gamecopyworld.eu Open in urlscan Pro
104.21.16.163 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://d2.consoletarget.com/?y=cdd07634&x=ktVrDlr%2BQZgiyDAa2CWtTJWZR7mJ%2Fya98O5DH%2BZrC1kk7R5dxzj%2F8hZb1J%2BUQ9K7ZKFIj%2B...
Effective URL:
https://gamecopyworld.eu/games/pc_mars_war_logs.shtml
Submission Tags: falconsandbox
Submission: On September 30 via api (September 30th 2021, 1:16:28 pm UTC) from US — Scanned from DE

Summary HTTP 92 Redirects Links 13 Behaviour Indicators

Summary

This website contacted 12 IPs in 3 countries across 10 domains to perform 92 HTTP transactions. The main IP is 104.21.16.163, located in and belongs to CLOUDFLARENET, US. The main domain is gamecopyworld.eu.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 11th 2021. Valid for: a year.

This is the only time gamecopyworld.eu was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5	172.67.148.24 172.67.148.24	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	104.16.18.94 104.16.18.94	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	216.58.212.162 216.58.212.162	15169 (GOOGLE) (GOOGLE)
3	46.166.179.123 46.166.179.123	43350 (NFORCE) (NFORCE)
15	172.217.18.98 172.217.18.98	15169 (GOOGLE) (GOOGLE)
5	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
1	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
17	142.250.186.97 142.250.186.97	15169 (GOOGLE) (GOOGLE)
3 4	216.58.212.164 216.58.212.164	15169 (GOOGLE) (GOOGLE)
16	104.21.16.163 104.21.16.163	13335 (CLOUDFLAR...) (CLOUDFLARENET)
16 26	104.21.28.110 104.21.28.110	13335 (CLOUDFLAR...) (CLOUDFLARENET)
92	12

5 172.67.148.24 (United States)

ASN13335 (CLOUDFLARENET, US)

d2.consoletarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.16.18.94 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 216.58.212.162 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 46.166.179.123 (Netherlands)

ASN43350 (NFORCE, NL)
PTR: ptr11.adreactor.com

adserver.adreactor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f98.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 142.250.186.97 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f1.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 216.58.212.164 (Mountain View, United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f164.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 104.21.16.163 (None, )

ASN13335 (CLOUDFLARENET, US)

gamecopyworld.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 104.21.28.110 (None, ) 16 redirects

ASN13335 (CLOUDFLARENET, US)

s1.filetarget.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
29	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	417 KB
26	filetarget.net 16 redirects s1.filetarget.net	110 KB
16	gamecopyworld.eu gamecopyworld.eu	1 MB
15	doubleclick.net googleads.g.doubleclick.net	83 KB
5	google.com 3 redirects adservice.google.com www.google.com	1 KB
5	consoletarget.com d2.consoletarget.com	3 MB
4	googletagservices.com www.googletagservices.com	139 KB
4	cloudflare.com cdnjs.cloudflare.com	15 KB
3	adreactor.com adserver.adreactor.com	8 KB
1	googleadservices.com partner.googleadservices.com	662 B
92	10

	Domain	Requested by
26	s1.filetarget.net	16 redirects gamecopyworld.eu s1.filetarget.net
17	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
16	gamecopyworld.eu	d2.consoletarget.com gamecopyworld.eu
15	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
12	pagead2.googlesyndication.com	d2.consoletarget.com pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com
5	d2.consoletarget.com	d2.consoletarget.com
4	www.google.com	3 redirects tpc.googlesyndication.com
4	www.googletagservices.com	pagead2.googlesyndication.com googleads.g.doubleclick.net
4	cdnjs.cloudflare.com	d2.consoletarget.com gamecopyworld.eu
3	adserver.adreactor.com	d2.consoletarget.com adserver.adreactor.com
1	adservice.google.com	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
92	12

This site contains links to these domains. Also see Links.

Domain
www.gamecopyworld.com
fileforums.com
gametarget.net
consolecopyworld.com
covertarget.com
cdmediaworld.com
lnkworld.com
musictarget.com
a-kabini.samenblog.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-09` - `2022-07-08`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
adserver.adreactor.com Gandi Standard SSL CA 2	`2021-04-28` - `2022-04-28`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh

This page contains 19 frames:

Primary Page: https://gamecopyworld.eu/games/pc_mars_war_logs.shtml
Frame ID: 4609298C372E7287DDF67340DAA4A083
Requests: 36 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210927/r20190131/zrt_lookup.html
Frame ID: 9A117D061563F52E01619701979CD3D7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9116440445344191&output=html&h=90&slotname=6663260524&adk=2451648850&adf=207028156&pi=t.ma~as.6663260524&w=728&lmt=1633007779&psa=0&format=728x90&url=https%3A%2F%2Fd2.consoletarget.com%2F%3Fy%3Dcdd07634%26x%3DktVrDlr%252BQZgiyDAa2CWtTJWZR7mJ%252Fya98O5DH%252BZrC1kk7R5dxzj%252F8hZb1J%252BUQ9K7ZKFIj%252BsfcAkMaUlwAKBB9TrU4pu%252F8UWsqpM9wqUeaXE%252F%252BJX0heuxH%252BKGSlJkpRbQleHDx6whNEqkKAmVk7J56Hl4To%252FWf26wlX1R1bkQHb4%253D&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633007779292&bpp=4&bdt=204&idt=94&shv=r20210927&mjsv=m202109270101&ptt=9&saldr=aa&abxe=1&correlator=3853090196755&frm=20&pv=2&ga_vid=1419076536.1633007779&ga_sid=1633007779&ga_hid=424144027&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=438&ady=9&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062369%2C31062943%2C31062944&oid=3&pvsid=2431813192142652&pem=147&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=dZHPcua2QY&p=https%3A//d2.consoletarget.com&dtd=120
Frame ID: 533199D96E1CD63BFD27405B602165A3
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9116440445344191&output=html&h=250&slotname=7302388926&adk=4210093258&adf=3677441513&pi=t.ma~as.7302388926&w=300&lmt=1633007779&psa=0&format=300x250&url=https%3A%2F%2Fd2.consoletarget.com%2F%3Fy%3Dcdd07634%26x%3DktVrDlr%252BQZgiyDAa2CWtTJWZR7mJ%252Fya98O5DH%252BZrC1kk7R5dxzj%252F8hZb1J%252BUQ9K7ZKFIj%252BsfcAkMaUlwAKBB9TrU4pu%252F8UWsqpM9wqUeaXE%252F%252BJX0heuxH%252BKGSlJkpRbQleHDx6whNEqkKAmVk7J56Hl4To%252FWf26wlX1R1bkQHb4%253D&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633007779296&bpp=1&bdt=209&idt=126&shv=r20210927&mjsv=m202109270101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=3853090196755&frm=20&pv=1&ga_vid=1419076536.1633007779&ga_sid=1633007779&ga_hid=424144027&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=868&ady=104&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062369%2C31062943%2C31062944&oid=3&pvsid=2431813192142652&pem=147&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=5czQhonW8b&p=https%3A//d2.consoletarget.com&dtd=134
Frame ID: 09010F2FCA89AAAF6B5F4109A553B5E2
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9116440445344191&output=html&h=60&slotname=8779122127&adk=4048629624&adf=4055959512&pi=t.ma~as.8779122127&w=468&lmt=1633007779&psa=0&format=468x60&url=https%3A%2F%2Fd2.consoletarget.com%2F%3Fy%3Dcdd07634%26x%3DktVrDlr%252BQZgiyDAa2CWtTJWZR7mJ%252Fya98O5DH%252BZrC1kk7R5dxzj%252F8hZb1J%252BUQ9K7ZKFIj%252BsfcAkMaUlwAKBB9TrU4pu%252F8UWsqpM9wqUeaXE%252F%252BJX0heuxH%252BKGSlJkpRbQleHDx6whNEqkKAmVk7J56Hl4To%252FWf26wlX1R1bkQHb4%253D&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633007779297&bpp=1&bdt=209&idt=140&shv=r20210927&mjsv=m202109270101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C300x250&correlator=3853090196755&frm=20&pv=1&ga_vid=1419076536.1633007779&ga_sid=1633007779&ga_hid=424144027&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=566&ady=411&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062369%2C31062943%2C31062944&oid=3&pvsid=2431813192142652&pem=147&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=A1EI24E3Sj&p=https%3A//d2.consoletarget.com&dtd=144
Frame ID: E0861913FF89218E53769B7111B31C9E
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9116440445344191&output=html&adk=1812271804&adf=3025194257&lmt=1633007779&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fd2.consoletarget.com%2F%3Fy%3Dcdd07634%26x%3DktVrDlr%252BQZgiyDAa2CWtTJWZR7mJ%252Fya98O5DH%252BZrC1kk7R5dxzj%252F8hZb1J%252BUQ9K7ZKFIj%252BsfcAkMaUlwAKBB9TrU4pu%252F8UWsqpM9wqUeaXE%252F%252BJX0heuxH%252BKGSlJkpRbQleHDx6whNEqkKAmVk7J56Hl4To%252FWf26wlX1R1bkQHb4%253D&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633007779312&bpp=1&bdt=224&idt=135&shv=r20210927&mjsv=m202109270101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C300x250%2C468x60&nras=1&correlator=3853090196755&frm=20&pv=1&ga_vid=1419076536.1633007779&ga_sid=1633007779&ga_hid=424144027&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062369%2C31062943%2C31062944&oid=3&pvsid=2431813192142652&pem=147&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&dtd=140
Frame ID: DC3FA003095CB98AC24B45EBE76F90F6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: FAB63C7D6498535201C9F35F19595F8B
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 833EFB7BBF70E1C33BD7D8B0E75D8FEB
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/-1aq-589pTXQhIX0O0sr0by93NOseZw7_D6wdr9M3ZU.js
Frame ID: A1A9100C39BFE05F1809EB7E1EDA35C5
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 58421B7EAFFC4918C4E8F7A5352A41B3
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/-1aq-589pTXQhIX0O0sr0by93NOseZw7_D6wdr9M3ZU.js
Frame ID: D38924DB90F29D9F27AC26E991B17CF6
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/-1aq-589pTXQhIX0O0sr0by93NOseZw7_D6wdr9M3ZU.js
Frame ID: AE1D8555AE28C52306E967D8B6E2CD7A
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 2512092B5FD380859FEDB25530467306
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A5AA6178D7D97A656C9171F2CAA5B63E
Requests: 2 HTTP requests in this frame

Frame: https://s1.filetarget.net/@_ff_bt.php
Frame ID: 0ABF6F6705A3DFFE3B32C017726C8D06
Requests: 2 HTTP requests in this frame

Frame: https://s1.filetarget.net/@_kgn.php?sz=bn&sn=gcweu&bg=gcw&cn=US&df=&ns=1&id=&nf=0
Frame ID: E6F1463D3AC2442269E73250DD6574E3
Requests: 2 HTTP requests in this frame

Frame: https://s1.filetarget.net/!_games.php?sz=sk&sn=gcweu&bg=gcw&cn=US&ns=1&id=&nf=0&pr=1
Frame ID: 5B470CF068A1CED26E56D47DBEF4CEA8
Requests: 2 HTTP requests in this frame

Frame: https://s1.filetarget.net/@_kgn.php?sz=bs&sn=gcweu&bg=gcw&cn=US&df=&ns=1&id=&nf=1
Frame ID: D9C5C9D31D0D643EB33065BCD75116B1
Requests: 2 HTTP requests in this frame

Frame: https://s1.filetarget.net/@_tc.php?sz=bn&sn=gcweu&bg=gcw&cn=US&df=&ns=0&id=&nf=0&np=1
Frame ID: 8E05A879B7704A489C5F4D3A67BCCCCF
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Mars: War Logs - PC Game Trainer Cheat PlayFix No-CD No-DVD | GameCopyWorld

Page URL History Show full URLs

https://d2.consoletarget.com/?y=cdd07634&x=ktVrDlr%2BQZgiyDAa2CWtTJWZR7mJ%2Fya98O5DH%2BZrC1kk7R5dxzj%2F8h... Page URL
https://gamecopyworld.eu/games/pc_mars_war_logs.shtml Page URL

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Osano (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cookieconsent\.min\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

92
Requests

97 %
HTTPS

0 %
IPv6

10
Domains

12
Subdomains

12
IPs

3
Countries

4757 kB
Transfer

5897 kB
Size

7
Cookies

13 Outgoing links

These are links going to different origins than the main page.

URL: https://www.gamecopyworld.com/
Title: Switch > GCW.com

Search URL Search Domain Scan URL

URL: https://fileforums.com/
Title: FileForums

Search URL Search Domain Scan URL

URL: https://fileforums.com/forumdisplay.php?f=38
Title: Backup FAQ

Search URL Search Domain Scan URL

URL: https://gametarget.net/
Title: GameTarget

Search URL Search Domain Scan URL

URL: https://consolecopyworld.com/
Title: Console CopyWorld

Search URL Search Domain Scan URL

URL: https://covertarget.com/
Title: Cover Target

Search URL Search Domain Scan URL

URL: https://cdmediaworld.com/
Title: CD Media World

Search URL Search Domain Scan URL

URL: https://lnkworld.com/
Title: LinkWorld

Search URL Search Domain Scan URL

URL: https://musictarget.com/
Title: Music Target

Search URL Search Domain Scan URL

URL: https://covertarget.com/sr.php?cat=4&search=Mars:%20War%20Logs
Title: Cover Target

Search URL Search Domain Scan URL

URL: http://fileforums.com/search.php?s=&do=process&query=Mars:%20War%20Logs
Title: Mars: War Logs

Search URL Search Domain Scan URL

URL: https://fileforums.com/showthread.php?t=73906#CrackProblems_CrackContainsMalware
Title: PC Games FAQ

Search URL Search Domain Scan URL

URL: http://a-kabini.samenblog.com/
Title: Site

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://d2.consoletarget.com/?y=cdd07634&x=ktVrDlr%2BQZgiyDAa2CWtTJWZR7mJ%2Fya98O5DH%2BZrC1kk7R5dxzj%2F8hZb1J%2BUQ9K7ZKFIj%2BsfcAkMaUlwAKBB9TrU4pu%2F8UWsqpM9wqUeaXE%2F%2BJX0heuxH%2BKGSlJkpRbQleHDx6whNEqkKAmVk7J56Hl4To%2FWf26wlX1R1bkQHb4%3D Page URL
https://gamecopyworld.eu/games/pc_mars_war_logs.shtml Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 44

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 49

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 51

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 83

https://s1.filetarget.net/!_bt.php?sz=bn&sn=gcweu&bg=gcw_hdr&do=1&ns=0&nf= HTTP 302
https://s1.filetarget.net/@_ff_bt.php

Request Chain 84

https://s1.filetarget.net/!_top.php?sz=bn&sn=gcweu&bg=gcw&ns=0&nf= HTTP 302
https://s1.filetarget.net/!_bn.php?sz=bn&sn=gcweu&bg=gcw&cn=US&df=&ns=0&id=&nf=0&kw= HTTP 302
https://s1.filetarget.net/@_kgn.php?sz=bn&sn=gcweu&bg=gcw&cn=US&df=&ns=1&id=&nf=0

Request Chain 85

https://s1.filetarget.net/!_sk.php?sz=sk&sn=gcweu&bg=gcw&ns=0&nf= HTTP 302
https://s1.filetarget.net/!_geo.php?sz=sk&sn=gcweu&bg=gcw&cn=US&df=&ns=1&id=&nf=0&sk= HTTP 302
https://s1.filetarget.net/!_sk.php?sz=sk&sn=gcweu&bg=gcw&ng=1&ns=1&cn=US&kw=&bt=&nu=&sk=&dn=&id= HTTP 302
https://s1.filetarget.net/!_games.php?sz=sk&sn=gcweu&bg=gcw&cn=US&ns=1&id=&nf=0&pr=1

Request Chain 86

https://s1.filetarget.net/!_bs.php?sz=bs&bl=1&sn=gcweu&bg=gcw&ns=0&nf= HTTP 302
https://s1.filetarget.net/@_az.php?sz=bs&sn=gcweu&bg=gcw&cn=US&df=&ns=1&id=&nf=0 HTTP 302
https://s1.filetarget.net/!_bs.php?sz=bs&sn=gcweu&bg=gcw&ng=&ns=1&cn=US&kw=&bt=&nu=&sk=&dn=&id=&nf=1 HTTP 302
https://s1.filetarget.net/!_games.php?sz=bs&sn=gcweu&bg=gcw&cn=US&df=&ns=1&id=&nf=1 HTTP 302
https://s1.filetarget.net/!_bs.php?sz=bs&sn=gcweu&bg=gcw&ng=&ns=1&cn=US&kw=&bt=&nu=&sk=&dn=&id= HTTP 302
https://s1.filetarget.net/!_geo.php?sz=bs&sn=gcweu&bg=gcw&cn=US&df=&ns=1&id=&nf=0&sk= HTTP 302
https://s1.filetarget.net/!_bs.php?sz=bs&sn=gcweu&bg=gcw&ng=1&ns=1&cn=US&kw=&bt=&nu=&sk=&dn=&id= HTTP 302
https://s1.filetarget.net/@_az.php?sz=bs&sn=gcweu&bg=gcw&cn=US&df=&ns=1&id=&nf=0 HTTP 302
https://s1.filetarget.net/!_bs.php?sz=bs&sn=gcweu&bg=gcw&ng=&ns=1&cn=US&kw=&bt=&nu=&sk=&dn=&id=&nf=1 HTTP 302
https://s1.filetarget.net/@_kgn.php?sz=bs&sn=gcweu&bg=gcw&cn=US&df=&ns=1&id=&nf=1

Request Chain 87

https://s1.filetarget.net/!_btm.php?sz=bn&sn=gcweu&bg=gcw&ns=0&nf= HTTP 302
https://s1.filetarget.net/@_tc.php?sz=bn&sn=gcweu&bg=gcw&cn=US&df=&ns=0&id=&nf=0&np=1

92 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 / Show response
d2.consoletarget.com/ 8 KB
3 KB 203ms
147ms Document
text/html 172.67.148.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://d2.consoletarget.com/?y=cdd07634&x=ktVrDlr%2BQZgiyDAa2CWtTJWZR7mJ%2Fya98O5DH%2BZrC1kk7R5dxzj%2F8hZb1J%2BUQ9K7ZKFIj%2BsfcAkMaUlwAKBB9TrU4pu%2F8UWsqpM9wqUeaXE%2F%2BJX0heuxH%2BKGSlJkpRbQleHDx6whNEqkKAmVk7J56Hl4To%2FWf26wlX1R1bkQHb4%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.148.24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 74e66dd032ef31ab9ff62cf1eccb28e325483454b2794f2bfba58c18b514d457

Request headers

:method: GET
:authority: d2.consoletarget.com
:scheme: https
:path: /?y=cdd07634&x=ktVrDlr%2BQZgiyDAa2CWtTJWZR7mJ%2Fya98O5DH%2BZrC1kk7R5dxzj%2F8hZb1J%2BUQ9K7ZKFIj%2BsfcAkMaUlwAKBB9TrU4pu%2F8UWsqpM9wqUeaXE%2F%2BJX0heuxH%2BKGSlJkpRbQleHDx6whNEqkKAmVk7J56Hl4To%2FWf26wlX1R1bkQHb4%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Thu, 30 Sep 2021 13:16:19 GMT
content-type: text/html; charset=UTF-8
set-cookie: PHPSESSID=r1jjk9sute01pqfl7bonq3i9j7; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, max-age=0 post-check=0, pre-check=0
pragma: no-cache
x-robots-tag: noindex, nofollow, noarchive, nosnippet
vary: Accept-Encoding
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l9sX1vK1pouTvjk%2F4T0cKgk1tQoI9duf%2F8z22vOrzxR2LAJyZQIKm9A7h%2Bc3h9ScijTeRR1YBvgdEM8SWrzs%2FZfB4rJkxWFHv6JgZTnw6J%2FPz2XhuBp4fYBACPgxF0Ws%2BiAtw0xC0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 696db99a6f694119-PRG
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 site.css
d2.consoletarget.com/ 3 KB
903 B 110ms
109ms Stylesheet
text/css 172.67.148.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://d2.consoletarget.com/site.css?7540
Requested by: Host: d2.consoletarget.com
URL: https://d2.consoletarget.com/?y=cdd07634&x=ktVrDlr%2BQZgiyDAa2CWtTJWZR7mJ%2Fya98O5DH%2BZrC1kk7R5dxzj%2F8hZb1J%2BUQ9K7ZKFIj%2BsfcAkMaUlwAKBB9TrU4pu%2F8UWsqpM9wqUeaXE%2F%2BJX0heuxH%2BKGSlJkpRbQleHDx6whNEqkKAmVk7J56Hl4To%2FWf26wlX1R1bkQHb4%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.148.24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 060c126a38460626d946329d21b142e8549a27661bd40dbb5b61dd015b5bc44c

Request headers

:path: /site.css?7540
pragma: no-cache
cookie: PHPSESSID=r1jjk9sute01pqfl7bonq3i9j7
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: d2.consoletarget.com
referer: https://d2.consoletarget.com/?y=cdd07634&x=ktVrDlr%2BQZgiyDAa2CWtTJWZR7mJ%2Fya98O5DH%2BZrC1kk7R5dxzj%2F8hZb1J%2BUQ9K7ZKFIj%2BsfcAkMaUlwAKBB9TrU4pu%2F8UWsqpM9wqUeaXE%2F%2BJX0heuxH%2BKGSlJkpRbQleHDx6whNEqkKAmVk7J56Hl4To%2FWf26wlX1R1bkQHb4%3D
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://d2.consoletarget.com/?y=cdd07634&x=ktVrDlr%2BQZgiyDAa2CWtTJWZR7mJ%2Fya98O5DH%2BZrC1kk7R5dxzj%2F8hZb1J%2BUQ9K7ZKFIj%2BsfcAkMaUlwAKBB9TrU4pu%2F8UWsqpM9wqUeaXE%2F%2BJX0heuxH%2BKGSlJkpRbQleHDx6whNEqkKAmVk7J56Hl4To%2FWf26wlX1R1bkQHb4%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 13:16:19 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 26 May 2018 08:15:24 GMT
server: cloudflare
etag: W/"af1-56d177c825814-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=237Q4gDCtSWictKIz8vpHR23pEsgbWsqY4djXg2c9%2B%2F5W3FGvIb9fYVoKGh%2BCXR96%2B2nApv7NOjqe%2BM6gdrwLmejK2kisokloIihKOCeDeYlQHpvJVkmL3Yi73AeRESMp8IWopDQTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 696db99b785f4119-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Thu, 07 Oct 2021 13:16:19 GMT

GET
H2 200 jquery.min.js Show response
d2.consoletarget.com/js/ 94 KB
34 KB 25ms
24ms Script
application/javascript 172.67.148.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://d2.consoletarget.com/js/jquery.min.js
Requested by: Host: d2.consoletarget.com
URL: https://d2.consoletarget.com/?y=cdd07634&x=ktVrDlr%2BQZgiyDAa2CWtTJWZR7mJ%2Fya98O5DH%2BZrC1kk7R5dxzj%2F8hZb1J%2BUQ9K7ZKFIj%2BsfcAkMaUlwAKBB9TrU4pu%2F8UWsqpM9wqUeaXE%2F%2BJX0heuxH%2BKGSlJkpRbQleHDx6whNEqkKAmVk7J56Hl4To%2FWf26wlX1R1bkQHb4%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.148.24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0

Request headers

:path: /js/jquery.min.js
pragma: no-cache
cookie: PHPSESSID=r1jjk9sute01pqfl7bonq3i9j7
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: d2.consoletarget.com
referer: https://d2.consoletarget.com/?y=cdd07634&x=ktVrDlr%2BQZgiyDAa2CWtTJWZR7mJ%2Fya98O5DH%2BZrC1kk7R5dxzj%2F8hZb1J%2BUQ9K7ZKFIj%2BsfcAkMaUlwAKBB9TrU4pu%2F8UWsqpM9wqUeaXE%2F%2BJX0heuxH%2BKGSlJkpRbQleHDx6whNEqkKAmVk7J56Hl4To%2FWf26wlX1R1bkQHb4%3D
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://d2.consoletarget.com/?y=cdd07634&x=ktVrDlr%2BQZgiyDAa2CWtTJWZR7mJ%2Fya98O5DH%2BZrC1kk7R5dxzj%2F8hZb1J%2BUQ9K7ZKFIj%2BsfcAkMaUlwAKBB9TrU4pu%2F8UWsqpM9wqUeaXE%2F%2BJX0heuxH%2BKGSlJkpRbQleHDx6whNEqkKAmVk7J56Hl4To%2FWf26wlX1R1bkQHb4%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 13:16:19 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 443181
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Sat, 03 Oct 2015 22:24:22 GMT
server: cloudflare
etag: W/"176bb-5213abdf01180-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RaQ2KVBX2sY6teuhr%2B8vcq2zxkNBO6GrWys6jz7Wp3sHHJuNyVjn%2BWmizNYPvS3rmZ2dh5%2FpbjacaE8%2Bri8mmomcWJj6c%2Bi0bo2kfnmIIf15ylMTIjxo%2BQz6lCKvdyz5FkyUqvjjRg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=604800
cf-ray: 696db99b78604119-PRG
expires: Sat, 02 Oct 2021 10:09:58 GMT

GET
H2 200 cookieconsent.min.css
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/ 4 KB
2 KB 32ms
16ms Stylesheet
text/css 104.16.18.94
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.css

Requested by

Host: d2.consoletarget.com
URL: https://d2.consoletarget.com/?y=cdd07634&x=ktVrDlr%2BQZgiyDAa2CWtTJWZR7mJ%2Fya98O5DH%2BZrC1kk7R5dxzj%2F8hZb1J%2BUQ9K7ZKFIj%2BsfcAkMaUlwAKBB9TrU4pu%2F8UWsqpM9wqUeaXE%2F%2BJX0heuxH%2BKGSlJkpRbQleHDx6whNEqkKAmVk7J56Hl4To%2FWf26wlX1R1bkQHb4%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.18.94 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

456ab1a71507ed91abae14c9d08faffb373a7bc711a66e44341b7b8b7bb72ab4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d2.consoletarget.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 13:16:19 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 581381
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 948
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:09:17 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e2d-f62"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lofdyA11579f6Udlqb2PgerU9Wa83RFBPyJ17vUpGsm%2F98hJYd0fuW2Y38T09WsDf2xZjOaT0wb2oQjBDbPYv2rU%2F0WcLofAnm477dYx4eUlXVDrngybAHtekopuEYg3VLKCyUsJ"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 696db99b8ecd05e9-FRA
expires: Tue, 20 Sep 2022 13:16:19 GMT

GET
H2 200 cookieconsent.min.js Show response
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/ 19 KB
6 KB 37ms
21ms Script
application/javascript 104.16.18.94
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.18.94 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

af4c6683814aa527caf53bde3d021e6aafe00833b45f2dead043c87ed7864674

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d2.consoletarget.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 13:16:19 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 64931
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 5676
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:09:17 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e2d-4d5a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rmokXs6WgClk1v0VHHsKEZXKqZ65Y%2BRiMkl4PE15EZxke1ktkSR32CMLbbrCSAbO0JzZlhtHouzhmiMdYzfulzgnDp%2B4wUJYpB4sUKUiFf%2BOIx6A74%2FY8LUjpRZQFcR5G3ogwwx3"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 696db99b8ed105e9-FRA
expires: Tue, 20 Sep 2022 13:16:19 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 143 KB
50 KB 79ms
34ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

2849484c9ed181b9f9aff94fa6058937af8d8bfc8765b7e66560ab96597bc5ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d2.consoletarget.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 13:16:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 50865
x-xss-protection: 0
server: cafe
etag: 5898714419085221055
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 30 Sep 2021 13:16:19 GMT

GET
H/1.1 200
OK libcode3.js Show response
adserver.adreactor.com/js/ 25 KB
8 KB 70ms
16ms Script
text/javascript 46.166.179.123
NFORCE

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver.adreactor.com/js/libcode3.js
Requested by: Host: d2.consoletarget.com
URL: https://d2.consoletarget.com/?y=cdd07634&x=ktVrDlr%2BQZgiyDAa2CWtTJWZR7mJ%2Fya98O5DH%2BZrC1kk7R5dxzj%2F8hZb1J%2BUQ9K7ZKFIj%2BsfcAkMaUlwAKBB9TrU4pu%2F8UWsqpM9wqUeaXE%2F%2BJX0heuxH%2BKGSlJkpRbQleHDx6whNEqkKAmVk7J56Hl4To%2FWf26wlX1R1bkQHb4%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 46.166.179.123 , Netherlands, ASN43350 (NFORCE, NL),
Reverse DNS: ptr11.adreactor.com
Software: nginx /
Resource Hash: ccca0dba2f0d3225f8c05ff7e36c3897965d5a37f1d41318d99075c92f368383

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d2.consoletarget.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 30 Sep 2021 13:16:18 GMT
Content-Encoding: gzip
Last-Modified: Thu, 18 Feb 2021 14:52:02 GMT
Server: nginx
Vary: Accept-Encoding, Accept-Encoding
Content-Type: text/javascript;charset=UTF-8
Cache-Control: public, max-age=86400
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Fri, 01 Oct 2021 13:16:18 GMT

GET
H3 200 p1.js Show response
d2.consoletarget.com/js/ 34 KB
19 KB 25ms
25ms Script
application/javascript 172.67.148.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://d2.consoletarget.com/js/p1.js
Requested by: Host: d2.consoletarget.com
URL: https://d2.consoletarget.com/?y=cdd07634&x=ktVrDlr%2BQZgiyDAa2CWtTJWZR7mJ%2Fya98O5DH%2BZrC1kk7R5dxzj%2F8hZb1J%2BUQ9K7ZKFIj%2BsfcAkMaUlwAKBB9TrU4pu%2F8UWsqpM9wqUeaXE%2F%2BJX0heuxH%2BKGSlJkpRbQleHDx6whNEqkKAmVk7J56Hl4To%2FWf26wlX1R1bkQHb4%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.148.24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bfee47b19d95211872f1a4e09adf5a485f90bbca674bd8afeb4c208152940a1f

Request headers

:path: /js/p1.js
pragma: no-cache
cookie: PHPSESSID=r1jjk9sute01pqfl7bonq3i9j7
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: d2.consoletarget.com
referer: https://d2.consoletarget.com/?y=cdd07634&x=ktVrDlr%2BQZgiyDAa2CWtTJWZR7mJ%2Fya98O5DH%2BZrC1kk7R5dxzj%2F8hZb1J%2BUQ9K7ZKFIj%2BsfcAkMaUlwAKBB9TrU4pu%2F8UWsqpM9wqUeaXE%2F%2BJX0heuxH%2BKGSlJkpRbQleHDx6whNEqkKAmVk7J56Hl4To%2FWf26wlX1R1bkQHb4%3D
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://d2.consoletarget.com/?y=cdd07634&x=ktVrDlr%2BQZgiyDAa2CWtTJWZR7mJ%2Fya98O5DH%2BZrC1kk7R5dxzj%2F8hZb1J%2BUQ9K7ZKFIj%2BsfcAkMaUlwAKBB9TrU4pu%2F8UWsqpM9wqUeaXE%2F%2BJX0heuxH%2BKGSlJkpRbQleHDx6whNEqkKAmVk7J56Hl4To%2FWf26wlX1R1bkQHb4%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 13:16:19 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 18493
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 17 Dec 2019 20:11:35 GMT
server: cloudflare
etag: W/"88d9-599ebef514bc0-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YOLsZ7x%2F5%2B0w31JX5ua5SeOvJdVGzorBX2vOQmko%2F9QCpYiWAz3bsMSnXgLiVEtzsu2l0nj1RzhpjWzoc%2FSzCKGP1JfzYvO8Dj61Ssb%2BNXoKp6%2FIZdZRY%2FKduFSGGoR5oip5C1z7VQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=604800
cf-ray: 696db99c6e8cf9ce-PRG
expires: Thu, 07 Oct 2021 08:08:06 GMT

GET
H3 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109270101/ 257 KB
95 KB 47ms
32ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109270101/show_ads_impl_fy2019.js?bust=31062943

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

3523f4564607513e81b5fd0c6612a4e7dd94cce6830b24843bcb79b277d253ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d2.consoletarget.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 13:16:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 97121
x-xss-protection: 0
server: cafe
etag: 1204139040078545873
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Sep 2021 13:16:19 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210927/r20190131/ Frame 9A11 10 KB
5 KB 30ms
7ms Document
text/html 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210927/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

8806d9eaf9e8ca89fa2404e8cb66a9fa115e0a0f687ad0dcd91cabce4c2179c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210927/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://d2.consoletarget.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://d2.consoletarget.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Wed, 29 Sep 2021 23:50:07 GMT
expires: Wed, 13 Oct 2021 23:50:07 GMT
content-type: text/html; charset=UTF-8
etag: 297313706323796346
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4617
x-xss-protection: 0
age: 48372
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 206 e1194_1.mp4
d2.consoletarget.com/i/tc/pm/ 3 MB
3 MB 123ms
122ms Media
video/mp4 172.67.148.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://d2.consoletarget.com/i/tc/pm/e1194_1.mp4
Requested by: Host: d2.consoletarget.com
URL: https://d2.consoletarget.com/?y=cdd07634&x=ktVrDlr%2BQZgiyDAa2CWtTJWZR7mJ%2Fya98O5DH%2BZrC1kk7R5dxzj%2F8hZb1J%2BUQ9K7ZKFIj%2BsfcAkMaUlwAKBB9TrU4pu%2F8UWsqpM9wqUeaXE%2F%2BJX0heuxH%2BKGSlJkpRbQleHDx6whNEqkKAmVk7J56Hl4To%2FWf26wlX1R1bkQHb4%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.148.24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 49e94ae45a0fa8efe4ce0e945476a0911223c376d360b3f5a7ee96b244c711a1

Request headers

sec-fetch-mode: cors
accept-encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
sec-fetch-dest: video
cookie: PHPSESSID=r1jjk9sute01pqfl7bonq3i9j7
:path: /i/tc/pm/e1194_1.mp4
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept: */*
cache-control: no-cache
:authority: d2.consoletarget.com
referer: https://d2.consoletarget.com/?y=cdd07634&x=ktVrDlr%2BQZgiyDAa2CWtTJWZR7mJ%2Fya98O5DH%2BZrC1kk7R5dxzj%2F8hZb1J%2BUQ9K7ZKFIj%2BsfcAkMaUlwAKBB9TrU4pu%2F8UWsqpM9wqUeaXE%2F%2BJX0heuxH%2BKGSlJkpRbQleHDx6whNEqkKAmVk7J56Hl4To%2FWf26wlX1R1bkQHb4%3D
:scheme: https
sec-fetch-site: same-origin
range: bytes=0-
:method: GET
Referer: https://d2.consoletarget.com/?y=cdd07634&x=ktVrDlr%2BQZgiyDAa2CWtTJWZR7mJ%2Fya98O5DH%2BZrC1kk7R5dxzj%2F8hZb1J%2BUQ9K7ZKFIj%2BsfcAkMaUlwAKBB9TrU4pu%2F8UWsqpM9wqUeaXE%2F%2BJX0heuxH%2BKGSlJkpRbQleHDx6whNEqkKAmVk7J56Hl4To%2FWf26wlX1R1bkQHb4%3D
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Range: bytes=0-

Response headers

date: Thu, 30 Sep 2021 13:16:19 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Content-Range: bytes 0-2735059/2735060
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length: 2735060
last-modified: Tue, 09 Jul 2019 14:00:15 GMT
server: cloudflare
etag: "29bbd4-58d3ffae52bfd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x16LxyfFN920alMGZYZk2etLzTmHXVqEa%2FDKu9X7Grl%2FxbUrhQAOxMCw9jWsNjXpUEvCI4HGlj0Dx5pMQCg3PWrowdfEg9QbsyKvU3N7S5RMMl3oONCqkOtAI4qjEH8iH5zQBrtJNA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: video/mp4
cache-control: max-age=14400
cf-ray: 696db99d0eeef9ce-PRG
expires: Thu, 30 Sep 2021 13:16:19 GMT

GET
H/1.1 200
OK 1633007779377 Show response
adserver.adreactor.com/servlet/tagger/36148723/ 67 B
580 B 14ms
14ms Script
text/javascript 46.166.179.123
NFORCE

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver.adreactor.com/servlet/tagger/36148723/1633007779377
Requested by: Host: adserver.adreactor.com
URL: https://adserver.adreactor.com/js/libcode3.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 46.166.179.123 , Netherlands, ASN43350 (NFORCE, NL),
Reverse DNS: ptr11.adreactor.com
Software: nginx /
Resource Hash: a8976959ee6a37392fa435cfabf7935aeabf34f509fbb6e46a931b448402717d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d2.consoletarget.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 30 Sep 2021 13:16:18 GMT
Content-Encoding: gzip
Server: nginx
X-Robots-Tag: none
Vary: Accept-Encoding
P3P: CP="NOI DSP COR NID"
Cache-Control: no-cache, no-store
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: text/javascript;charset=UTF-8
Expires: Thu, 31 Dec 1998 11:59:59 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 207 B
662 B 64ms
25ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=d2.consoletarget.com&callback=_gfp_s_&client=ca-pub-9116440445344191

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109270101/show_ads_impl_fy2019.js?bust=31062943

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

d7f53fe655005e5c76409d0d5cbde112b974bf6fd18b38c958c6da337ddac66a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d2.consoletarget.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 13:16:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 196
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
570 B 44ms
16ms Script
application/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=d2.consoletarget.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109270101/show_ads_impl_fy2019.js?bust=31062943

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d2.consoletarget.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 30 Sep 2021 13:16:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5331 73 KB
26 KB 517ms
492ms Document
text/html 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9116440445344191&output=html&h=90&slotname=6663260524&adk=2451648850&adf=207028156&pi=t.ma~as.6663260524&w=728&lmt=1633007779&psa=0&format=728x90&url=https%3A%2F%2Fd2.consoletarget.com%2F%3Fy%3Dcdd07634%26x%3DktVrDlr%252BQZgiyDAa2CWtTJWZR7mJ%252Fya98O5DH%252BZrC1kk7R5dxzj%252F8hZb1J%252BUQ9K7ZKFIj%252BsfcAkMaUlwAKBB9TrU4pu%252F8UWsqpM9wqUeaXE%252F%252BJX0heuxH%252BKGSlJkpRbQleHDx6whNEqkKAmVk7J56Hl4To%252FWf26wlX1R1bkQHb4%253D&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633007779292&bpp=4&bdt=204&idt=94&shv=r20210927&mjsv=m202109270101&ptt=9&saldr=aa&abxe=1&correlator=3853090196755&frm=20&pv=2&ga_vid=1419076536.1633007779&ga_sid=1633007779&ga_hid=424144027&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=438&ady=9&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062369%2C31062943%2C31062944&oid=3&pvsid=2431813192142652&pem=147&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=dZHPcua2QY&p=https%3A//d2.consoletarget.com&dtd=120

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109270101/show_ads_impl_fy2019.js?bust=31062943

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

4ce1b0024647ba71e155c85282b66ce435de0be7fa1e04aaaa7371adc8642afd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-9116440445344191&output=html&h=90&slotname=6663260524&adk=2451648850&adf=207028156&pi=t.ma~as.6663260524&w=728&lmt=1633007779&psa=0&format=728x90&url=https%3A%2F%2Fd2.consoletarget.com%2F%3Fy%3Dcdd07634%26x%3DktVrDlr%252BQZgiyDAa2CWtTJWZR7mJ%252Fya98O5DH%252BZrC1kk7R5dxzj%252F8hZb1J%252BUQ9K7ZKFIj%252BsfcAkMaUlwAKBB9TrU4pu%252F8UWsqpM9wqUeaXE%252F%252BJX0heuxH%252BKGSlJkpRbQleHDx6whNEqkKAmVk7J56Hl4To%252FWf26wlX1R1bkQHb4%253D&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633007779292&bpp=4&bdt=204&idt=94&shv=r20210927&mjsv=m202109270101&ptt=9&saldr=aa&abxe=1&correlator=3853090196755&frm=20&pv=2&ga_vid=1419076536.1633007779&ga_sid=1633007779&ga_hid=424144027&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=438&ady=9&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062369%2C31062943%2C31062944&oid=3&pvsid=2431813192142652&pem=147&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=dZHPcua2QY&p=https%3A//d2.consoletarget.com&dtd=120
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://d2.consoletarget.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://d2.consoletarget.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 30 Sep 2021 13:16:19 GMT
server: cafe
content-length: 26520
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 30-Sep-2021 13:31:19 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 30 Sep 2021 13:16:19 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 72 KB
28 KB 98ms
25ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109270101/show_ads_impl_fy2019.js?bust=31062943

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

e5668ad294690c0def710438c8462f2eb7ece9e8ef4b7ab53cb93a45d1f8cd7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d2.consoletarget.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 13:16:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27596
x-xss-protection: 0
server: sffe
etag: "1632742284803949"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="active-view-scs-read-write-acl"
expires: Thu, 30 Sep 2021 13:16:19 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0901 69 KB
25 KB 648ms
640ms Document
text/html 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9116440445344191&output=html&h=250&slotname=7302388926&adk=4210093258&adf=3677441513&pi=t.ma~as.7302388926&w=300&lmt=1633007779&psa=0&format=300x250&url=https%3A%2F%2Fd2.consoletarget.com%2F%3Fy%3Dcdd07634%26x%3DktVrDlr%252BQZgiyDAa2CWtTJWZR7mJ%252Fya98O5DH%252BZrC1kk7R5dxzj%252F8hZb1J%252BUQ9K7ZKFIj%252BsfcAkMaUlwAKBB9TrU4pu%252F8UWsqpM9wqUeaXE%252F%252BJX0heuxH%252BKGSlJkpRbQleHDx6whNEqkKAmVk7J56Hl4To%252FWf26wlX1R1bkQHb4%253D&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633007779296&bpp=1&bdt=209&idt=126&shv=r20210927&mjsv=m202109270101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=3853090196755&frm=20&pv=1&ga_vid=1419076536.1633007779&ga_sid=1633007779&ga_hid=424144027&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=868&ady=104&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062369%2C31062943%2C31062944&oid=3&pvsid=2431813192142652&pem=147&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=5czQhonW8b&p=https%3A//d2.consoletarget.com&dtd=134

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109270101/show_ads_impl_fy2019.js?bust=31062943

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

8aecdbe2b9eb48816533c004a9d5052250a3f74193b9ade1a36a73b66a7353af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-9116440445344191&output=html&h=250&slotname=7302388926&adk=4210093258&adf=3677441513&pi=t.ma~as.7302388926&w=300&lmt=1633007779&psa=0&format=300x250&url=https%3A%2F%2Fd2.consoletarget.com%2F%3Fy%3Dcdd07634%26x%3DktVrDlr%252BQZgiyDAa2CWtTJWZR7mJ%252Fya98O5DH%252BZrC1kk7R5dxzj%252F8hZb1J%252BUQ9K7ZKFIj%252BsfcAkMaUlwAKBB9TrU4pu%252F8UWsqpM9wqUeaXE%252F%252BJX0heuxH%252BKGSlJkpRbQleHDx6whNEqkKAmVk7J56Hl4To%252FWf26wlX1R1bkQHb4%253D&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633007779296&bpp=1&bdt=209&idt=126&shv=r20210927&mjsv=m202109270101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=3853090196755&frm=20&pv=1&ga_vid=1419076536.1633007779&ga_sid=1633007779&ga_hid=424144027&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=868&ady=104&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062369%2C31062943%2C31062944&oid=3&pvsid=2431813192142652&pem=147&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=5czQhonW8b&p=https%3A//d2.consoletarget.com&dtd=134
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://d2.consoletarget.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://d2.consoletarget.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 30 Sep 2021 13:16:20 GMT
server: cafe
content-length: 25800
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 30-Sep-2021 13:31:19 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 30 Sep 2021 13:16:20 GMT
cache-control: private

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E086 70 KB
26 KB 326ms
326ms Document
text/html 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9116440445344191&output=html&h=60&slotname=8779122127&adk=4048629624&adf=4055959512&pi=t.ma~as.8779122127&w=468&lmt=1633007779&psa=0&format=468x60&url=https%3A%2F%2Fd2.consoletarget.com%2F%3Fy%3Dcdd07634%26x%3DktVrDlr%252BQZgiyDAa2CWtTJWZR7mJ%252Fya98O5DH%252BZrC1kk7R5dxzj%252F8hZb1J%252BUQ9K7ZKFIj%252BsfcAkMaUlwAKBB9TrU4pu%252F8UWsqpM9wqUeaXE%252F%252BJX0heuxH%252BKGSlJkpRbQleHDx6whNEqkKAmVk7J56Hl4To%252FWf26wlX1R1bkQHb4%253D&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633007779297&bpp=1&bdt=209&idt=140&shv=r20210927&mjsv=m202109270101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C300x250&correlator=3853090196755&frm=20&pv=1&ga_vid=1419076536.1633007779&ga_sid=1633007779&ga_hid=424144027&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=566&ady=411&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062369%2C31062943%2C31062944&oid=3&pvsid=2431813192142652&pem=147&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=A1EI24E3Sj&p=https%3A//d2.consoletarget.com&dtd=144

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109270101/show_ads_impl_fy2019.js?bust=31062943

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

2e1dda8f4d03002070076628c25fcfc80c63797c31b3deade9c0f12437928bfe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-9116440445344191&output=html&h=60&slotname=8779122127&adk=4048629624&adf=4055959512&pi=t.ma~as.8779122127&w=468&lmt=1633007779&psa=0&format=468x60&url=https%3A%2F%2Fd2.consoletarget.com%2F%3Fy%3Dcdd07634%26x%3DktVrDlr%252BQZgiyDAa2CWtTJWZR7mJ%252Fya98O5DH%252BZrC1kk7R5dxzj%252F8hZb1J%252BUQ9K7ZKFIj%252BsfcAkMaUlwAKBB9TrU4pu%252F8UWsqpM9wqUeaXE%252F%252BJX0heuxH%252BKGSlJkpRbQleHDx6whNEqkKAmVk7J56Hl4To%252FWf26wlX1R1bkQHb4%253D&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633007779297&bpp=1&bdt=209&idt=140&shv=r20210927&mjsv=m202109270101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C300x250&correlator=3853090196755&frm=20&pv=1&ga_vid=1419076536.1633007779&ga_sid=1633007779&ga_hid=424144027&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=566&ady=411&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062369%2C31062943%2C31062944&oid=3&pvsid=2431813192142652&pem=147&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=A1EI24E3Sj&p=https%3A//d2.consoletarget.com&dtd=144
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://d2.consoletarget.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://d2.consoletarget.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 30 Sep 2021 13:16:19 GMT
server: cafe
content-length: 26540
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 30-Sep-2021 13:31:19 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 30 Sep 2021 13:16:19 GMT
cache-control: private

GET
H/1.1 401
Unauthorized zone
adserver.adreactor.com/servlet/view/window/javascript/ajax/ 0
0 17ms
17ms Script
text/html 46.166.179.123
NFORCE

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver.adreactor.com/servlet/view/window/javascript/ajax/zone?zid=23&pid=8845&uuid=587bb5b959156b9d9f0fe117cd657711&sver=1&pvid=21377460&resolution=1600x1200&random=26116500&millis=1633007779445&referrer=https%3A%2F%2Fd2.consoletarget.com%2F%3Fy%3Dcdd07634%26x%3DktVrDlr%252BQZgiyDAa2CWtTJWZR7mJ%252Fya98O5DH%252BZrC1kk7R5dxzj%252F8hZb1J%252BUQ9K7ZKFIj%252BsfcAkMaUlwAKBB9TrU4pu%252F8UWsqpM9wqUeaXE%252F%252BJX0heuxH%252BKGSlJkpRbQleHDx6whNEqkKAmVk7J56Hl4To%252FWf26wlX1R1bkQHb4%253D
Requested by: Host: adserver.adreactor.com
URL: https://adserver.adreactor.com/js/libcode3.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 46.166.179.123 , Netherlands, ASN43350 (NFORCE, NL),
Reverse DNS: ptr11.adreactor.com
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d2.consoletarget.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame DC3F 0
19 B 26ms
26ms Document
text/html 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9116440445344191&output=html&adk=1812271804&adf=3025194257&lmt=1633007779&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fd2.consoletarget.com%2F%3Fy%3Dcdd07634%26x%3DktVrDlr%252BQZgiyDAa2CWtTJWZR7mJ%252Fya98O5DH%252BZrC1kk7R5dxzj%252F8hZb1J%252BUQ9K7ZKFIj%252BsfcAkMaUlwAKBB9TrU4pu%252F8UWsqpM9wqUeaXE%252F%252BJX0heuxH%252BKGSlJkpRbQleHDx6whNEqkKAmVk7J56Hl4To%252FWf26wlX1R1bkQHb4%253D&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633007779312&bpp=1&bdt=224&idt=135&shv=r20210927&mjsv=m202109270101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C300x250%2C468x60&nras=1&correlator=3853090196755&frm=20&pv=1&ga_vid=1419076536.1633007779&ga_sid=1633007779&ga_hid=424144027&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062369%2C31062943%2C31062944&oid=3&pvsid=2431813192142652&pem=147&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&dtd=140

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109270101/show_ads_impl_fy2019.js?bust=31062943

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-9116440445344191&output=html&adk=1812271804&adf=3025194257&lmt=1633007779&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fd2.consoletarget.com%2F%3Fy%3Dcdd07634%26x%3DktVrDlr%252BQZgiyDAa2CWtTJWZR7mJ%252Fya98O5DH%252BZrC1kk7R5dxzj%252F8hZb1J%252BUQ9K7ZKFIj%252BsfcAkMaUlwAKBB9TrU4pu%252F8UWsqpM9wqUeaXE%252F%252BJX0heuxH%252BKGSlJkpRbQleHDx6whNEqkKAmVk7J56Hl4To%252FWf26wlX1R1bkQHb4%253D&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633007779312&bpp=1&bdt=224&idt=135&shv=r20210927&mjsv=m202109270101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C300x250%2C468x60&nras=1&correlator=3853090196755&frm=20&pv=1&ga_vid=1419076536.1633007779&ga_sid=1633007779&ga_hid=424144027&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062369%2C31062943%2C31062944&oid=3&pvsid=2431813192142652&pem=147&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&dtd=140
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://d2.consoletarget.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://d2.consoletarget.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 30 Sep 2021 13:16:19 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 30-Sep-2021 13:31:19 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 30 Sep 2021 13:16:19 GMT
cache-control: private

GET
H2 200 8829237115888677076
tpc.googlesyndication.com/simgad/ Frame E086 26 KB
27 KB 73ms
18ms Image
image/png 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8829237115888677076?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qlkbuToW_7pdAJbe_bT2DHrvBENWg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9116440445344191&output=html&h=60&slotname=8779122127&adk=4048629624&adf=4055959512&pi=t.ma~as.8779122127&w=468&lmt=1633007779&psa=0&format=468x60&url=https%3A%2F%2Fd2.consoletarget.com%2F%3Fy%3Dcdd07634%26x%3DktVrDlr%252BQZgiyDAa2CWtTJWZR7mJ%252Fya98O5DH%252BZrC1kk7R5dxzj%252F8hZb1J%252BUQ9K7ZKFIj%252BsfcAkMaUlwAKBB9TrU4pu%252F8UWsqpM9wqUeaXE%252F%252BJX0heuxH%252BKGSlJkpRbQleHDx6whNEqkKAmVk7J56Hl4To%252FWf26wlX1R1bkQHb4%253D&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633007779297&bpp=1&bdt=209&idt=140&shv=r20210927&mjsv=m202109270101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C300x250&correlator=3853090196755&frm=20&pv=1&ga_vid=1419076536.1633007779&ga_sid=1633007779&ga_hid=424144027&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=566&ady=411&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062369%2C31062943%2C31062944&oid=3&pvsid=2431813192142652&pem=147&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=A1EI24E3Sj&p=https%3A//d2.consoletarget.com&dtd=144

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f1.1e100.net

Software

sffe /

Resource Hash

836864ca0c14dbea8cc6f12c18e99b4cca062d26c5a1873fc83c239a153bf693

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 15:39:09 GMT
x-content-type-options: nosniff
age: 509830
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26837
x-xss-protection: 0
last-modified: Thu, 19 Aug 2021 18:31:02 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 24 Sep 2022 15:39:09 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210927/r20110914/ Frame E086 18 KB
8 KB 62ms
7ms Script
text/javascript 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210927/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f1.1e100.net

Software

cafe /

Resource Hash

da48b97b44f32bd333c5ca822e07f0997269db7bbd7e85f514035e02a57624f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 13:08:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 486
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7607
x-xss-protection: 0
server: cafe
etag: 5036643633216217121
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Oct 2021 13:08:13 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210927/r20110914/client/ Frame E086 3 KB
1 KB 61ms
12ms Script
text/javascript 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210927/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f1.1e100.net

Software

cafe /

Resource Hash

c178b294f465f8c802b3f20752a384d2304c8628f8908d30ff13d02e861c2442

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 13:10:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 376
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1358
x-xss-protection: 0
server: cafe
etag: 15351394696698642166
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Oct 2021 13:10:03 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E086 122 KB
37 KB 56ms
32ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

2e2201192d8a342b5f570c4418dc4dcd2c0460243b4f9ba99c60a7c312d13e50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 13:16:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37837
x-xss-protection: 0
server: sffe
etag: "1632742272549041"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="active-view-scs-read-write-acl"
expires: Thu, 30 Sep 2021 13:16:19 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210927/r20110914/client/ Frame E086 14 KB
6 KB 58ms
9ms Script
text/javascript 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210927/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f1.1e100.net

Software

cafe /

Resource Hash

4f430df1926f8f2c1211de662c1070de2b98259bfc9bbdd8cf70c7b53d6777cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 13:13:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 153
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6194
x-xss-protection: 0
server: cafe
etag: 2541472377268313288
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Oct 2021 13:13:46 GMT

GET
H2 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210927/r20110914/client/ Frame E086 27 KB
11 KB 65ms
16ms Script
text/javascript 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210927/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f1.1e100.net

Software

cafe /

Resource Hash

a672e695dab08ffadbea7f0e77f1a723eefff684ae0cdabe2ca3b7a141554c3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 12:48:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1668
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11096
x-xss-protection: 0
server: cafe
etag: 8885281346021324493
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Oct 2021 12:48:31 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame E086 0
0 29ms
29ms Fetch
text/html 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CxcqKo7hVYbbVHIbK3gP9mKXIB6uP_rVl8Ln0t5QO2tkeEAEg9YWtCGDJBqABop6apwHIAQKoAwHIA8kEqgS-A0_QCXHUONsdd1qfquEF8wlizKr-2T8yW3gabVILALS4xxOxJEEet_P641SlnT3YDsqeu0BCLYhzqtEP78BKZAIyXaX2R62CigZwVRXJxsdko7k-vFK060Te0uKad8gDryQfqwRxR1TNQZ4_lfJniTL4UbmtnqR2Ir7I_2-2j5xIStIBQoO7rAcwEaFo6Rd32mVAYHkbQdmVGCMHyWTDCo-J6Kj7OARHHRPPELm-BOAaI8VLS_IlZ2xN9SLD7XVdAfaxBGh3QzTLs7gLrIZ5TG47kg2AB5bKzGHfByyH-ajWzXF8jmlZUtZDwotTzl53_ihJ6v6wccHvb-oh1ZaDUtKYXujZtiiuJfLVQFAsrnqrCqiPJxO3wPb9ALsFxpQAngRpSZjV1dw1hhglQ2kRCTFQkoyUuwNTB-_Mwi_bKxxFqm6asPnFhRXCbg4pCR7w19AIfxZ3qf9cVuBmSfW5PF3I_t-cn_vzdlQzaubf-6zCGwVM54AMRWC0QZMxBz6vzBLY5uWJQWAOVIji8igth9_H8fJyX1z-4WaHD4OZgT2s6O6Xc0dqmdFS7lPo6nZsywh_FvIDyM8zsZj0csokwASE24WY5wOgBgKAB8bh5dgCqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAfVyRuoB6a-G9gHAfIHBBDGxgXSCAcIgGEQARgfgAoByAsB2BMD0BUBgBcBshccChoIABIUcHViLTkxMTY0NDA0NDUzNDQxOTEYAA&sigh=UFdJDAby-fE

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9116440445344191&output=html&h=60&slotname=8779122127&adk=4048629624&adf=4055959512&pi=t.ma~as.8779122127&w=468&lmt=1633007779&psa=0&format=468x60&url=https%3A%2F%2Fd2.consoletarget.com%2F%3Fy%3Dcdd07634%26x%3DktVrDlr%252BQZgiyDAa2CWtTJWZR7mJ%252Fya98O5DH%252BZrC1kk7R5dxzj%252F8hZb1J%252BUQ9K7ZKFIj%252BsfcAkMaUlwAKBB9TrU4pu%252F8UWsqpM9wqUeaXE%252F%252BJX0heuxH%252BKGSlJkpRbQleHDx6whNEqkKAmVk7J56Hl4To%252FWf26wlX1R1bkQHb4%253D&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633007779297&bpp=1&bdt=209&idt=140&shv=r20210927&mjsv=m202109270101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C300x250&correlator=3853090196755&frm=20&pv=1&ga_vid=1419076536.1633007779&ga_sid=1633007779&ga_hid=424144027&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=566&ady=411&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062369%2C31062943%2C31062944&oid=3&pvsid=2431813192142652&pem=147&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=A1EI24E3Sj&p=https%3A//d2.consoletarget.com&dtd=144
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 30 Sep 2021 13:16:19 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 30 Sep 2021 13:16:19 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame FAB6 143 B
163 B 17ms
16ms Document
text/html 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9116440445344191&output=html&h=60&slotname=8779122127&adk=4048629624&adf=4055959512&pi=t.ma~as.8779122127&w=468&lmt=1633007779&psa=0&format=468x60&url=https%3A%2F%2Fd2.consoletarget.com%2F%3Fy%3Dcdd07634%26x%3DktVrDlr%252BQZgiyDAa2CWtTJWZR7mJ%252Fya98O5DH%252BZrC1kk7R5dxzj%252F8hZb1J%252BUQ9K7ZKFIj%252BsfcAkMaUlwAKBB9TrU4pu%252F8UWsqpM9wqUeaXE%252F%252BJX0heuxH%252BKGSlJkpRbQleHDx6whNEqkKAmVk7J56Hl4To%252FWf26wlX1R1bkQHb4%253D&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633007779297&bpp=1&bdt=209&idt=140&shv=r20210927&mjsv=m202109270101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C300x250&correlator=3853090196755&frm=20&pv=1&ga_vid=1419076536.1633007779&ga_sid=1633007779&ga_hid=424144027&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=566&ady=411&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062369%2C31062943%2C31062944&oid=3&pvsid=2431813192142652&pem=147&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=A1EI24E3Sj&p=https%3A//d2.consoletarget.com&dtd=144
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUlfee-xr38-yKEATwwNcCngbC7bSYGzZ8lx4ls5nLUXzhIEIR0sC6q5XzDqZiw; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9116440445344191&output=html&h=60&slotname=8779122127&adk=4048629624&adf=4055959512&pi=t.ma~as.8779122127&w=468&lmt=1633007779&psa=0&format=468x60&url=https%3A%2F%2Fd2.consoletarget.com%2F%3Fy%3Dcdd07634%26x%3DktVrDlr%252BQZgiyDAa2CWtTJWZR7mJ%252Fya98O5DH%252BZrC1kk7R5dxzj%252F8hZb1J%252BUQ9K7ZKFIj%252BsfcAkMaUlwAKBB9TrU4pu%252F8UWsqpM9wqUeaXE%252F%252BJX0heuxH%252BKGSlJkpRbQleHDx6whNEqkKAmVk7J56Hl4To%252FWf26wlX1R1bkQHb4%253D&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633007779297&bpp=1&bdt=209&idt=140&shv=r20210927&mjsv=m202109270101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C300x250&correlator=3853090196755&frm=20&pv=1&ga_vid=1419076536.1633007779&ga_sid=1633007779&ga_hid=424144027&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=566&ady=411&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062369%2C31062943%2C31062944&oid=3&pvsid=2431813192142652&pem=147&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=A1EI24E3Sj&p=https%3A//d2.consoletarget.com&dtd=144

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Thu, 30 Sep 2021 12:34:13 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 2526
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame E086 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 343d41b6534ec3dc054e614fba31ae351badf3ac51d7bb9e968476c330774fd9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 2827137545040523644
tpc.googlesyndication.com/daca_images/simgad/ Frame 5331 37 KB
37 KB 32ms
15ms Image
image/png 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/2827137545040523644

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9116440445344191&output=html&h=90&slotname=6663260524&adk=2451648850&adf=207028156&pi=t.ma~as.6663260524&w=728&lmt=1633007779&psa=0&format=728x90&url=https%3A%2F%2Fd2.consoletarget.com%2F%3Fy%3Dcdd07634%26x%3DktVrDlr%252BQZgiyDAa2CWtTJWZR7mJ%252Fya98O5DH%252BZrC1kk7R5dxzj%252F8hZb1J%252BUQ9K7ZKFIj%252BsfcAkMaUlwAKBB9TrU4pu%252F8UWsqpM9wqUeaXE%252F%252BJX0heuxH%252BKGSlJkpRbQleHDx6whNEqkKAmVk7J56Hl4To%252FWf26wlX1R1bkQHb4%253D&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633007779292&bpp=4&bdt=204&idt=94&shv=r20210927&mjsv=m202109270101&ptt=9&saldr=aa&abxe=1&correlator=3853090196755&frm=20&pv=2&ga_vid=1419076536.1633007779&ga_sid=1633007779&ga_hid=424144027&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=438&ady=9&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062369%2C31062943%2C31062944&oid=3&pvsid=2431813192142652&pem=147&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=dZHPcua2QY&p=https%3A//d2.consoletarget.com&dtd=120

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f1.1e100.net

Software

sffe /

Resource Hash

b0d991e37586d562816f1943c3fa080f5ecf1c2b5dbdd30a6f5f92abaa42c179

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 06:43:49 GMT
x-content-type-options: nosniff
age: 23551
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37763
x-xss-protection: 0
last-modified: Thu, 16 Sep 2021 05:12:13 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 30 Sep 2022 06:43:49 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210927/r20110914/ Frame 5331 18 KB
7 KB 25ms
8ms Script
text/javascript 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210927/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f1.1e100.net

Software

cafe /

Resource Hash

da48b97b44f32bd333c5ca822e07f0997269db7bbd7e85f514035e02a57624f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 13:08:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 487
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7607
x-xss-protection: 0
server: cafe
etag: 5036643633216217121
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Oct 2021 13:08:13 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210927/r20110914/client/ Frame 5331 3 KB
1 KB 20ms
7ms Script
text/javascript 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210927/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f1.1e100.net

Software

cafe /

Resource Hash

c178b294f465f8c802b3f20752a384d2304c8628f8908d30ff13d02e861c2442

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 13:11:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 276
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1358
x-xss-protection: 0
server: cafe
etag: 15351394696698642166
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Oct 2021 13:11:44 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5331 122 KB
37 KB 34ms
33ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

2e2201192d8a342b5f570c4418dc4dcd2c0460243b4f9ba99c60a7c312d13e50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 13:16:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37837
x-xss-protection: 0
server: sffe
etag: "1632742272549041"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="active-view-scs-read-write-acl"
expires: Thu, 30 Sep 2021 13:16:20 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210927/r20110914/client/ Frame 5331 14 KB
6 KB 21ms
8ms Script
text/javascript 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210927/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f1.1e100.net

Software

cafe /

Resource Hash

4f430df1926f8f2c1211de662c1070de2b98259bfc9bbdd8cf70c7b53d6777cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 13:13:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 154
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6194
x-xss-protection: 0
server: cafe
etag: 2541472377268313288
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Oct 2021 13:13:46 GMT

GET
H3 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210927/r20110914/client/ Frame 5331 27 KB
11 KB 23ms
10ms Script
text/javascript 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210927/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f1.1e100.net

Software

cafe /

Resource Hash

a672e695dab08ffadbea7f0e77f1a723eefff684ae0cdabe2ca3b7a141554c3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 12:48:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1669
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11096
x-xss-protection: 0
server: cafe
etag: 8885281346021324493
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Oct 2021 12:48:31 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 5331 0
0 34ms
33ms Fetch
text/html 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CcE0So7hVYfWyHIHS3gPuvbtIydSSiWS0tM7W4w33t77PiAoQASD1ha0IYMkGoAGS2YPpA8gBAqgDAcgDyQSqBLkDT9D8fEhMEOeqaIIiYfiThGyaoujSLftVgTP_rYCJPrDFoXMx8e8ftzqN6zseUn_GKGduuW8CKfYKWnNwz40itSLAqEenMQ4QHFLuoncQs_ZFc6UamnRaza1IS2nIWJ9JXMKHa7dMHQpHz0wmwYtZAK7QKnrXHFMLAJCjBlf07CQJ6TDZhrSUAOdB_oMutVv2KZaodHsbKlhFxQx_40C7511ngd1W6QEGf_xyx7Ec0U_yWIvrTHAMx8nbyGhK2lsvhPkwXxTkmceGeGRitu6XQHixHwxMh9ZMN7aaswX9ylWRKTTApC9BREMfsY4BsT1XP07rM2ovZ0nYCjbJ1b1U4yjTzXgNrMPz2B4BuB2pimyJhp8yy0Bvs_Ejrh59QgLz-cRByIZdZ87TTzk-RyUUNUZ2B02QcGO9fQ82uz24tgAbt64fm42r4l5g9R3mDN4ScSUOFkm2IrUpSYwBETnDJ53W-yNakMjh9J0ZmvUeWhlXb571SNh2kZibhfH1XTFRLj3anizy95RbpIq4aIQsN6QOT6CQOMTlyhiLUKgpILE-Qya6W-vFuvAunZ_Hns38LR5wusqBHa-IwAT6yPL90QOSBQQIBBgBkgUECAUYBKAGAoAHpf6ZA6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgH1ckbqAemvhvYBwHyBwQQmo4J0ggHCIBhEAEYH4AKAcgLAdgTDdAVAZgWAYAXAbIXHAoaCAASFHB1Yi05MTE2NDQwNDQ1MzQ0MTkxGAA&sigh=SNUuJ5JcaYA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9116440445344191&output=html&h=90&slotname=6663260524&adk=2451648850&adf=207028156&pi=t.ma~as.6663260524&w=728&lmt=1633007779&psa=0&format=728x90&url=https%3A%2F%2Fd2.consoletarget.com%2F%3Fy%3Dcdd07634%26x%3DktVrDlr%252BQZgiyDAa2CWtTJWZR7mJ%252Fya98O5DH%252BZrC1kk7R5dxzj%252F8hZb1J%252BUQ9K7ZKFIj%252BsfcAkMaUlwAKBB9TrU4pu%252F8UWsqpM9wqUeaXE%252F%252BJX0heuxH%252BKGSlJkpRbQleHDx6whNEqkKAmVk7J56Hl4To%252FWf26wlX1R1bkQHb4%253D&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633007779292&bpp=4&bdt=204&idt=94&shv=r20210927&mjsv=m202109270101&ptt=9&saldr=aa&abxe=1&correlator=3853090196755&frm=20&pv=2&ga_vid=1419076536.1633007779&ga_sid=1633007779&ga_hid=424144027&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=438&ady=9&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062369%2C31062943%2C31062944&oid=3&pvsid=2431813192142652&pem=147&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=dZHPcua2QY&p=https%3A//d2.consoletarget.com&dtd=120
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 30 Sep 2021 13:16:20 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 980879374693370669
tpc.googlesyndication.com/simgad/ Frame 0901 58 KB
58 KB 9ms
8ms Image
image/png 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/980879374693370669?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qm7PkuIDakma9qAzkKHkLJMjs7WHg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9116440445344191&output=html&h=250&slotname=7302388926&adk=4210093258&adf=3677441513&pi=t.ma~as.7302388926&w=300&lmt=1633007779&psa=0&format=300x250&url=https%3A%2F%2Fd2.consoletarget.com%2F%3Fy%3Dcdd07634%26x%3DktVrDlr%252BQZgiyDAa2CWtTJWZR7mJ%252Fya98O5DH%252BZrC1kk7R5dxzj%252F8hZb1J%252BUQ9K7ZKFIj%252BsfcAkMaUlwAKBB9TrU4pu%252F8UWsqpM9wqUeaXE%252F%252BJX0heuxH%252BKGSlJkpRbQleHDx6whNEqkKAmVk7J56Hl4To%252FWf26wlX1R1bkQHb4%253D&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633007779296&bpp=1&bdt=209&idt=126&shv=r20210927&mjsv=m202109270101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=3853090196755&frm=20&pv=1&ga_vid=1419076536.1633007779&ga_sid=1633007779&ga_hid=424144027&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=868&ady=104&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062369%2C31062943%2C31062944&oid=3&pvsid=2431813192142652&pem=147&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=5czQhonW8b&p=https%3A//d2.consoletarget.com&dtd=134

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f1.1e100.net

Software

sffe /

Resource Hash

e33ad6d83b000dda5c66bd85a500c8d1f7e287b67145e687513d074f590fa231

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 16:24:55 GMT
x-content-type-options: nosniff
age: 507085
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 59363
x-xss-protection: 0
last-modified: Fri, 24 Sep 2021 07:18:15 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 24 Sep 2022 16:24:55 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210927/r20110914/ Frame 0901 18 KB
7 KB 7ms
7ms Script
text/javascript 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210927/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f1.1e100.net

Software

cafe /

Resource Hash

da48b97b44f32bd333c5ca822e07f0997269db7bbd7e85f514035e02a57624f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 13:08:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 487
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7607
x-xss-protection: 0
server: cafe
etag: 5036643633216217121
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Oct 2021 13:08:13 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210927/r20110914/client/ Frame 0901 3 KB
1 KB 10ms
9ms Script
text/javascript 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210927/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f1.1e100.net

Software

cafe /

Resource Hash

c178b294f465f8c802b3f20752a384d2304c8628f8908d30ff13d02e861c2442

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 13:11:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 276
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1358
x-xss-protection: 0
server: cafe
etag: 15351394696698642166
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Oct 2021 13:11:44 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0901 122 KB
37 KB 32ms
31ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

2e2201192d8a342b5f570c4418dc4dcd2c0460243b4f9ba99c60a7c312d13e50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 13:16:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37837
x-xss-protection: 0
server: sffe
etag: "1632742272549041"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="active-view-scs-read-write-acl"
expires: Thu, 30 Sep 2021 13:16:20 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210927/r20110914/client/ Frame 0901 14 KB
6 KB 10ms
9ms Script
text/javascript 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210927/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f1.1e100.net

Software

cafe /

Resource Hash

4f430df1926f8f2c1211de662c1070de2b98259bfc9bbdd8cf70c7b53d6777cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 13:13:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 154
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6194
x-xss-protection: 0
server: cafe
etag: 2541472377268313288
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Oct 2021 13:13:46 GMT

GET
H3 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210927/r20110914/client/ Frame 0901 27 KB
11 KB 10ms
10ms Script
text/javascript 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210927/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f1.1e100.net

Software

cafe /

Resource Hash

a672e695dab08ffadbea7f0e77f1a723eefff684ae0cdabe2ca3b7a141554c3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 12:48:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1669
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11096
x-xss-protection: 0
server: cafe
etag: 8885281346021324493
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Oct 2021 12:48:31 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 0901 0
0 29ms
29ms Fetch
text/html 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CreLUo7hVYcXOHcLf3wOIy4TwAeaL0LllndL_gLgOyo7F-o4OEAEg9YWtCGDJBqAB0Ki7ugLIAQKoAwHIA8kEqgSpA0_QbjxboFFWcJ9q0kKj9opPFvEde6ME_6PDTBa6aUJ14KckzbQxJIKFucKX_pWGuYg85yqxREOpumc7MztdF7FzhzodtayTQ8p5g-Skd6cpZG10U_FQ9e09gxRV9Tai3ZJb8nPjB-aJfj_S7dVuUaNl0ehWWIoeh9fMy1XLAnfOEs8Ie3rFqivc6o2-b07l6Jaa9fg5a1qiU4aLZwe0i3CFLy9hYxW5_lDI0_Ij68HaVXVlKIluU9tDKyOn6ZrYl0fANi0S30uTuZw0ptiCE96WpVCqRxMtxEoIZ9AxokXI5--QqI5S-yQyENG2VAzD8uHclvY6CxOr2YMwWOG_vjgXQefDXvrFpriW1OxKoVDZMBCc2v9bW4UpB9jnfJPNd93jgq_K2yhTEyPmtN04SfzNDGcJwl8X8vNXnYZ67yanAeNi3NftfG0Ti4HF3VuKGPIk3JP2-dYl2vuxDQpF16-EzprWBJhpkCisc2gOd4N7-SEK49TcMtWQHftw4Q8RLOSLT_ao5lAE4Wzw76jgKrllSyI-TR1DlHex-AhGZ5QAT-HoY1m65DubwASyneSFgAOSBQQIBBgBkgUECAUYBKAGAoAHvbqLzwGoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB9XJG6gHpr4b2AcB8gcEELmZKNIIBwiAYRABGB-ACgHICwHYEwvQFQGAFwGyFxwKGggAEhRwdWItOTExNjQ0MDQ0NTM0NDE5MRgA&sigh=jdD5pvwO-bE

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9116440445344191&output=html&h=250&slotname=7302388926&adk=4210093258&adf=3677441513&pi=t.ma~as.7302388926&w=300&lmt=1633007779&psa=0&format=300x250&url=https%3A%2F%2Fd2.consoletarget.com%2F%3Fy%3Dcdd07634%26x%3DktVrDlr%252BQZgiyDAa2CWtTJWZR7mJ%252Fya98O5DH%252BZrC1kk7R5dxzj%252F8hZb1J%252BUQ9K7ZKFIj%252BsfcAkMaUlwAKBB9TrU4pu%252F8UWsqpM9wqUeaXE%252F%252BJX0heuxH%252BKGSlJkpRbQleHDx6whNEqkKAmVk7J56Hl4To%252FWf26wlX1R1bkQHb4%253D&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633007779296&bpp=1&bdt=209&idt=126&shv=r20210927&mjsv=m202109270101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=3853090196755&frm=20&pv=1&ga_vid=1419076536.1633007779&ga_sid=1633007779&ga_hid=424144027&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=868&ady=104&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062369%2C31062943%2C31062944&oid=3&pvsid=2431813192142652&pem=147&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=5czQhonW8b&p=https%3A//d2.consoletarget.com&dtd=134
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 30 Sep 2021 13:16:20 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 833E 143 B
163 B 17ms
16ms Document
text/html 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9116440445344191&output=html&h=90&slotname=6663260524&adk=2451648850&adf=207028156&pi=t.ma~as.6663260524&w=728&lmt=1633007779&psa=0&format=728x90&url=https%3A%2F%2Fd2.consoletarget.com%2F%3Fy%3Dcdd07634%26x%3DktVrDlr%252BQZgiyDAa2CWtTJWZR7mJ%252Fya98O5DH%252BZrC1kk7R5dxzj%252F8hZb1J%252BUQ9K7ZKFIj%252BsfcAkMaUlwAKBB9TrU4pu%252F8UWsqpM9wqUeaXE%252F%252BJX0heuxH%252BKGSlJkpRbQleHDx6whNEqkKAmVk7J56Hl4To%252FWf26wlX1R1bkQHb4%253D&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633007779292&bpp=4&bdt=204&idt=94&shv=r20210927&mjsv=m202109270101&ptt=9&saldr=aa&abxe=1&correlator=3853090196755&frm=20&pv=2&ga_vid=1419076536.1633007779&ga_sid=1633007779&ga_hid=424144027&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=438&ady=9&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062369%2C31062943%2C31062944&oid=3&pvsid=2431813192142652&pem=147&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=dZHPcua2QY&p=https%3A//d2.consoletarget.com&dtd=120
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUlfee-xr38-yKEATwwNcCngbC7bSYGzZ8lx4ls5nLUXzhIEIR0sC6q5XzDqZiw; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9116440445344191&output=html&h=90&slotname=6663260524&adk=2451648850&adf=207028156&pi=t.ma~as.6663260524&w=728&lmt=1633007779&psa=0&format=728x90&url=https%3A%2F%2Fd2.consoletarget.com%2F%3Fy%3Dcdd07634%26x%3DktVrDlr%252BQZgiyDAa2CWtTJWZR7mJ%252Fya98O5DH%252BZrC1kk7R5dxzj%252F8hZb1J%252BUQ9K7ZKFIj%252BsfcAkMaUlwAKBB9TrU4pu%252F8UWsqpM9wqUeaXE%252F%252BJX0heuxH%252BKGSlJkpRbQleHDx6whNEqkKAmVk7J56Hl4To%252FWf26wlX1R1bkQHb4%253D&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633007779292&bpp=4&bdt=204&idt=94&shv=r20210927&mjsv=m202109270101&ptt=9&saldr=aa&abxe=1&correlator=3853090196755&frm=20&pv=2&ga_vid=1419076536.1633007779&ga_sid=1633007779&ga_hid=424144027&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=438&ady=9&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062369%2C31062943%2C31062944&oid=3&pvsid=2431813192142652&pem=147&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=dZHPcua2QY&p=https%3A//d2.consoletarget.com&dtd=120

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Thu, 30 Sep 2021 12:34:13 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 2527
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame FAB6
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

53ms
52ms

Document
text/html

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUlfee-xr38-yKEATwwNcCngbC7bSYGzZ8lx4ls5nLUXzhIEIR0sC6q5XzDqZiw; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 30 Sep 2021 13:16:20 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Thu, 30-Sep-2021 14:16:20 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 30 Sep 2021 13:16:20 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 30 Sep 2021 13:16:20 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 -1aq-589pTXQhIX0O0sr0by93NOseZw7_D6wdr9M3ZU.js Show response
pagead2.googlesyndication.com/bg/ Frame A1A9 35 KB
13 KB 10ms
9ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/-1aq-589pTXQhIX0O0sr0by93NOseZw7_D6wdr9M3ZU.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

sffe /

Resource Hash

fb56aafb9f3da535d08485f43b4b2bd1bcbddcd3ac799c3bfc3eb076bf4cdd95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 21:51:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 141893
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13400
x-xss-protection: 0
last-modified: Mon, 20 Sep 2021 23:08:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Wed, 28 Sep 2022 21:51:27 GMT

GET
DATA 200
OK truncated
/ Frame 5331 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8c539a5a975d1f85ea0c0d782ed6fbd77da129a531005f5320d067aeedcfc37b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 5842 143 B
163 B 23ms
23ms Document
text/html 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9116440445344191&output=html&h=250&slotname=7302388926&adk=4210093258&adf=3677441513&pi=t.ma~as.7302388926&w=300&lmt=1633007779&psa=0&format=300x250&url=https%3A%2F%2Fd2.consoletarget.com%2F%3Fy%3Dcdd07634%26x%3DktVrDlr%252BQZgiyDAa2CWtTJWZR7mJ%252Fya98O5DH%252BZrC1kk7R5dxzj%252F8hZb1J%252BUQ9K7ZKFIj%252BsfcAkMaUlwAKBB9TrU4pu%252F8UWsqpM9wqUeaXE%252F%252BJX0heuxH%252BKGSlJkpRbQleHDx6whNEqkKAmVk7J56Hl4To%252FWf26wlX1R1bkQHb4%253D&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633007779296&bpp=1&bdt=209&idt=126&shv=r20210927&mjsv=m202109270101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=3853090196755&frm=20&pv=1&ga_vid=1419076536.1633007779&ga_sid=1633007779&ga_hid=424144027&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=868&ady=104&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062369%2C31062943%2C31062944&oid=3&pvsid=2431813192142652&pem=147&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=5czQhonW8b&p=https%3A//d2.consoletarget.com&dtd=134
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUlfee-xr38-yKEATwwNcCngbC7bSYGzZ8lx4ls5nLUXzhIEIR0sC6q5XzDqZiw; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9116440445344191&output=html&h=250&slotname=7302388926&adk=4210093258&adf=3677441513&pi=t.ma~as.7302388926&w=300&lmt=1633007779&psa=0&format=300x250&url=https%3A%2F%2Fd2.consoletarget.com%2F%3Fy%3Dcdd07634%26x%3DktVrDlr%252BQZgiyDAa2CWtTJWZR7mJ%252Fya98O5DH%252BZrC1kk7R5dxzj%252F8hZb1J%252BUQ9K7ZKFIj%252BsfcAkMaUlwAKBB9TrU4pu%252F8UWsqpM9wqUeaXE%252F%252BJX0heuxH%252BKGSlJkpRbQleHDx6whNEqkKAmVk7J56Hl4To%252FWf26wlX1R1bkQHb4%253D&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633007779296&bpp=1&bdt=209&idt=126&shv=r20210927&mjsv=m202109270101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=3853090196755&frm=20&pv=1&ga_vid=1419076536.1633007779&ga_sid=1633007779&ga_hid=424144027&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=868&ady=104&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062369%2C31062943%2C31062944&oid=3&pvsid=2431813192142652&pem=147&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=5czQhonW8b&p=https%3A//d2.consoletarget.com&dtd=134

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Thu, 30 Sep 2021 12:34:13 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 2527
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 0901 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a4bcf7ab961863c643d6db0ce720b7cddad6e9135b2b52f4ac6b4879d81b1f64

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 833E
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

50ms
49ms

Document
text/html

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUlfee-xr38-yKEATwwNcCngbC7bSYGzZ8lx4ls5nLUXzhIEIR0sC6q5XzDqZiw; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 30 Sep 2021 13:16:20 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Thu, 30-Sep-2021 14:16:20 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 30 Sep 2021 13:16:20 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 30 Sep 2021 13:16:20 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 -1aq-589pTXQhIX0O0sr0by93NOseZw7_D6wdr9M3ZU.js Show response
pagead2.googlesyndication.com/bg/ Frame D389 35 KB
13 KB 7ms
6ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/-1aq-589pTXQhIX0O0sr0by93NOseZw7_D6wdr9M3ZU.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

sffe /

Resource Hash

fb56aafb9f3da535d08485f43b4b2bd1bcbddcd3ac799c3bfc3eb076bf4cdd95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 21:51:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 141893
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13400
x-xss-protection: 0
last-modified: Mon, 20 Sep 2021 23:08:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Wed, 28 Sep 2022 21:51:27 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 5842
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

51ms
51ms

Document
text/html

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUlfee-xr38-yKEATwwNcCngbC7bSYGzZ8lx4ls5nLUXzhIEIR0sC6q5XzDqZiw; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 30 Sep 2021 13:16:20 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Thu, 30-Sep-2021 14:16:20 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 30 Sep 2021 13:16:20 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 30 Sep 2021 13:16:20 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 -1aq-589pTXQhIX0O0sr0by93NOseZw7_D6wdr9M3ZU.js Show response
pagead2.googlesyndication.com/bg/ Frame AE1D 35 KB
13 KB 7ms
7ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/-1aq-589pTXQhIX0O0sr0by93NOseZw7_D6wdr9M3ZU.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

sffe /

Resource Hash

fb56aafb9f3da535d08485f43b4b2bd1bcbddcd3ac799c3bfc3eb076bf4cdd95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 21:51:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 141893
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13400
x-xss-protection: 0
last-modified: Mon, 20 Sep 2021 23:08:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Wed, 28 Sep 2022 21:51:27 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 36ms
22ms XHR
application/json 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210927&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109270101/show_ads_impl_fy2019.js?bust=31062943

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

69498b7ca4ec29135401e758efcca85816ce24a5cdfd06fd74f66f8cd69900a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d2.consoletarget.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 30 Sep 2021 13:16:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8508
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame E086 0
0 29ms
29ms Fetch
text/html 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=ChTF9o7hVYbbVHIbK3gP9mKXIB6uP_rVl8Ln0t5QO2tkeEAEg9YWtCGDJBqABop6apwHIAQKoAwGqBL4DT9AJcdQ42x13Wp-q4QXzCWLMqv7ZPzJbeBptUgsAtLjHE7EkQR638_rjVKWdPdgOyp67QEItiHOq0Q_vwEpkAjJdpfZHrYKKBnBVFcnGx2SjuT68UrTrRN7S4pp3yAOvJB-rBHFHVM1Bnj-V8meJMvhRua2epHYivsj_b7aPnEhK0gFCg7usBzARoWjpF3faZUBgeRtB2ZUYIwfJZMMKj4noqPs4BEcdE88Qub4E4BojxUtL8iVnbE31IsPtdV0B9rEEaHdDNMuzuAushnlMbjuSDYAHlsrMYd8HLIf5qNbNcXyOaVlS1kPCi1POXnf-KEnq_rBxwe9v6iHVloNS0phe6Nm2KK4l8tVAUCyueqsKqI8nE7fA9v0AuwXGlACeBGlJmNXV3DWGGCVDaREJMVCSjJS7A1MH78zCL9srHEWqbpqw-cWFFcJuDikJHvDX0Ah_Fnep_1xW4GZJ9bk8Xcj-35yf-_N2VDNq5t_7rMIbBUzngAxFYLRBkzEHPq_MEtjm5YlBYA5UiOLyKC2H38fx8nJfXP7hZocPg5mBPazo7pdzR2qZ0VLuU-jqdmzLCH8W8gPIzzOxmPRyyiTABITbhZjnA6AGAoAHxuHl2AKoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB9XJG6gHpr4b2AcB8gcEEMbGBdIIBwiAYRABGB-ACgHICwHYEwPQFQGAFwGyFxwKGggAEhRwdWItOTExNjQ0MDQ0NTM0NDE5MRgA&sigh=uPpU5l38vMA&vt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9116440445344191&output=html&h=60&slotname=8779122127&adk=4048629624&adf=4055959512&pi=t.ma~as.8779122127&w=468&lmt=1633007779&psa=0&format=468x60&url=https%3A%2F%2Fd2.consoletarget.com%2F%3Fy%3Dcdd07634%26x%3DktVrDlr%252BQZgiyDAa2CWtTJWZR7mJ%252Fya98O5DH%252BZrC1kk7R5dxzj%252F8hZb1J%252BUQ9K7ZKFIj%252BsfcAkMaUlwAKBB9TrU4pu%252F8UWsqpM9wqUeaXE%252F%252BJX0heuxH%252BKGSlJkpRbQleHDx6whNEqkKAmVk7J56Hl4To%252FWf26wlX1R1bkQHb4%253D&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633007779297&bpp=1&bdt=209&idt=140&shv=r20210927&mjsv=m202109270101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C300x250&correlator=3853090196755&frm=20&pv=1&ga_vid=1419076536.1633007779&ga_sid=1633007779&ga_hid=424144027&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=566&ady=411&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062369%2C31062943%2C31062944&oid=3&pvsid=2431813192142652&pem=147&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=A1EI24E3Sj&p=https%3A//d2.consoletarget.com&dtd=144
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 30 Sep 2021 13:16:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame E086 42 B
64 B 17ms
17ms Fetch
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstnYJQi5uaspMkzvW9pGKllLf3LOAdvkxeOH5o3zpDm4uOuq2YGKvgvROE2iZXskyOpV-R-bXbtcxyrZhQvqH9BkxKwZxtgGiBEBscCDxmtM0M_Wq8&sai=AMfl-YR8iFf8a8p3-_DNmS7sWx6d4FkCUp92Y_lcHRM6UKlplFD51bcahecv18RTCnagvs04jCbFPsZXIU0e&sig=Cg0ArKJSzPr7IMb9LIGTEAE&id=lidar2&mcvt=1015&p=411,566,469,1034&mtos=1015,1015,1015,1015,1015&tos=1015,0,0,0,0&v=20210927&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=4&adk=4048629624&rs=2&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1633007779443&rpt=556

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Sep 2021 13:16:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 23ms
23ms Script
text/javascript 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109270101/show_ads_impl_fy2019.js?bust=31062943

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f1.1e100.net

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d2.consoletarget.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 13:16:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Thu, 30 Sep 2021 13:16:21 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 2512 12 KB
5 KB 7ms
7ms Document
text/html 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f1.1e100.net

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://d2.consoletarget.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://d2.consoletarget.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Thu, 30 Sep 2021 12:47:00 GMT
expires: Fri, 30 Sep 2022 12:47:00 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1761
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame A5AA 783 B
533 B 17ms
16ms Document
text/html 216.58.212.164
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.164 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f164.1e100.net

Software

GSE /

Resource Hash

ce0b184f89d9ddaa98932334dd0b3e8433fd917b568f9272fae2a3459e0bc0c7

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Z2cg0AMsigLUx+7sLH/TTA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://d2.consoletarget.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://d2.consoletarget.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Thu, 30 Sep 2021 13:16:21 GMT
date: Thu, 30 Sep 2021 13:16:21 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-Z2cg0AMsigLUx+7sLH/TTA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 511
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame A5AA 0
0 45ms
45ms Image
text/html 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20210927&jk=2431813192142652&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: ams15s22-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H3 200 -1aq-589pTXQhIX0O0sr0by93NOseZw7_D6wdr9M3ZU.js Show response
pagead2.googlesyndication.com/bg/ Frame 2512 35 KB
13 KB 7ms
7ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/-1aq-589pTXQhIX0O0sr0by93NOseZw7_D6wdr9M3ZU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

sffe /

Resource Hash

fb56aafb9f3da535d08485f43b4b2bd1bcbddcd3ac799c3bfc3eb076bf4cdd95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 21:51:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 141894
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13400
x-xss-protection: 0
last-modified: Mon, 20 Sep 2021 23:08:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Wed, 28 Sep 2022 21:51:27 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5331 42 B
64 B 17ms
17ms Fetch
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuVQ05LQZ1zjBG2od0i2-gjxax8nTUQjlo8VpqiFn423nNlZER4suUMlv7TngKSu7v20DjMneais75w_C2M6_Nf-zt32tOj9ZIbEnYYX4KiA5nE2CU&sai=AMfl-YQK27VYgA5r2i0n7Xc-EgA-fkXjWtDPMCIh2RqQbg9OqCnz-IB0iY_4JcvZWgcZcCJLa7HquUwRnzK-&sig=Cg0ArKJSzHtosD9lzukaEAE&id=lidar2&mcvt=1029&p=9,438,99,1166&mtos=1029,1029,1029,1029,1029&tos=1029,0,0,0,0&v=20210927&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=4&adk=2451648850&rs=2&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1633007779414&rpt=866

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Sep 2021 13:16:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 0901 42 B
64 B 17ms
16ms Fetch
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvrY0xa-6VX14J1wYSkphKAFeyovjrEd5eyBEHg8NxHbpJPjxwKk-6nEoCNMhLpoT4aVRpeDVbqvoaIALEi4vgw4uhdQKF-Wh6HuUJZJWrDi81orv8&sai=AMfl-YTAAorvbiBOAcsWIlTm0Yvgup0YvJTS1UU9CgmbBlyxsaYLMDr6MsZdP6tsp03B2CrqUbUQtAxlz0l5&sig=Cg0ArKJSzMZ2G7mNBwk7EAE&id=lidar2&mcvt=1021&p=104,868,354,1168&mtos=1021,1021,1021,1021,1021&tos=1021,0,0,0,0&v=20210927&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=4&adk=4210093258&rs=2&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1633007779431&rpt=955

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Sep 2021 13:16:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 33ms
33ms Image
text/html 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&t=2&li=gda_r20210927&jk=2431813192142652&bg=!q6ilqOzNAAZNQyuQTUM7ACkAdvg8WqkoZHSFMwND8PwiiOKz4ZY5pr2ZaAIJZqg5qdi5A4M4YFZwUgIAAAHGUgAAAB5oAQcKAELcVbQ4YqaH5CpCHl9tK_F-3PbaHRYH7dDVo_Z3ywv41JnWNir6yEDPS-odjMm1athvHccrUl_2mviicvsiBme0cc-ZAsExhr3gc2KO9kaZdIMA1WHmol1I0YWljrcjsLQOZrGCH1MdyyKcAdOna517aAMieFfLJA8rNyW43VkcEzEmsJgWaL6dSV9nm63Otj9MrH_uOiCGgaBQg_kyFV3JxzsNhKN_ve7u0X6A_5Ej5y7tNxqgQ0K-XkWdNollJMlm8PNFBZmyE_QtoQB5p_lQXj_KzTvJyvkN8EhplykGucd3iSHrwXUGl9zSWTW3YtXsVA6Zk67ZNH-vmhlMMLLarL1SP0SI_KnDoWdYmXYNF22REU8PIz706801uB1hJU16VofoireGdYq0AIeQYp1wktz55WK8A8KeHO581DtHaGsPJpxI0Ka58vo9M-e9Yn3hX9KVwm3U4NQDMp_4fvmRVHP53XS3OoYAbRVlxFnRnzRh6kXc08XeeXlZgOup8p55kU3ktB1_Js4TZWFmCtTNSHliKSGvA8-DP72PWMHuwuKitPClxSb6SyWb59qtg3Y5jmDpTYVcbfoTlS3yX-oejr_ULO6S8qDiu--2olE3f0Mlh15kXKuiVi8sl5n1ltRB3ykVbs7zTaXPrJb-_F8B1C3Kfqw-dSeOqYtLfULOOPS2S83c3xprIx1-yNU2N5IRgl_ppbYMySxemPKku52QGe9Zsoys-DXnynQsBoW__YeEXsDOz9ShfZaptSccPZ6PQQaSYTxk0wsQi-2TbTEDyYWka9ijPFaA2QPC00fuPiyplIJjLlWD_OJ68fsvENWBfbuV9_Uk81w7UMGZ6RDAD5YOxSYqWiQky95LrvQ04C4lmUglG95cm5AADv1_XqwTxXBY1vfGE7rLLQ6B-j38SBc03dTOHOdw_ampmjtzLwhQ2GjErwoZFRiaGV6aaPHryT17uHDcKibri6ViFYE-NKUpmUWFnUmHhn64ETwYnCp4PkIl3KRaBzRjL52a1hqSd3OYf_8
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: ams15s22-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d2.consoletarget.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H2 200 Primary Request pc_mars_war_logs.shtml Show response
gamecopyworld.eu/games/ 34 KB
7 KB 88ms
44ms Document
text/html 104.21.16.163
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gamecopyworld.eu/games/pc_mars_war_logs.shtml
Requested by: Host: d2.consoletarget.com
URL: https://d2.consoletarget.com/?y=cdd07634&x=ktVrDlr%2BQZgiyDAa2CWtTJWZR7mJ%2Fya98O5DH%2BZrC1kk7R5dxzj%2F8hZb1J%2BUQ9K7ZKFIj%2BsfcAkMaUlwAKBB9TrU4pu%2F8UWsqpM9wqUeaXE%2F%2BJX0heuxH%2BKGSlJkpRbQleHDx6whNEqkKAmVk7J56Hl4To%2FWf26wlX1R1bkQHb4%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.16.163 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e29ced21064904106c1f061d0668842e8da5d0484f11dabf5e29200e0f3dedd

Request headers

:method: GET
:authority: gamecopyworld.eu
:scheme: https
:path: /games/pc_mars_war_logs.shtml
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://d2.consoletarget.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://d2.consoletarget.com/

Response headers

date: Thu, 30 Sep 2021 13:16:26 GMT
content-type: text/html; charset=UTF-8
set-cookie: PHPSESSID=rp33n4okne1jijppfpj67bee42; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: max-age=0, private, no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ma6TD3lbB352Asp%2B5pT3CzdX3DXOWndV%2BFYryaXhdx5VFuV5rB6DO1I9RA1IuZKhPVse8axug%2BFlWJTt99Pu0K7T64YiTOAdnjvA4Jjh0GQNhVW0i%2F8tH7UghpkbZX69ivrL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 696db9c6fa8b6928-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET activeview
pagead2.googlesyndication.com/pcs/ Frame 5331 0
0

GET activeview
pagead2.googlesyndication.com/pcs/ Frame 0901 0
0

GET activeview
pagead2.googlesyndication.com/pcs/ Frame E086 0
0

GET
H3 200 colorbox.css
gamecopyworld.eu/games/cb/ 4 KB
2 KB 54ms
37ms Stylesheet
text/css 104.21.16.163
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gamecopyworld.eu/games/cb/colorbox.css
Requested by: Host: gamecopyworld.eu
URL: https://gamecopyworld.eu/games/pc_mars_war_logs.shtml
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.16.163 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4b9bccdbe5e54a43b311d387bcd57a43b5063c962af7ba60bef421aa61a6e491

Request headers

:path: /games/cb/colorbox.css
pragma: no-cache
cookie: PHPSESSID=rp33n4okne1jijppfpj67bee42
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: gamecopyworld.eu
referer: https://gamecopyworld.eu/games/pc_mars_war_logs.shtml
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://gamecopyworld.eu/games/pc_mars_war_logs.shtml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 13:16:26 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 209285
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 24 Dec 2014 21:50:46 GMT
server: cloudflare
etag: W/"f3f-50afd48af3980-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tA3e1dIIHft8%2BNLpBXiQebmx8ezZ0T2dUGkNBMLgIBmQ9SILb%2FbaIy3lWP1VAxoJE2vaJe9vEE8HPyOMJwSQdxmd2spasXtDd2VchQ8lmnT4nni2HedU1rcjQW5YEst0B%2Fnx"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=604800
cf-ray: 696db9c7dc766903-FRA
expires: Tue, 05 Oct 2021 03:08:21 GMT

GET
H3 200 jquery.min.js Show response
gamecopyworld.eu/js/ 94 KB
34 KB 39ms
23ms Script
application/javascript 104.21.16.163
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gamecopyworld.eu/js/jquery.min.js
Requested by: Host: gamecopyworld.eu
URL: https://gamecopyworld.eu/games/pc_mars_war_logs.shtml
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.16.163 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0

Request headers

:path: /js/jquery.min.js
pragma: no-cache
cookie: PHPSESSID=rp33n4okne1jijppfpj67bee42
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: gamecopyworld.eu
referer: https://gamecopyworld.eu/games/pc_mars_war_logs.shtml
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://gamecopyworld.eu/games/pc_mars_war_logs.shtml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 13:16:26 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 333126
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 16 Sep 2021 07:09:53 GMT
server: cloudflare
etag: W/"176bb-5cc17805724e5-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6y3fjoaYPTFu6izC4ZI%2BOMeJUyPqaQ78Hg%2BRjKEiPR5qHCDXsW7vpXaKbjau3KO1qrVCgtxfz0RNT6jDOv6E4KyVjXibaNUsqZqzVHuumRPDorVcDynobW1wO6q73pDRyjQi"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=604800
cf-ray: 696db9c7dc756903-FRA
expires: Sun, 03 Oct 2021 16:44:20 GMT

GET
H3 200 jquery.colorbox-min.js Show response
gamecopyworld.eu/games/cb/ 11 KB
5 KB 46ms
30ms Script
application/javascript 104.21.16.163
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gamecopyworld.eu/games/cb/jquery.colorbox-min.js
Requested by: Host: gamecopyworld.eu
URL: https://gamecopyworld.eu/games/pc_mars_war_logs.shtml
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.16.163 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: efa2ec1d872cdd22f2ca6aedea7b686c7eda3867f5d28c1321891a775edb7ad8

Request headers

:path: /games/cb/jquery.colorbox-min.js
pragma: no-cache
cookie: PHPSESSID=rp33n4okne1jijppfpj67bee42
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: gamecopyworld.eu
referer: https://gamecopyworld.eu/games/pc_mars_war_logs.shtml
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://gamecopyworld.eu/games/pc_mars_war_logs.shtml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 13:16:26 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 538819
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 24 Dec 2014 21:50:47 GMT
server: cloudflare
etag: W/"2de3-50afd48be7bc0-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PMVLMxwPGZm251FQNcDDUJWuybumtcv0MH2I4n%2FwnY%2FJHVKmh4N2B%2FvbQzC7mW%2FYESjwaKhHySLy%2F%2FX4S6sE%2FUk7kQD7NK7P6WBO6Nd6M20SCrbf7FRpsjrNK3016IlNg0nb"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=604800
cf-ray: 696db9c7dc706903-FRA
expires: Fri, 01 Oct 2021 07:36:07 GMT

GET
H3 200 cookieconsent.min.css
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/ 4 KB
2 KB 25ms
14ms Stylesheet
text/css 104.16.18.94
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.css

Requested by

Host: gamecopyworld.eu
URL: https://gamecopyworld.eu/games/pc_mars_war_logs.shtml

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.18.94 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

456ab1a71507ed91abae14c9d08faffb373a7bc711a66e44341b7b8b7bb72ab4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gamecopyworld.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 13:16:26 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 581388
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 948
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:09:17 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e2d-f62"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TeC8YqmYdmGQql%2BzSQi0%2BzJzmQB%2FGWCs5VcC9rpa%2B6upi82bGEP1bWVmNlDBg351zPvDn8C5J%2BPnDv75%2BQvQO4ZqQ1s1zblLLVWV6FXb%2Bqj9YjHvRJ1eWEnspMhDeKKB%2FPtByAgR"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 696db9c7c9be692b-FRA
expires: Tue, 20 Sep 2022 13:16:26 GMT

GET
H3 200 cookieconsent.min.js Show response
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/ 19 KB
6 KB 27ms
17ms Script
application/javascript 104.16.18.94
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.js

Requested by

Host: gamecopyworld.eu
URL: https://gamecopyworld.eu/games/pc_mars_war_logs.shtml

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.18.94 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

af4c6683814aa527caf53bde3d021e6aafe00833b45f2dead043c87ed7864674

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gamecopyworld.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 13:16:26 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 64938
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 5676
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:09:17 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e2d-4d5a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7RKP54%2BsjLQPCA2OkU2wl5djHNHA1l1vp%2BfDCwSCw5SkhAnciQsa6PCgYmsGUNiw%2Fcw0yXdJKoFXEcHorBJ70TjezdMolvbGrA3B2bzte7zubF8UZYghsnfYxcHM3fBDXzrQNhx1"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 696db9c7c9ba692b-FRA
expires: Tue, 20 Sep 2022 13:16:26 GMT

GET
H3 200 gcw.css
gamecopyworld.eu/games/ 7 KB
2 KB 62ms
47ms Stylesheet
text/css 104.21.16.163
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gamecopyworld.eu/games/gcw.css?r=71434
Requested by: Host: gamecopyworld.eu
URL: https://gamecopyworld.eu/games/pc_mars_war_logs.shtml
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.16.163 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 660fde42e9d1de3cb20426daad1a75af8462fb17a9fe295ca61020350c68e5b9

Request headers

:path: /games/gcw.css?r=71434
pragma: no-cache
cookie: PHPSESSID=rp33n4okne1jijppfpj67bee42
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: gamecopyworld.eu
referer: https://gamecopyworld.eu/games/pc_mars_war_logs.shtml
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://gamecopyworld.eu/games/pc_mars_war_logs.shtml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 13:16:26 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 14 Jul 2020 08:57:26 GMT
server: cloudflare
etag: W/"1b6e-5aa62ff189adf-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8m6MPo9gZIQiesgU%2BuoZJ3IqDr55iptSBv4GWmVA%2FqErSKLNM1eczyycX2Pu%2BlhXYBrHdZ%2F0xIRoFpwgzlGogk%2Fxjf0eQ1gl2LErfkMVKod7Wbk%2BfsZj%2F8jln271o%2BY1GT8q"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 696db9c7cc6e6903-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Thu, 07 Oct 2021 13:16:26 GMT

GET
H3 200 h1.gif
gamecopyworld.eu/games/ 42 B
651 B 20ms
19ms Image
image/gif 104.21.16.163
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gamecopyworld.eu/games/h1.gif
Requested by: Host: gamecopyworld.eu
URL: https://gamecopyworld.eu/games/pc_mars_war_logs.shtml
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.16.163 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

:path: /games/h1.gif
pragma: no-cache
cookie: PHPSESSID=rp33n4okne1jijppfpj67bee42
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: gamecopyworld.eu
referer: https://gamecopyworld.eu/games/pc_mars_war_logs.shtml
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://gamecopyworld.eu/games/pc_mars_war_logs.shtml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 13:16:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 540607
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 42
last-modified: Wed, 07 Oct 1998 21:02:18 GMT
server: cloudflare
etag: "2a-339a24b1fea80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZnFHLZJEZwTvYyJqbEFeyO5ssMGVylCpxx5AZ2J4PgD6ufrt%2Bgjq1Gx5lDvla0P2Dlp4eUmh6B%2BF3hLQWi7aZLY7SfHDZvWxno69IZ8UTNmOvEo1rut8y911De1eoHgS0MzB"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 696db9c80d146903-FRA
expires: Fri, 01 Oct 2021 07:06:19 GMT

GET
H3 200 is_lb_harley_1.jpg
gamecopyworld.eu/ddd/ii/tc/ 88 KB
89 KB 15ms
14ms Image
image/jpeg 104.21.16.163
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gamecopyworld.eu/ddd/ii/tc/is_lb_harley_1.jpg
Requested by: Host: gamecopyworld.eu
URL: https://gamecopyworld.eu/games/pc_mars_war_logs.shtml
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.16.163 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 17acbfa149f7a2c600a5e6aba0ce4d505d84368216f12aee7fecdd53a4f24daf

Request headers

:path: /ddd/ii/tc/is_lb_harley_1.jpg
pragma: no-cache
cookie: PHPSESSID=rp33n4okne1jijppfpj67bee42
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: gamecopyworld.eu
referer: https://gamecopyworld.eu/games/pc_mars_war_logs.shtml
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://gamecopyworld.eu/games/pc_mars_war_logs.shtml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 13:16:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 886586
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 90247
last-modified: Thu, 03 Oct 2019 16:35:37 GMT
server: cloudflare
etag: "16087-594042cdeff53"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kK1gACvWE%2BMyGNi4Xnk1kZVOFKV9o0MRJbDr0PewuLjGBpRG%2BYsWYtU9k%2FKvdhyZURHUbwGnqG3xe9osUIruxsNxHHfwcQHwkbZkOYOeXJHFfuyluRjL5IFdsop4QuntmmxE"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 696db9c81d3a6903-FRA
expires: Wed, 20 Oct 2021 07:00:00 GMT

GET
H3 200 email.gif
gamecopyworld.eu/games/images/ 16 KB
16 KB 22ms
21ms Image
image/gif 104.21.16.163
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gamecopyworld.eu/games/images/email.gif
Requested by: Host: gamecopyworld.eu
URL: https://gamecopyworld.eu/games/pc_mars_war_logs.shtml
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.16.163 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 342eb91d51c7a9e6f87b1b8b9090b371fcd6940d6e976dc69060f01d95361681

Request headers

:path: /games/images/email.gif
pragma: no-cache
cookie: PHPSESSID=rp33n4okne1jijppfpj67bee42
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: gamecopyworld.eu
referer: https://gamecopyworld.eu/games/pc_mars_war_logs.shtml
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://gamecopyworld.eu/games/pc_mars_war_logs.shtml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 13:16:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 209285
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 15989
last-modified: Sun, 19 Jul 1998 08:15:50 GMT
server: cloudflare
etag: "3e75-3334e42b8b980"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oF7wGw%2BVQLVL7pYm860mN0U32ksyGH26lG9Ui6%2Fj4jmthrETlh1YtCISdQKu2I%2Bf0HWdBkhVK0uyUDtjQi9UAjxXswF6%2FiYnFCtrWww3dG2krw5sRJonKy%2FJpYuEQQA0CVgu"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 696db9c81d3d6903-FRA
expires: Tue, 05 Oct 2021 03:08:21 GMT

GET
H3 200 gcw_logo.gif
gamecopyworld.eu/games/images/ 8 KB
8 KB 22ms
21ms Image
image/gif 104.21.16.163
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gamecopyworld.eu/games/images/gcw_logo.gif
Requested by: Host: gamecopyworld.eu
URL: https://gamecopyworld.eu/games/pc_mars_war_logs.shtml
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.16.163 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1a99c050ba983fd07957578bdea213d67453f6d724a40914a2f29ea03aac49c0

Request headers

:path: /games/images/gcw_logo.gif
pragma: no-cache
cookie: PHPSESSID=rp33n4okne1jijppfpj67bee42
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: gamecopyworld.eu
referer: https://gamecopyworld.eu/games/pc_mars_war_logs.shtml
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://gamecopyworld.eu/games/pc_mars_war_logs.shtml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 13:16:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 538809
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 7794
last-modified: Wed, 17 Dec 2014 16:27:43 GMT
server: cloudflare
etag: "1e72-50a6bf47a7dc0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r6gu7gZ%2Fe%2B1OgDifHv5J%2FL3QEVlwQbXH9vQBYUPScBEf1DQF63HXb62Ni9QpR6U9PeNxYz0e22ScZkg2yIlUzJEeKAQ1ftWqBpoEtZjULyMQsAXSyDPYPo5nf6jo0%2F0e7BL5"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 696db9c81d3f6903-FRA
expires: Fri, 01 Oct 2021 07:36:17 GMT

GET
H3 200 h1.gif
gamecopyworld.eu/games/images/ 42 B
657 B 23ms
22ms Image
image/gif 104.21.16.163
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gamecopyworld.eu/games/images/h1.gif
Requested by: Host: gamecopyworld.eu
URL: https://gamecopyworld.eu/games/pc_mars_war_logs.shtml
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.16.163 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

:path: /games/images/h1.gif
pragma: no-cache
cookie: PHPSESSID=rp33n4okne1jijppfpj67bee42
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: gamecopyworld.eu
referer: https://gamecopyworld.eu/games/pc_mars_war_logs.shtml
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://gamecopyworld.eu/games/pc_mars_war_logs.shtml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 13:16:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 538810
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 42
last-modified: Wed, 07 Oct 1998 21:02:18 GMT
server: cloudflare
etag: "2a-339a24b1fea80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B1f6XDtwKIsVGCP9WORZ%2BkzVqr3Ud5CnXVEO6ULIatCsMb3NjnhIXUG9bDFkTdyXdo4CNZa%2FTmf4gwC4OrTMAMhYfRDOkX12%2BWEJ121O7drGMXW67zPQngt%2F%2B2Aa3fU5wQo2"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 696db9c81d406903-FRA
expires: Fri, 01 Oct 2021 07:36:16 GMT

GET
H3 200 linkworld.gif
gamecopyworld.eu/games/images/ 2 KB
3 KB 24ms
23ms Image
image/gif 104.21.16.163
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gamecopyworld.eu/games/images/linkworld.gif
Requested by: Host: gamecopyworld.eu
URL: https://gamecopyworld.eu/games/pc_mars_war_logs.shtml
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.16.163 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 95af585291f2fb21865cb55c59d9c8fcf9c7a5bef0f525033a15a22f846454a2

Request headers

:path: /games/images/linkworld.gif
pragma: no-cache
cookie: PHPSESSID=rp33n4okne1jijppfpj67bee42
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: gamecopyworld.eu
referer: https://gamecopyworld.eu/games/pc_mars_war_logs.shtml
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://gamecopyworld.eu/games/pc_mars_war_logs.shtml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 13:16:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 527992
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 2178
last-modified: Sun, 26 Dec 1999 13:43:02 GMT
server: cloudflare
etag: "882-35c9407912580"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=32Stz2BciS7021gLjTLYdoFmEkOiYvoUELoTdDgrdzol7N0BQfTlqi8%2Fwd3xQYYlZt9LrGI9b7JHpYF0F0ZsaSjeZ9TJmscMyFsI9ioPeVHMiAQM1jHm4x%2Bk4xfrM%2B6CIK01"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 696db9c81d446903-FRA
expires: Fri, 01 Oct 2021 10:36:34 GMT

GET
H3 200 pc_mars_war_logs.jpg
gamecopyworld.eu/games/images/ 22 KB
23 KB 57ms
55ms Image
image/jpeg 104.21.16.163
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gamecopyworld.eu/games/images/pc_mars_war_logs.jpg
Requested by: Host: gamecopyworld.eu
URL: https://gamecopyworld.eu/games/pc_mars_war_logs.shtml
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.16.163 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6cd4f9a5632b15e92a7340e3ad8f329ffbec5a0d098374fdd6ffed682b9b0c98

Request headers

:path: /games/images/pc_mars_war_logs.jpg
pragma: no-cache
cookie: PHPSESSID=rp33n4okne1jijppfpj67bee42
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: gamecopyworld.eu
referer: https://gamecopyworld.eu/games/pc_mars_war_logs.shtml
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://gamecopyworld.eu/games/pc_mars_war_logs.shtml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 13:16:26 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 22770
last-modified: Fri, 26 Apr 2013 17:18:40 GMT
server: cloudflare
etag: "58f2-4db46b9e79c00"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KcFA2I3TdQ8lg80uFRfuw7HIieGmKjsF8HVOkstdLi0amPAZM%2FpqzmBfsmKgjw8Cb5UZcYuIxPXMJp0UogPBdQ80RkQTcmFxIJiIqq05KkFPypc4gSp3VlZTihXxeBXFp66V"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 696db9c81d466903-FRA
expires: Sat, 30 Oct 2021 13:16:26 GMT

GET
H3 200 flag_uk.gif
gamecopyworld.eu/games/images/ 76 B
689 B 24ms
23ms Image
image/gif 104.21.16.163
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gamecopyworld.eu/games/images/flag_uk.gif
Requested by: Host: gamecopyworld.eu
URL: https://gamecopyworld.eu/games/pc_mars_war_logs.shtml
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.16.163 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0b4502a5a623952c46395d726a3b6e303ffd954cc38388abc49dedd3d18b1295

Request headers

:path: /games/images/flag_uk.gif
pragma: no-cache
cookie: PHPSESSID=rp33n4okne1jijppfpj67bee42
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: gamecopyworld.eu
referer: https://gamecopyworld.eu/games/pc_mars_war_logs.shtml
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://gamecopyworld.eu/games/pc_mars_war_logs.shtml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 13:16:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 535319
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 76
last-modified: Fri, 05 Jan 2001 21:17:48 GMT
server: cloudflare
etag: "4c-37a2636457700"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5VzN0lryYoa%2FF376Md3VBw%2FNkYsYuA15Ya5ybFRI%2FyePJhHE01lfovNbouUAlnDO8x3oXYCZKZTjD8f0xai%2BQO9UXJLRa6x1TxsJbfERPKSbSBV7BxyBG43KyEQJDitlhXnQ"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 696db9c81d486903-FRA
expires: Fri, 01 Oct 2021 08:34:27 GMT

GET
H3 200 dsk.gif
gamecopyworld.eu/games/images/ 133 B
741 B 24ms
23ms Image
image/gif 104.21.16.163
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gamecopyworld.eu/games/images/dsk.gif
Requested by: Host: gamecopyworld.eu
URL: https://gamecopyworld.eu/games/pc_mars_war_logs.shtml
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.16.163 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb247ae5fff70e8b751cf1fa1326f1a5164692094fbae47eca64f6a5a584f098

Request headers

:path: /games/images/dsk.gif
pragma: no-cache
cookie: PHPSESSID=rp33n4okne1jijppfpj67bee42
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: gamecopyworld.eu
referer: https://gamecopyworld.eu/games/pc_mars_war_logs.shtml
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://gamecopyworld.eu/games/pc_mars_war_logs.shtml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 13:16:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 535319
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 133
last-modified: Fri, 05 Jan 2001 21:20:02 GMT
server: cloudflare
etag: "85-37a263e422480"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pLyfQSeGoY0kkYlVMdiBwmyrOKoMpsEnXXBwKdCESm0lrC6mGhof3pjN5vyj6YGxD9vi0r0zFLFtI0cdzJCAwPn7VmvEWNABvwgGRYwjyi8p51oBkvbTZYUE6fmeigRIb4GO"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 696db9c81d4e6903-FRA
expires: Fri, 01 Oct 2021 08:34:27 GMT

GET
H3 200 p1.js Show response
gamecopyworld.eu/js/ 34 KB
19 KB 23ms
23ms Script
application/javascript 104.21.16.163
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gamecopyworld.eu/js/p1.js
Requested by: Host: gamecopyworld.eu
URL: https://gamecopyworld.eu/games/pc_mars_war_logs.shtml
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.16.163 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bfee47b19d95211872f1a4e09adf5a485f90bbca674bd8afeb4c208152940a1f

Request headers

:path: /js/p1.js
pragma: no-cache
cookie: PHPSESSID=rp33n4okne1jijppfpj67bee42
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: gamecopyworld.eu
referer: https://gamecopyworld.eu/games/pc_mars_war_logs.shtml
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://gamecopyworld.eu/games/pc_mars_war_logs.shtml
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 13:16:26 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 14746
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 17 Dec 2019 20:11:58 GMT
server: cloudflare
etag: W/"88d9-599ebf0b8877c-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GmbhxGxhn4m%2BbBfMlpPMTMPYaDAQRjmlDX%2Bq81v%2BoXIfkXhOakfEQjpgTh1ARHVpXLKF5pc7ljxfj1334merJq5lcDW2u%2Fx4THKkyAk3lcGZ1BYL%2BJwLTPHi9FPXUS%2BvqCDo"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=604800
cf-ray: 696db9c81d506903-FRA
expires: Thu, 07 Oct 2021 09:10:40 GMT

GET
H3

200

@_ff_bt.php Show response
s1.filetarget.net/ Frame 0ABF
Redirect Chain

https://s1.filetarget.net/!_bt.php?sz=bn&sn=gcweu&bg=gcw_hdr&do=1&ns=0&nf=
https://s1.filetarget.net/@_ff_bt.php

407 B
826 B

32ms
30ms

Document
text/html

104.21.28.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.filetarget.net/@_ff_bt.php
Requested by: Host: gamecopyworld.eu
URL: https://gamecopyworld.eu/games/pc_mars_war_logs.shtml
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.28.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 73e0b7f46a5da27c20bde65487a9023552fac1304ecaede3bbcab9a5142806c8

Request headers

:method: GET
:authority: s1.filetarget.net
:scheme: https
:path: /@_ff_bt.php
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://gamecopyworld.eu/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://gamecopyworld.eu/

Response headers

date: Thu, 30 Sep 2021 13:16:26 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: max-age=0
expires: Thu, 30 Sep 2021 13:16:26 GMT
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w7vlUzTfulKLynUf8aHUle2FDP8ka56SBf0Z0HR0A7k%2FspxdWifeHQCZQ5FYCWEuqcqu74mEXbrMMzDCBrzhNgrTyTUovUqtccSHPFZqfpitPW7%2BuW1IFQfKHSMUyDl3unzHAg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 696db9c8ea554ed3-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

date: Thu, 30 Sep 2021 13:16:26 GMT
content-type: text/html; charset=UTF-8
location: @_ff_bt.php
cache-control: max-age=0
expires: Thu, 30 Sep 2021 13:16:26 GMT
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=anUW24SrDOxM81Hn6y7synRac6ZtZ69pjtl6JpgoNw0lca%2BUtIOpFx6qYAhj75yzh9fOV1UM5zh9BajEdEaX7pqY%2Bt75StinKG%2FiKima6g5LJYzz0kUDEbrRDfOLTQ0%2Bi2vKSw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 696db9c87d35dfff-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3

200

@_kgn.php Show response
s1.filetarget.net/ Frame E6F1
Redirect Chain

https://s1.filetarget.net/!_top.php?sz=bn&sn=gcweu&bg=gcw&ns=0&nf=
https://s1.filetarget.net/!_bn.php?sz=bn&sn=gcweu&bg=gcw&cn=US&df=&ns=0&id=&nf=0&kw=
https://s1.filetarget.net/@_kgn.php?sz=bn&sn=gcweu&bg=gcw&cn=US&df=&ns=1&id=&nf=0

593 B
924 B

36ms
36ms

Document
text/html

104.21.28.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.filetarget.net/@_kgn.php?sz=bn&sn=gcweu&bg=gcw&cn=US&df=&ns=1&id=&nf=0
Requested by: Host: gamecopyworld.eu
URL: https://gamecopyworld.eu/games/pc_mars_war_logs.shtml
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.28.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f62c917903c8d77a36141138bfbbd09995e27b498c01b235ad801eea9c0f2f21

Request headers

:method: GET
:authority: s1.filetarget.net
:scheme: https
:path: /@_kgn.php?sz=bn&sn=gcweu&bg=gcw&cn=US&df=&ns=1&id=&nf=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://gamecopyworld.eu/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://gamecopyworld.eu/

Response headers

date: Thu, 30 Sep 2021 13:16:26 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: max-age=0
expires: Thu, 30 Sep 2021 13:16:26 GMT
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a6neFAnE7fQWyvQRUziSOCEIF1YcmQCwAVY11UJZSu8F0j2J%2FxFVFy0zHX4xHAMegXrZN7NTP2iXDIzNy1ms2SrKHkNIcnKUphSFBc1THScXuLn%2BXp6I9jqRD7QgizJnn5rLqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 696db9c91ab34ed3-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

date: Thu, 30 Sep 2021 13:16:26 GMT
content-type: text/html; charset=UTF-8
location: @_kgn.php?sz=bn&sn=gcweu&bg=gcw&cn=US&df=&ns=1&id=&nf=0
cache-control: max-age=0
expires: Thu, 30 Sep 2021 13:16:26 GMT
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VNTmYDheJpQfsFAtoL9JrK8Hwcxkb1YBhtmz8vJw%2BPbZFaBUmKyzhXT8gUAsOPHI1RtI3N%2F8kkEn4jqHznIUT7EYblwnafEpkUgsQiyUe4WdfUYznv549rUNxjXEbh9hmnT6kQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 696db9c8ea594ed3-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3

200

!_games.php Show response
s1.filetarget.net/ Frame 5B47
Redirect Chain

https://s1.filetarget.net/!_sk.php?sz=sk&sn=gcweu&bg=gcw&ns=0&nf=
https://s1.filetarget.net/!_geo.php?sz=sk&sn=gcweu&bg=gcw&cn=US&df=&ns=1&id=&nf=0&sk=
https://s1.filetarget.net/!_sk.php?sz=sk&sn=gcweu&bg=gcw&ng=1&ns=1&cn=US&kw=&bt=&nu=&sk=&dn=&id=
https://s1.filetarget.net/!_games.php?sz=sk&sn=gcweu&bg=gcw&cn=US&ns=1&id=&nf=0&pr=1

596 B
890 B

40ms
40ms

Document
text/html

104.21.28.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.filetarget.net/!_games.php?sz=sk&sn=gcweu&bg=gcw&cn=US&ns=1&id=&nf=0&pr=1
Requested by: Host: gamecopyworld.eu
URL: https://gamecopyworld.eu/games/pc_mars_war_logs.shtml
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.28.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 67d32079e66ed0cf54a4001803d72729af2b448aa7fee24e1b29e67f0f79e3de

Request headers

:method: GET
:authority: s1.filetarget.net
:scheme: https
:path: /!_games.php?sz=sk&sn=gcweu&bg=gcw&cn=US&ns=1&id=&nf=0&pr=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://gamecopyworld.eu/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://gamecopyworld.eu/

Response headers

date: Thu, 30 Sep 2021 13:16:26 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: max-age=0
expires: Thu, 30 Sep 2021 13:16:26 GMT
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0qKlZ1y4LeQfvFx5dH%2FFL6wQJbED3z1mYYtvwgNqYbg7i4TbGqKyj1NGAfL5CpAPSHAzwm0AR4wM1p7GADaUchu4LWIDrbYt1JjryU6R4VHunZrTs50YBXnsWfh1LISGHPZpJg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 696db9c94b024ed3-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

date: Thu, 30 Sep 2021 13:16:26 GMT
content-type: text/html; charset=UTF-8
location: !_games.php?sz=sk&sn=gcweu&bg=gcw&cn=US&ns=1&id=&nf=0&pr=1
cache-control: max-age=0
expires: Thu, 30 Sep 2021 13:16:26 GMT
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lwvmZsQNBqWkPLu5vTFFN8qiBPVB3UDN40kTjfVXt3R27j6Hm2V%2BDeXdwfkv8lHQSPmr0pFlMJmfUiNhqymnhvWlOXwUAbdVqEAvf9eqwRrZZqDIueHNbvEAorA%2FtQF0jzN%2BUA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 696db9c91ab14ed3-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3

200

@_kgn.php Show response
s1.filetarget.net/ Frame D9C5
Redirect Chain

https://s1.filetarget.net/!_bs.php?sz=bs&bl=1&sn=gcweu&bg=gcw&ns=0&nf=
https://s1.filetarget.net/@_az.php?sz=bs&sn=gcweu&bg=gcw&cn=US&df=&ns=1&id=&nf=0
https://s1.filetarget.net/!_bs.php?sz=bs&sn=gcweu&bg=gcw&ng=&ns=1&cn=US&kw=&bt=&nu=&sk=&dn=&id=&nf=1
https://s1.filetarget.net/!_games.php?sz=bs&sn=gcweu&bg=gcw&cn=US&df=&ns=1&id=&nf=1
https://s1.filetarget.net/!_bs.php?sz=bs&sn=gcweu&bg=gcw&ng=&ns=1&cn=US&kw=&bt=&nu=&sk=&dn=&id=
https://s1.filetarget.net/!_geo.php?sz=bs&sn=gcweu&bg=gcw&cn=US&df=&ns=1&id=&nf=0&sk=
https://s1.filetarget.net/!_bs.php?sz=bs&sn=gcweu&bg=gcw&ng=1&ns=1&cn=US&kw=&bt=&nu=&sk=&dn=&id=
https://s1.filetarget.net/@_az.php?sz=bs&sn=gcweu&bg=gcw&cn=US&df=&ns=1&id=&nf=0
https://s1.filetarget.net/!_bs.php?sz=bs&sn=gcweu&bg=gcw&ng=&ns=1&cn=US&kw=&bt=&nu=&sk=&dn=&id=&nf=1
https://s1.filetarget.net/@_kgn.php?sz=bs&sn=gcweu&bg=gcw&cn=US&df=&ns=1&id=&nf=1

547 B
888 B

22ms
22ms

Document
text/html

104.21.28.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.filetarget.net/@_kgn.php?sz=bs&sn=gcweu&bg=gcw&cn=US&df=&ns=1&id=&nf=1
Requested by: Host: gamecopyworld.eu
URL: https://gamecopyworld.eu/games/pc_mars_war_logs.shtml
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.28.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b537f677a32d3562dbe514aa48df1869f9a936325e8bd9d3b7b4bca5fc0e6ed5

Request headers

:method: GET
:authority: s1.filetarget.net
:scheme: https
:path: /@_kgn.php?sz=bs&sn=gcweu&bg=gcw&cn=US&df=&ns=1&id=&nf=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://gamecopyworld.eu/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://gamecopyworld.eu/

Response headers

date: Thu, 30 Sep 2021 13:16:26 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: max-age=0
expires: Thu, 30 Sep 2021 13:16:26 GMT
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wHKAV6C5wdZuVoaCq250ClZ6%2FxlO7DqPsQVPuBfPrPEz08XMy2T%2FkafiX5GMoxAEFokp%2BruMjo8fZvp6QP9IvAGYf7lFN%2BguN7F5NSoscdneoC8lDIRQqNvSOOuMbdfhNcDk0g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 696db9ca8e064ed3-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

date: Thu, 30 Sep 2021 13:16:26 GMT
content-type: text/html; charset=UTF-8
location: @_kgn.php?sz=bs&sn=gcweu&bg=gcw&cn=US&df=&ns=1&id=&nf=1
cache-control: max-age=0
expires: Thu, 30 Sep 2021 13:16:26 GMT
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8tn2PucGRtWzcNFgtozblzmugDjqAp3xqAnCm6%2BcLbn6LNiKUJFgwFdz9uf7t%2Btj%2BvxT6EtB3Wp3W0apBvho9mOjbJW7ArYvcdl87qLUamw4u79sUy6O69PVQK36bH4ILqh%2FIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 696db9ca6dc64ed3-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3

200

@_tc.php Show response
s1.filetarget.net/ Frame 8E05
Redirect Chain

https://s1.filetarget.net/!_btm.php?sz=bn&sn=gcweu&bg=gcw&ns=0&nf=
https://s1.filetarget.net/@_tc.php?sz=bn&sn=gcweu&bg=gcw&cn=US&df=&ns=0&id=&nf=0&np=1

529 B
874 B

71ms
46ms

Document
text/html

104.21.28.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.filetarget.net/@_tc.php?sz=bn&sn=gcweu&bg=gcw&cn=US&df=&ns=0&id=&nf=0&np=1
Requested by: Host: gamecopyworld.eu
URL: https://gamecopyworld.eu/games/pc_mars_war_logs.shtml
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.28.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 53b4b6183ff408bbbe5c93b23f548f9de9faac415bf3ed078ca1fbbd1f8d1d87

Request headers

:method: GET
:authority: s1.filetarget.net
:scheme: https
:path: /@_tc.php?sz=bn&sn=gcweu&bg=gcw&cn=US&df=&ns=0&id=&nf=0&np=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://gamecopyworld.eu/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://gamecopyworld.eu/

Response headers

date: Thu, 30 Sep 2021 13:16:26 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: max-age=0
expires: Thu, 30 Sep 2021 13:16:26 GMT
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3%2BY9HOxb%2FU31k%2BUx%2F82wjVX6p6B7ci17WxB5JnyxkMp9D9L6TkXGrmVz4gAE6tRPJDdvF2N%2FKinNmKgd1ZtZZzZWgT5c7z%2B9E8eG%2Fnje5UqHxzKoS5ifzwbESt8mDHNgc%2B3odg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 696db9c8ea574ed3-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

date: Thu, 30 Sep 2021 13:16:26 GMT
content-type: text/html; charset=UTF-8
location: @_tc.php?sz=bn&sn=gcweu&bg=gcw&cn=US&df=&ns=0&id=&nf=0&np=1
cache-control: max-age=0
expires: Thu, 30 Sep 2021 13:16:26 GMT
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F97UPfnJuhBdv8KhnQmIUgxhA6EiVoilT%2BJc6B26IiN5VqOoIiaBYG%2BdX3Pyq9daP%2BV4TQDLnhaaIUruu3ALR1x9YT6oQNM2lBW%2BRwXggH4c96NurGQrGA9FOKVtHLPs11Ac6g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 696db9c87d3cdfff-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 206 e0582_2.mp4
gamecopyworld.eu/i/tc/pm/ 1 MB
1 MB 41ms
41ms Media
video/mp4 104.21.16.163
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gamecopyworld.eu/i/tc/pm/e0582_2.mp4
Requested by: Host: gamecopyworld.eu
URL: https://gamecopyworld.eu/games/pc_mars_war_logs.shtml
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.16.163 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7a57d4eec8f59c20b61b8e048e0c5d1580da8c8ca52d7a9b383628319cd167a7

Request headers

sec-fetch-mode: cors
accept-encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
sec-fetch-dest: video
cookie: PHPSESSID=rp33n4okne1jijppfpj67bee42
:path: /i/tc/pm/e0582_2.mp4
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept: */*
cache-control: no-cache
:authority: gamecopyworld.eu
referer: https://gamecopyworld.eu/games/pc_mars_war_logs.shtml
:scheme: https
sec-fetch-site: same-origin
range: bytes=0-
:method: GET
Referer: https://gamecopyworld.eu/games/pc_mars_war_logs.shtml
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Range: bytes=0-

Response headers

date: Thu, 30 Sep 2021 13:16:26 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Content-Range: bytes 0-1077157/1077158
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length: 1077158
last-modified: Tue, 09 Jul 2019 14:10:31 GMT
server: cloudflare
etag: "106fa6-58d401fa252d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pN7ezDSFAfRp%2FiIFqOQCpNLolYwVxiyb%2Bdu8572aM5gjCyhFdVhl1%2FfUqShXKoPqG%2BgLlxvMmHUST%2FZjOhqRujikMfa8vpTtoNoJ7kKfMGmTuO8mEnVC2wnooA7c2TbNGipH"}],"group":"cf-nel","max_age":604800}
content-type: video/mp4
cache-control: max-age=14400
cf-ray: 696db9c89e8e6903-FRA
expires: Thu, 30 Sep 2021 13:16:26 GMT

GET
H3 200 bt_3.gif
s1.filetarget.net/ii/ff/ Frame 0ABF 8 KB
9 KB 31ms
31ms Image
image/gif 104.21.28.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.filetarget.net/ii/ff/bt_3.gif
Requested by: Host: s1.filetarget.net
URL: https://s1.filetarget.net/@_ff_bt.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.28.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ae4ffc957bd1ea93d5b3f2a7559e5a949c0f5e233626eb90b860147622534e5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s1.filetarget.net/@_ff_bt.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 13:16:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 885084
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 8582
last-modified: Sun, 08 Nov 2015 09:03:56 GMT
server: cloudflare
etag: "2186-52403c1a6f700"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cWWEYfwc9qvEaH9FmWeRRJ01MdDqQJ%2BlQ%2BsqMJ4GL%2FZYXpwfHhEalmnTsLUU%2BKRKUqtldgM9mK8N%2B4w4N5ZPBgboi%2Btf%2B00%2BrbtCLAySeD%2F9lZxP4T8J1HoUwAcM0r4SKqNF6w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 696db9c9abc64ed3-FRA
expires: Wed, 20 Oct 2021 07:25:02 GMT

GET
H3 200 is_bn_harley_1.jpg
s1.filetarget.net/ii/tc/ Frame 8E05 42 KB
43 KB 25ms
25ms Image
image/jpeg 104.21.28.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.filetarget.net/ii/tc/is_bn_harley_1.jpg
Requested by: Host: s1.filetarget.net
URL: https://s1.filetarget.net/@_tc.php?sz=bn&sn=gcweu&bg=gcw&cn=US&df=&ns=0&id=&nf=0&np=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.28.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c55d16bf5a37ade168f2d46f68d7d86d84e90be62c446dc57e859c82ddc092a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s1.filetarget.net/@_tc.php?sz=bn&sn=gcweu&bg=gcw&cn=US&df=&ns=0&id=&nf=0&np=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 13:16:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 637419
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 43097
last-modified: Thu, 03 Oct 2019 16:34:15 GMT
server: cloudflare
etag: "a859-5940428032a51"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wc42OXXDABTXkhiWfDhybuDvspjRyBs%2BjR8xqLqvPHXR0RZ6Sm98l3OAMDgs5CjmK25TUMV7jkXzO1oiqfJQMDC1RJVeLL7n8vI7Xgvx9F%2F%2BPUpyzpKGggAeXLonJn2cjtJ5ew%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 696db9c9abca4ed3-FRA
expires: Sat, 23 Oct 2021 04:12:47 GMT

GET
H3 200 codcw_bn.jpg
s1.filetarget.net/ii/kgn/ Frame E6F1 7 KB
7 KB 32ms
32ms Image
image/jpeg 104.21.28.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.filetarget.net/ii/kgn/codcw_bn.jpg
Requested by: Host: s1.filetarget.net
URL: https://s1.filetarget.net/@_kgn.php?sz=bn&sn=gcweu&bg=gcw&cn=US&df=&ns=1&id=&nf=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.28.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54e080d2ca2618286e291228bace3164f151a53045697ec82e660b1ef54a0d01

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s1.filetarget.net/@_kgn.php?sz=bn&sn=gcweu&bg=gcw&cn=US&df=&ns=1&id=&nf=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 13:16:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1241612
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 7070
last-modified: Wed, 21 Apr 2021 11:19:52 GMT
server: cloudflare
etag: "1b9e-5c079bde1ddf4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6AZy8%2BBSjniCCHzDV28cOqCABNMvwuUNe%2FaZxDe7Mu5aONjUF4hAYxE6bcJbOeVHmFKjwAoP3Mmb6B7w033dhnG7SjVYfq%2B4mdeDTzHzeoGNREKXXfkOmarYdm%2BY3wc7tUYC2g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 696db9c9abcd4ed3-FRA
expires: Sat, 16 Oct 2021 04:22:54 GMT

GET
H3 200 alien_sky.jpg
s1.filetarget.net/sw/sk/ Frame 5B47 15 KB
15 KB 17ms
17ms Image
image/jpeg 104.21.28.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.filetarget.net/sw/sk/alien_sky.jpg
Requested by: Host: s1.filetarget.net
URL: https://s1.filetarget.net/!_games.php?sz=sk&sn=gcweu&bg=gcw&cn=US&ns=1&id=&nf=0&pr=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.28.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1177fb9cd36cd194948678bb2b1edadacf9211108cca9a644ad6e3fe74c223f6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s1.filetarget.net/!_games.php?sz=sk&sn=gcweu&bg=gcw&cn=US&ns=1&id=&nf=0&pr=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 13:16:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1505375
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 15233
last-modified: Tue, 20 Nov 2007 15:16:16 GMT
server: cloudflare
etag: "3b81-43f5dbf031000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IEt6meWs0H%2FGRwa7juLROda2gXo4PELbo5LiuWSoq3pFzZi9USxTEKIp9CN8F5NQQ4Wjljpu%2FnL0VIbzWlUpUGiT6Oscv4f5MtI1pHMIJ1cHR9xtrgW7XSICFseoolzIJAWo%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 696db9c9abd14ed3-FRA
expires: Wed, 13 Oct 2021 03:06:51 GMT

GET
H3 200 sottr_bs.jpg
s1.filetarget.net/ii/kgn/ Frame D9C5 22 KB
23 KB 34ms
34ms Image
image/jpeg 104.21.28.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.filetarget.net/ii/kgn/sottr_bs.jpg
Requested by: Host: s1.filetarget.net
URL: https://s1.filetarget.net/@_kgn.php?sz=bs&sn=gcweu&bg=gcw&cn=US&df=&ns=1&id=&nf=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.28.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 262c55ad26dd4448b75eb8cfc19396b8a7483d86f334cc70cf5ba81ba510b78b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s1.filetarget.net/@_kgn.php?sz=bs&sn=gcweu&bg=gcw&cn=US&df=&ns=1&id=&nf=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 13:16:26 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 22958
last-modified: Fri, 21 Sep 2018 10:06:38 GMT
server: cloudflare
etag: "59ae-5765ecba07b0e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PdZLix2%2BcdcGCDjCTtwlimItcNliC0dYLssq6J3SHzo5JLjFLAb6tY%2BoSV7oNFwpKGZmz8GEPazOgPTJUdhiTFB2dk%2FzWJ0tq5IUZ%2FRSY%2BHoD45oCKT3Ko2uBt4%2ByCUcB2TdKg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 696db9cb0f424ed3-FRA
expires: Sat, 30 Oct 2021 13:16:26 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuVQ05LQZ1zjBG2od0i2-gjxax8nTUQjlo8VpqiFn423nNlZER4suUMlv7TngKSu7v20DjMneais75w_C2M6_Nf-zt32tOj9ZIbEnYYX4KiA5nE2CU&sai=AMfl-YQK27VYgA5r2i0n7Xc-EgA-fkXjWtDPMCIh2RqQbg9OqCnz-IB0iY_4JcvZWgcZcCJLa7HquUwRnzK-&sig=Cg0ArKJSzHtosD9lzukaEAE&id=lidartos&mcvt=5837&p=9,438,99,1166&mtos=5837,5837,5837,5837,5837&tos=5837,0,0,0,0&v=20210927&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=4&adk=2451648850&rs=2&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=u&rst=1633007779414&rpt=866&ec=0

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvrY0xa-6VX14J1wYSkphKAFeyovjrEd5eyBEHg8NxHbpJPjxwKk-6nEoCNMhLpoT4aVRpeDVbqvoaIALEi4vgw4uhdQKF-Wh6HuUJZJWrDi81orv8&sai=AMfl-YTAAorvbiBOAcsWIlTm0Yvgup0YvJTS1UU9CgmbBlyxsaYLMDr6MsZdP6tsp03B2CrqUbUQtAxlz0l5&sig=Cg0ArKJSzMZ2G7mNBwk7EAE&id=lidartos&mcvt=5733&p=104,868,354,1168&mtos=5733,5733,5733,5733,5733&tos=5733,0,0,0,0&v=20210927&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=4&adk=4210093258&rs=2&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=u&rst=1633007779431&rpt=955&ec=0

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstnYJQi5uaspMkzvW9pGKllLf3LOAdvkxeOH5o3zpDm4uOuq2YGKvgvROE2iZXskyOpV-R-bXbtcxyrZhQvqH9BkxKwZxtgGiBEBscCDxmtM0M_Wq8&sai=AMfl-YR8iFf8a8p3-_DNmS7sWx6d4FkCUp92Y_lcHRM6UKlplFD51bcahecv18RTCnagvs04jCbFPsZXIU0e&sig=Cg0ArKJSzPr7IMb9LIGTEAE&id=lidartos&mcvt=6102&p=411,566,469,1034&mtos=6102,6102,6102,6102,6102&tos=6102,0,0,0,0&v=20210927&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=4&adk=4048629624&rs=2&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=u&rst=1633007779443&rpt=556&ec=0

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
d2.consoletarget.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: r1jjk9sute01pqfl7bonq3i9j7
adserver.adreactor.com/	1970-01-20 06:22:23	Name: ADRUID Value: 587bb5b959156b9d9f0fe117cd657711
.consoletarget.com/	1970-01-20 06:58:23	Name: __gads Value: ID=84c10c07cc402d34-223f98b57ac900e2:T=1633007779:RT=1633007779:S=ALNI_MaRT3ciKN-b8f68HU5obZXfhoZ6Wg
.doubleclick.net/	1970-01-20 15:07:59	Name: IDE Value: AHWqTUlfee-xr38-yKEATwwNcCngbC7bSYGzZ8lx4ls5nLUXzhIEIR0sC6q5XzDqZiw
.doubleclick.net/	1970-01-19 21:36:48	Name: test_cookie Value: CheckForPermission
.doubleclick.net/	1970-01-19 21:36:51	Name: DSID Value: NO_DATA
gamecopyworld.eu/	1969-12-31 23:59:59	Name: PHPSESSID Value: rp33n4okne1jijppfpj67bee42

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://adserver.adreactor.com/servlet/view/window/javascript/ajax/zone?zid=23&pid=8845&uuid=587bb5b959156b9d9f0fe117cd657711&sver=1&pvid=21377460&resolution=1600x1200&random=26116500&millis=1633007779445&referrer=https%3A%2F%2Fd2.consoletarget.com%2F%3Fy%3Dcdd07634%26x%3DktVrDlr%252BQZgiyDAa2CWtTJWZR7mJ%252Fya98O5DH%252BZrC1kk7R5dxzj%252F8hZb1J%252BUQ9K7ZKFIj%252BsfcAkMaUlwAKBB9TrU4pu%252F8UWsqpM9wqUeaXE%252F%252BJX0heuxH%252BKGSlJkpRbQleHDx6whNEqkKAmVk7J56Hl4To%252FWf26wlX1R1bkQHb4%253D Message: Failed to load resource: the server responded with a status of 401 (Unauthorized)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adserver.adreactor.com
adservice.google.com
cdnjs.cloudflare.com
d2.consoletarget.com
gamecopyworld.eu
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
s1.filetarget.net
tpc.googlesyndication.com
www.google.com
www.googletagservices.com
pagead2.googlesyndication.com
104.16.18.94
104.21.16.163
104.21.28.110
142.250.185.130
142.250.185.98
142.250.186.97
172.217.18.98
172.67.148.24
216.58.212.162
216.58.212.164
46.166.179.123
060c126a38460626d946329d21b142e8549a27661bd40dbb5b61dd015b5bc44c
0b4502a5a623952c46395d726a3b6e303ffd954cc38388abc49dedd3d18b1295
1177fb9cd36cd194948678bb2b1edadacf9211108cca9a644ad6e3fe74c223f6
17acbfa149f7a2c600a5e6aba0ce4d505d84368216f12aee7fecdd53a4f24daf
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1a99c050ba983fd07957578bdea213d67453f6d724a40914a2f29ea03aac49c0
1c55d16bf5a37ade168f2d46f68d7d86d84e90be62c446dc57e859c82ddc092a
262c55ad26dd4448b75eb8cfc19396b8a7483d86f334cc70cf5ba81ba510b78b
2849484c9ed181b9f9aff94fa6058937af8d8bfc8765b7e66560ab96597bc5ca
2e1dda8f4d03002070076628c25fcfc80c63797c31b3deade9c0f12437928bfe
2e2201192d8a342b5f570c4418dc4dcd2c0460243b4f9ba99c60a7c312d13e50
2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0
342eb91d51c7a9e6f87b1b8b9090b371fcd6940d6e976dc69060f01d95361681
343d41b6534ec3dc054e614fba31ae351badf3ac51d7bb9e968476c330774fd9
3523f4564607513e81b5fd0c6612a4e7dd94cce6830b24843bcb79b277d253ca
456ab1a71507ed91abae14c9d08faffb373a7bc711a66e44341b7b8b7bb72ab4
49e94ae45a0fa8efe4ce0e945476a0911223c376d360b3f5a7ee96b244c711a1
4b9bccdbe5e54a43b311d387bcd57a43b5063c962af7ba60bef421aa61a6e491
4ce1b0024647ba71e155c85282b66ce435de0be7fa1e04aaaa7371adc8642afd
4f430df1926f8f2c1211de662c1070de2b98259bfc9bbdd8cf70c7b53d6777cd
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
53b4b6183ff408bbbe5c93b23f548f9de9faac415bf3ed078ca1fbbd1f8d1d87
54e080d2ca2618286e291228bace3164f151a53045697ec82e660b1ef54a0d01
660fde42e9d1de3cb20426daad1a75af8462fb17a9fe295ca61020350c68e5b9
67d32079e66ed0cf54a4001803d72729af2b448aa7fee24e1b29e67f0f79e3de
69498b7ca4ec29135401e758efcca85816ce24a5cdfd06fd74f66f8cd69900a5
6ae4ffc957bd1ea93d5b3f2a7559e5a949c0f5e233626eb90b860147622534e5
6cd4f9a5632b15e92a7340e3ad8f329ffbec5a0d098374fdd6ffed682b9b0c98
73e0b7f46a5da27c20bde65487a9023552fac1304ecaede3bbcab9a5142806c8
74e66dd032ef31ab9ff62cf1eccb28e325483454b2794f2bfba58c18b514d457
7a57d4eec8f59c20b61b8e048e0c5d1580da8c8ca52d7a9b383628319cd167a7
836864ca0c14dbea8cc6f12c18e99b4cca062d26c5a1873fc83c239a153bf693
8806d9eaf9e8ca89fa2404e8cb66a9fa115e0a0f687ad0dcd91cabce4c2179c6
8aecdbe2b9eb48816533c004a9d5052250a3f74193b9ade1a36a73b66a7353af
8c539a5a975d1f85ea0c0d782ed6fbd77da129a531005f5320d067aeedcfc37b
8e29ced21064904106c1f061d0668842e8da5d0484f11dabf5e29200e0f3dedd
95af585291f2fb21865cb55c59d9c8fcf9c7a5bef0f525033a15a22f846454a2
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4bcf7ab961863c643d6db0ce720b7cddad6e9135b2b52f4ac6b4879d81b1f64
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a672e695dab08ffadbea7f0e77f1a723eefff684ae0cdabe2ca3b7a141554c3e
a8976959ee6a37392fa435cfabf7935aeabf34f509fbb6e46a931b448402717d
af4c6683814aa527caf53bde3d021e6aafe00833b45f2dead043c87ed7864674
b0d991e37586d562816f1943c3fa080f5ecf1c2b5dbdd30a6f5f92abaa42c179
b537f677a32d3562dbe514aa48df1869f9a936325e8bd9d3b7b4bca5fc0e6ed5
bfee47b19d95211872f1a4e09adf5a485f90bbca674bd8afeb4c208152940a1f
c178b294f465f8c802b3f20752a384d2304c8628f8908d30ff13d02e861c2442
cb247ae5fff70e8b751cf1fa1326f1a5164692094fbae47eca64f6a5a584f098
ccca0dba2f0d3225f8c05ff7e36c3897965d5a37f1d41318d99075c92f368383
ce0b184f89d9ddaa98932334dd0b3e8433fd917b568f9272fae2a3459e0bc0c7
d7f53fe655005e5c76409d0d5cbde112b974bf6fd18b38c958c6da337ddac66a
da48b97b44f32bd333c5ca822e07f0997269db7bbd7e85f514035e02a57624f7
e33ad6d83b000dda5c66bd85a500c8d1f7e287b67145e687513d074f590fa231
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5668ad294690c0def710438c8462f2eb7ece9e8ef4b7ab53cb93a45d1f8cd7c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efa2ec1d872cdd22f2ca6aedea7b686c7eda3867f5d28c1321891a775edb7ad8
f62c917903c8d77a36141138bfbbd09995e27b498c01b235ad801eea9c0f2f21
fb56aafb9f3da535d08485f43b4b2bd1bcbddcd3ac799c3bfc3eb076bf4cdd95

gamecopyworld.eu Open in urlscan Pro 104.21.16.163 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

92 Requests

97 %HTTPS

0 %IPv6

10 Domains

12 Subdomains

12 IPs

3 Countries

4757 kBTransfer

5897 kBSize

7 Cookies

13 Outgoing links

Page URL History

Redirected requests

92 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

gamecopyworld.eu Open in urlscan Pro
104.21.16.163 Public Scan

Screenshot
Live screenshot

Full Image

92
Requests

97 %
HTTPS

0 %
IPv6

10
Domains

12
Subdomains

12
IPs

3
Countries

4757 kB
Transfer

5897 kB
Size

7
Cookies

92 HTTP transactions
3 data transactions