2a515274e031c5bd87f7d302f610d115a74e
9626f37f05e0edd9c5aeb651564ec5661f7ab58ce74f6d4af99fbc69d64cc59a
972f7a26f860f2f122dcf2a4c5cae616df3a4a83e0c8318a1afb824c766fb651
97aa2b34732c852c83a87a12c82d2231892fb82470f53271cdd612587b12bb22
97c530c44249746307c2b01b37eed0f53757d139bc4243798f468c71da9844da
a179272b1532b5d0ab551004e01d698d9a84a6aa96f8fc7b466fdbb49a94f5a2
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
b260d056edb6c39eeeed00ffc7bccded9160bb9c1f03c62d77a99181ae88a08b
b7ebcdfa3017de021ad7fb7198717178c8a79e69b0f38aa2bb455a020e60b41c
c27f15b93735a79566c424c2fc8d881c2b88e9df031621d8dc791f6f8701ef6d
ca16ded22f5c6b2fca8de062fa86b2bb50ba9f37f8d4c4f40adbcecf6b3864ee
ca7f8c61cf9109d6421ac472d3d16cc65d0b4f8557062c69cc75f7ec927e7330
cacb6c284c3f25344eeb2defdde16d679624451996aa3fe8a7adae92dc2d0d7c
cb41292903f6bd996333bdfe6fbc58e1dbdb6109074505ee3ea46373bb23be70
cc055a1edcd53c5bab578c3cdba71ffc3c83bf968552e81e509dbd108973a503
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
d888f2002c589f694e31873f974324ddccff9c3acc0dba35792144ce5c5e2965
daf05b85df73e0361ce7c486d0c8e4e9ee2a87135ff13da6ef3183230e89d28a
dc1870914d241976837c4cf1cc02d03d2d809d19b36dfbe4654c2ebba4ea37fb
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e537bb0b81601eabcdc6dd4e2eb938917a7c6887765651882ec0ed5081c26c67
e6b20a1535a6d3ca3d7a611ae199a6f4b464e0b67b450379ed43a7ef3e66957c
e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fc55a512d324d3a696078ab55aa6f919f284b15169ca30e74afa80fdf48e419c
ff9fc1bb47cca0f2b1076a841b142854ce498378a988e8b97f1544bf067049bc

www.trade.tf Open in urlscan Pro 2606:4700:3031::6815:7b6 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

129 Requests

97 %HTTPS

88 %IPv6

12 Domains

16 Subdomains

17 IPs

1 Countries

1964 kBTransfer

5049 kBSize

9 Cookies

22 Outgoing links

Redirected requests

129 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.trade.tf Open in urlscan Pro
2606:4700:3031::6815:7b6 Public Scan

Screenshot
Live screenshot

Full Image

129
Requests

97 %
HTTPS

88 %
IPv6

12
Domains

16
Subdomains

17
IPs

1
Countries

1964 kB
Transfer

5049 kB
Size

9
Cookies

129 HTTP transactions
4 data transactions