www.unknowncheats.me Open in urlscan Pro
2606:4700:20::681a:dfb Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.unknowncheats.me/forum/downloads.php?do=file&id=38109
Submission: On September 10 via api (September 10th 2022, 5:25:24 am UTC) from HK — Scanned from DE

Summary HTTP 193 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 36 IPs in 6 countries across 25 domains to perform 193 HTTP transactions. The main IP is 2606:4700:20::681a:dfb, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.unknowncheats.me. The Cisco Umbrella rank of the primary domain is 333961.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 15th 2022. Valid for: a year.

This is the only time www.unknowncheats.me was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
37	2606:4700:20:... 2606:4700:20::681a:dfb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:803::2008	15169 (GOOGLE) (GOOGLE)
4	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
1	51.77.64.70 51.77.64.70	16276 (OVH) (OVH)
4	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
4	108.138.4.10 108.138.4.10	16509 (AMAZON-02) (AMAZON-02)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:a10d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:10:... 2606:4700:10::ac43:266a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE)
9	18.66.147.50 18.66.147.50	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
1	141.95.98.69 141.95.98.69	16276 (OVH) (OVH)
1	162.19.138.117 162.19.138.117	16276 (OVH) (OVH)
24	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
16	2a00:1450:400... 2a00:1450:4001:80b::2001	15169 (GOOGLE) (GOOGLE)
2 2	18.202.123.230 18.202.123.230	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:223... 2600:9000:223f:f800:8:48e:53c0:93a1	() ()
4	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
8 10	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
4 8	104.18.18.126 104.18.18.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 5	185.89.210.212 185.89.210.212	29990 (ASN-APPNEX) (ASN-APPNEX)
34	2a00:1450:400... 2a00:1450:4001:810::2006	15169 (GOOGLE) (GOOGLE)
2	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
2	23.35.237.56 23.35.237.56	16625 (AKAMAI-AS) (AKAMAI-AS)
6	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
2	213.202.235.8 213.202.235.8	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2 4	52.19.103.22 52.19.103.22	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
193	36

37 2606:4700:20::681a:dfb (United States)

ASN13335 (CLOUDFLARENET, US)

www.unknowncheats.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.adligature.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.77.64.70 (Germany)

ASN16276 (OVH, FR)
PTR: de-fra-1.pro.ip-api.com

pro.ip-api.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 108.138.4.10 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-4-10.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:a10d (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.viglink.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:266a (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 18.66.147.50 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-50.fra60.r.cloudfront.net

tagan.adlightning.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

c96ea1d41c82c81a001846353bbc8487.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.98.69 (France)

ASN16276 (OVH, FR)
PTR: ns3216534.ip-141-95-98.eu

lb.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.117 (France)

ASN16276 (OVH, FR)
PTR: ns31533568.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.202.123.230 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-202-123-230.eu-west-1.compute.amazonaws.com

pixel.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:223f:f800:8:48e:53c0:93a1 (United States)

ASN- ()

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 142.250.186.66 (United States) 8 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 104.18.18.126 (None, ) 4 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.89.210.212 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

34 2a00:1450:4001:810::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.35.237.56 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-56.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.202.235.8 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)

m.exactag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.19.103.22 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-103-22.eu-west-1.compute.amazonaws.com

skydeutschland.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
45	googlesyndication.com c96ea1d41c82c81a001846353bbc8487.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 129 tpc.googlesyndication.com — Cisco Umbrella Rank: 174 ade.googlesyndication.com — Cisco Umbrella Rank: 316	266 KB
37	unknowncheats.me www.unknowncheats.me — Cisco Umbrella Rank: 333961	581 KB
34	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 350	779 KB
27	doubleclick.net 8 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 226 stats.g.doubleclick.net — Cisco Umbrella Rank: 188 googleads.g.doubleclick.net — Cisco Umbrella Rank: 73 cm.g.doubleclick.net — Cisco Umbrella Rank: 303 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 373	281 KB
9	adlightning.com tagan.adlightning.com — Cisco Umbrella Rank: 2894	219 KB
8	casalemedia.com 4 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 904	6 KB
5	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 329	5 KB
5	google.com adservice.google.com — Cisco Umbrella Rank: 142 www.google.com — Cisco Umbrella Rank: 19	1 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 94 region1.google-analytics.com — Cisco Umbrella Rank: 2119	20 KB
4	demdex.net 2 redirects skydeutschland.demdex.net — Cisco Umbrella Rank: 48019	4 KB
4	adsafeprotected.com 2 redirects pixel.adsafeprotected.com — Cisco Umbrella Rank: 867 static.adsafeprotected.com — Cisco Umbrella Rank: 791	1 KB
4	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 362	47 KB
4	adligature.com cdn.adligature.com — Cisco Umbrella Rank: 83785	186 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 234	132 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 355	46 KB
2	exactag.com m.exactag.com — Cisco Umbrella Rank: 11230	2 KB
2	teads.tv sync.teads.tv — Cisco Umbrella Rank: 1510	344 B
2	openx.net us-u.openx.net — Cisco Umbrella Rank: 708	365 B
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 1490 id5-sync.com — Cisco Umbrella Rank: 636	14 KB
2	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 480	93 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 141	115 KB
1	eu-1-id5-sync.com lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1893	334 B
1	google.de adservice.google.de — Cisco Umbrella Rank: 5202	792 B
1	viglink.com cdn.viglink.com — Cisco Umbrella Rank: 7868	28 KB
1	ip-api.com pro.ip-api.com — Cisco Umbrella Rank: 5935	208 B
193	25

	Domain	Requested by
37	www.unknowncheats.me	www.unknowncheats.me client
34	s0.2mdn.net	tagan.adlightning.com s0.2mdn.net
24	pagead2.googlesyndication.com	securepubads.g.doubleclick.net c96ea1d41c82c81a001846353bbc8487.safeframe.googlesyndication.com tagan.adlightning.com tpc.googlesyndication.com s0.2mdn.net www.googletagservices.com
16	tpc.googlesyndication.com	tagan.adlightning.com c96ea1d41c82c81a001846353bbc8487.safeframe.googlesyndication.com s0.2mdn.net
10	cm.g.doubleclick.net	8 redirects googleads.g.doubleclick.net
9	tagan.adlightning.com	cdn.adligature.com tagan.adlightning.com c96ea1d41c82c81a001846353bbc8487.safeframe.googlesyndication.com
8	dsum-sec.casalemedia.com	4 redirects googleads.g.doubleclick.net
6	googleads4.g.doubleclick.net	www.unknowncheats.me
6	googleads.g.doubleclick.net	c96ea1d41c82c81a001846353bbc8487.safeframe.googlesyndication.com tagan.adlightning.com
5	ib.adnxs.com	3 redirects googleads.g.doubleclick.net
4	skydeutschland.demdex.net	2 redirects c96ea1d41c82c81a001846353bbc8487.safeframe.googlesyndication.com
4	www.google.com	c96ea1d41c82c81a001846353bbc8487.safeframe.googlesyndication.com tagan.adlightning.com
4	c96ea1d41c82c81a001846353bbc8487.safeframe.googlesyndication.com	securepubads.g.doubleclick.net tagan.adlightning.com
4	c.amazon-adsystem.com	cdn.adligature.com c.amazon-adsystem.com
4	securepubads.g.doubleclick.net	cdn.adligature.com securepubads.g.doubleclick.net
4	cdn.adligature.com	www.unknowncheats.me cdn.adligature.com
3	www.googletagservices.com	c96ea1d41c82c81a001846353bbc8487.safeframe.googlesyndication.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	cdnjs.cloudflare.com	s0.2mdn.net
2	m.exactag.com	c96ea1d41c82c81a001846353bbc8487.safeframe.googlesyndication.com
2	sync.teads.tv	googleads.g.doubleclick.net
2	us-u.openx.net	googleads.g.doubleclick.net
2	static.adsafeprotected.com	c96ea1d41c82c81a001846353bbc8487.safeframe.googlesyndication.com
2	pixel.adsafeprotected.com	2 redirects
2	region1.google-analytics.com	www.googletagmanager.com
2	ajax.googleapis.com	www.unknowncheats.me s0.2mdn.net
2	www.googletagmanager.com	www.unknowncheats.me www.googletagmanager.com
1	ade.googlesyndication.com
1	id5-sync.com	cdn.id5-sync.com
1	lb.eu-1-id5-sync.com	cdn.id5-sync.com
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	stats.g.doubleclick.net	www.google-analytics.com
1	cdn.id5-sync.com	www.unknowncheats.me
1	cdn.viglink.com	cdn.adligature.com
1	pro.ip-api.com	cdn.adligature.com
193	36

This site contains links to these domains. Also see Links.

Domain
www.iwantcheats.net
proxy-seller.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-15` - `2023-05-15`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
*.ip-api.com Sectigo RSA Domain Validation Secure Server CA	`2021-10-28` - `2022-11-27`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
c.amazon-adsystem.com Amazon	`2022-05-09` - `2023-04-18`	a year	crt.sh
ssl1029306.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2022-06-01` - `2022-12-08`	6 months	crt.sh
*.adlightning.com Amazon	`2022-06-09` - `2023-07-07`	a year	crt.sh
*.google.de GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
*.eu-1-id5-sync.com R3	`2022-08-18` - `2022-11-16`	3 months	crt.sh
*.id5-sync.com R3	`2022-08-18` - `2022-11-16`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
teads.tv R3	`2022-08-17` - `2022-11-15`	3 months	crt.sh
*.exactag.com Sectigo RSA Organization Validation Secure Server CA	`2022-04-01` - `2023-05-02`	a year	crt.sh

This page contains 18 frames:

Primary Page: https://www.unknowncheats.me/forum/downloads.php?do=file&id=38109
Frame ID: C6446E2F58907F9E7F6E7E93A87160A3
Requests: 68 HTTP requests in this frame

Frame: https://www.unknowncheats.me/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1662782400
Frame ID: 0413E138666144453CC814E8B898E7FB
Requests: 3 HTTP requests in this frame

Frame: https://c96ea1d41c82c81a001846353bbc8487.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: F8AF8A2495E70E3895D7EEC1B1F9FC1A
Requests: 1 HTTP requests in this frame

Frame: https://c96ea1d41c82c81a001846353bbc8487.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: F92069E7B784799EB69191F1ED59C348
Requests: 20 HTTP requests in this frame

Frame: https://c96ea1d41c82c81a001846353bbc8487.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 0CE91706DB15D0256FDC1021BACC9CE6
Requests: 18 HTTP requests in this frame

Frame: https://c96ea1d41c82c81a001846353bbc8487.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: F80DFD420E4B3F0338036FE18901486F
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGNGxxtIBMAE&v=APEucNXtVq5ERtbd1UcaulJh9VkFP0htdhQyVGnZ2qC1RRXpkRSHV69-w-JO8vjPYzot6bg35C5D3O7cg29ViLwV-Ji4C4-UEpwefYYL237hJ7s_1XiNKEP9q6slpsrRLEAvcb9pB0U1LXweb5cky9z3PnOAshGMt3Gk0bra_FKk--JxH9-_cGY
Frame ID: 1D78E66B317918D488797C2AD7F9A0B7
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYlfTiwAEwAQ&v=APEucNXBqTNEwgY_Quxg2EcLGxk0Hs5sASPsHxb31qoxAfjhHsKoCIDjD6M1pZ8J7Qd60a1hm7mjLW9IzmpOM2f8-eKuHGYcOjFto2Thq2SqhZ8fKRP7faSgRQ27ONV82zWD07b3SL_escIZ2k55trL-OLU6fvXzhefgGzolsBQBWPzSwfiHVIk
Frame ID: BC738E7ECEB9BC2B1EB1AB48EF021DBA
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGNGxxtIBMAE&v=APEucNUaxDd4OrkyWuP55nlSmKE10YDUlgRKAvApWhCxL52LFy7Kk1bcQJLAmf1495dz4osWP0sqtOWUed-QI-ez28rT-4VZqSp73slpI0z-AAY0GvKooT1fWym1h0NhfDipwX7Ysy4wvL2aQcvHd9U5vFFgGShr979EWeAFsdXnoSIXhYEPUL8
Frame ID: F4B012109B98F4E07266903231F0E9BF
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 99AA23BF6DB1EB2F7E27B3115B978D91
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: DE974EF406BB76F5D01EC35181016B85
Requests: 2 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/13578198116892954939/728x90_RTB30/index.html
Frame ID: 558442A8CC6009821423EF8587AD1848
Requests: 11 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/10725954732868190736/index.html?e=69&leftOffset=0&topOffset=0&c=c9UlZxmgZx&t=1&renderingType=2&ev=01_247
Frame ID: E2201DDEDAA2E52CC6A011297C4E8550
Requests: 14 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/13578198116892954939/728x90_RTB30/index.html
Frame ID: 5CAF31E87909B3D4893409D89895E4AF
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 3C5CABE476AD8723E2CF3A656E3C5190
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: C7F64FC01DD3FBA82B4AE6D6AE2AA8B7
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 416A49A4DE73A2A30B8CA568AB541512
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/JI0Pcydj_YJwFyiv8pAtPmsHnnPx6gDBxLt0n0XpIm8.js
Frame ID: D275F5F4C945D73D171DA6114794F1B8
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

UnKnoWnCheaTs - Multiplayer Game Hacking and Cheats - v 0.228

Detected technologies

vBulletin (Message Boards) Expand

Overall confidence: 100%
Detected patterns

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

googleapis\.com/.+webfont

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

VigLink (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

(?:^[^/]*//[^/]*viglink\.com/api/|vglnk\.js)

YUI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

(?:/yui/|yui\.yahooapis\.com)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

193
Requests

93 %
HTTPS

58 %
IPv6

25
Domains

36
Subdomains

36
IPs

6
Countries

2821 kB
Transfer

5807 kB
Size

22
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.iwantcheats.net/warzone-hack-cheats-aimbot-cod/

Search URL Search Domain Scan URL

URL: https://proxy-seller.com/?utm_source=unknowncheats&utm_medium=smm&utm_campaign=banner

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 75

https://pixel.adsafeprotected.com/rfw/st/1083870/65517242/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=&ias_dspID=3&ias_campId=1008819312&ias_pubId=pub-5271106494767468&ias_chanId=1&ias_placementId=18157601480&bidurl=https://www.unknowncheats.me/forum/downloads.php&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0jPV-lUx0Uu7oUduwqKrQks HTTP 302
https://static.adsafeprotected.com/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=

Request Chain 90

https://pixel.adsafeprotected.com/rfw/st/1083870/65517242/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=&ias_dspID=3&ias_campId=1008819312&ias_pubId=pub-5271106494767468&ias_chanId=1&ias_placementId=18157601480&bidurl=https://www.unknowncheats.me/forum/downloads.php&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0hdpF1FJ1Do4v-ApA_AGlbM HTTP 302
https://static.adsafeprotected.com/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=

Request Chain 103

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKD9-1Ou-Lkp5K9_eo6TLrQ&google_cver=1

Request Chain 104

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YxwfuoivwJnruoGfiAJuggAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKD9-1Ou-Lkp5K9_eo6TLrQ&google_cver=1

Request Chain 105

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEDcp5ZYl-BAHdgFtAYl4AYI&google_cver=1

Request Chain 106

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzU1MzQ0ODA5NDI5OTA0OTc4

Request Chain 107

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKD9-1Ou-Lkp5K9_eo6TLrQ&google_cver=1

Request Chain 108

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YxwfuoivwJnruoGfiAJuggAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKD9-1Ou-Lkp5K9_eo6TLrQ&google_cver=1

Request Chain 109

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEDcp5ZYl-BAHdgFtAYl4AYI&google_cver=1

Request Chain 110

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzU1MzQ0ODA5NDI5OTA0OTc4

Request Chain 117

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJAXEMcqAIRA-eJ-ljA2aJE&google_cver=1

Request Chain 119

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESEIdyzr_uZ45yRirVbh7585c&google_cver=1

Request Chain 127

https://skydeutschland.demdex.net/event?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=176851603&d_placement=345303420&d_campaign=28385539&d_bust=646619035&gdpr=&gdpr_consent= HTTP 302
https://skydeutschland.demdex.net/firstevent?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=176851603&d_placement=345303420&d_campaign=28385539&d_bust=646619035&gdpr=&gdpr_consent=

Request Chain 141

https://skydeutschland.demdex.net/event?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=176851603&d_placement=345303420&d_campaign=28385539&d_bust=2748347528&gdpr=&gdpr_consent= HTTP 302
https://skydeutschland.demdex.net/firstevent?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=176851603&d_placement=345303420&d_campaign=28385539&d_bust=2748347528&gdpr=&gdpr_consent=

193 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request downloads.php Show response
www.unknowncheats.me/forum/ 45 KB
11 KB 614ms
593ms Document
text/html 2606:4700:20::681a:dfb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.unknowncheats.me/forum/downloads.php?do=file&id=38109
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:dfb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 845b4623bab575a3308ed69b25c29ff17f62aa418a7f309672052d5388302a2a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private
cf-cache-status: DYNAMIC
cf-ray: 7485bddd3b0bbba3-FRA
content-encoding: br
content-type: text/html; charset=ISO-8859-1
date: Sat, 10 Sep 2022 05:25:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: private
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WCi6Y8w6Em3VbCfRLmxLeJUwWtrw9EdKz7AsUCLzL42Dk2uXcVm%2FjZljXIjml7EFLeGCZbN315vAX5EKrXh4rsqaTlR1mYsz%2BDpHqj2nRMdBvNgh2cY0ymjWkbAqB9bxlCxrmcsGstGSC6L%2F7cvhAoLc"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-ua-compatible: IE=7

GET
H2 200 style-71813e7a-00033.css
www.unknowncheats.me/forum/clientscript/vbulletin_css/ 5 KB
2 KB 23ms
21ms Stylesheet
text/css 2606:4700:20::681a:dfb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.unknowncheats.me/forum/clientscript/vbulletin_css/style-71813e7a-00033.css
Requested by: Host: www.unknowncheats.me
URL: https://www.unknowncheats.me/forum/downloads.php?do=file&id=38109
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:dfb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1b6db38d6efcac0437b7eb841161dd6f5cfa113d6d3962271601ad2313fe7a16

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.unknowncheats.me/forum/downloads.php?do=file&id=38109
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 05:25:12 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4564
cf-polished: origSize=7230
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 09 May 2021 06:27:41 GMT
server: cloudflare
etag: W/"1c3e-5c1dfc216a009-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cy%2BqfzPQMnz4z0Aj9HacTgMS%2FtOt8baKW1nLG6gIB2GJIur%2BDCHZjJA0hixLd6Vajji%2BoeSqFU8E2cDx8xaXaJQjkkZcQW%2BW7KSI7LcYY0r8eRdsKehjDQbF9v8Phd9f3BreYcsgKVS%2Fpq%2FXj0oTLDQm"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=691200
cf-ray: 7485bde0f800bba3-FRA
cf-bgj: minify

GET
H2 200 vbulletin_important.css
www.unknowncheats.me/forum/clientscript/ 404 B
541 B 24ms
22ms Stylesheet
text/css 2606:4700:20::681a:dfb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.unknowncheats.me/forum/clientscript/vbulletin_important.css?v=387
Requested by: Host: www.unknowncheats.me
URL: https://www.unknowncheats.me/forum/downloads.php?do=file&id=38109
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:dfb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e658790158fe348fcc8d328c7c8bd06aa42ce2cda12823e771cf04d21185ef88

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.unknowncheats.me/forum/downloads.php?do=file&id=38109
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 05:25:12 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2313
cf-polished: origSize=1690
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 11 Aug 2013 18:13:18 GMT
server: cloudflare
etag: W/"69a-4e3aff64f0b80-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TVRHW4jhG%2F7pCo6z8zwWclZdoZHQ8YaYcIBsU00qwOJnahOQV8VK7d4LoUMIAyQ47grLsHngzbtuVOzm%2FpSHwN7Fhq5W1N5wU33w83Bvi8QIhpcS6lVLeYeF2wgOmbhLaVVXeWwmXfKAdX9Cjfkv0%2FcG"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=691200
cf-ray: 7485bde0f803bba3-FRA
cf-bgj: minify

GET
H2 200 yahoo-dom-event.js Show response
www.unknowncheats.me/forum/clientscript/yui/yahoo-dom-event/ 36 KB
13 KB 29ms
27ms Script
application/javascript 2606:4700:20::681a:dfb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.unknowncheats.me/forum/clientscript/yui/yahoo-dom-event/yahoo-dom-event.js?v=387
Requested by: Host: www.unknowncheats.me
URL: https://www.unknowncheats.me/forum/downloads.php?do=file&id=38109
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:dfb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 210415b78a14ae0ea35a1128937bcbf750649cafaa4d26dd4b20abf9125f76c6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.unknowncheats.me/forum/downloads.php?do=file&id=38109
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 05:25:12 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4619
cf-polished: origSize=36628
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 11 Aug 2013 18:13:33 GMT
server: cloudflare
etag: W/"8f14-4e3aff733ed40-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B0WsBQO6hYY7p7S0svo0YvVk%2BBVDgIPH1qQQbiWxW1%2FyD5X8cS7eFo0uK%2BoXHnhaHzCRG3jMDH6RkNGD%2FT2TyrEDlu1CGYgqOBRIYQog840acgfhdXaq%2Fbayzg1Mfmg5V0toFEml%2Bx6H9xR4u1B%2FEha1"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=691200
cf-ray: 7485bde0f806bba3-FRA
cf-bgj: minify

GET
H2 200 connection-min.js Show response
www.unknowncheats.me/forum/clientscript/yui/connection/ 11 KB
4 KB 26ms
24ms Script
application/javascript 2606:4700:20::681a:dfb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.unknowncheats.me/forum/clientscript/yui/connection/connection-min.js?v=387
Requested by: Host: www.unknowncheats.me
URL: https://www.unknowncheats.me/forum/downloads.php?do=file&id=38109
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:dfb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a0297b3ea37cda46af5a08ed89b1563987e6f6a233286e1a373668776134841c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.unknowncheats.me/forum/downloads.php?do=file&id=38109
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 05:25:12 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 11 Aug 2013 18:13:30 GMT
server: cloudflare
age: 3385
etag: W/"2d54-4e3aff7062680-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tLAMmVzYpjnnrfRwsT8radmmM3LZpNzuyEjRo46r5iOba348w0gWND5%2FeI4xERjndrVB5ojwXNw9iqUvIfTn687kgr7JWDJslsc5bB06B9VsMVqwEpExuhzDqGwEMd40gUJ%2B%2B9vAHopAa9Z%2F2ROaO9GO"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=691200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 7485bde0f807bba3-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 vbulletin_global.js Show response
www.unknowncheats.me/forum/clientscript/ 25 KB
8 KB 30ms
28ms Script
application/javascript 2606:4700:20::681a:dfb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.unknowncheats.me/forum/clientscript/vbulletin_global.js?v=387
Requested by: Host: www.unknowncheats.me
URL: https://www.unknowncheats.me/forum/downloads.php?do=file&id=38109
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:dfb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5daec86e296b73a5efc0d38d2ba51810c6be5e1d9f2344ea43d087285f145bbc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.unknowncheats.me/forum/downloads.php?do=file&id=38109
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 05:25:12 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4619
cf-polished: origSize=26010
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 21 Mar 2018 21:22:50 GMT
server: cloudflare
etag: W/"659a-567f2cb0e1e80-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mPYiB24P16m42qnuIemk%2Br3Aj9hnLyAZVs%2FGcH%2FT9qrmyaeG9l%2BFhtAvgDxM9EETAUkZYT%2BaTLhGFZkf3G3TVgrUpRj%2Fdm8tpXchXEFAVe7se99Nkk8BPOwKngs6%2Bpbuqd2MGuHj6vGvfQfny5MYJL1i"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=691200
cf-ray: 7485bde0f808bba3-FRA
cf-bgj: minify

GET
H2 200 vbulletin_menu.js Show response
www.unknowncheats.me/forum/clientscript/ 9 KB
3 KB 23ms
21ms Script
application/javascript 2606:4700:20::681a:dfb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.unknowncheats.me/forum/clientscript/vbulletin_menu.js?v=387
Requested by: Host: www.unknowncheats.me
URL: https://www.unknowncheats.me/forum/downloads.php?do=file&id=38109
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:dfb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 183f9a7c5ffb8321d9ba11e68c274f4060d0c9efc87275402a94c41ba5f59a04

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.unknowncheats.me/forum/downloads.php?do=file&id=38109
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 05:25:12 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2313
cf-polished: origSize=9441
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 11 Aug 2013 18:13:19 GMT
server: cloudflare
etag: W/"24e1-4e3aff65e4dc0-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rsyGiwLWiBOe6oLHSw4rcg4TkH5IssCDG5Fyt63ygrn6FrSfSAR7A0MpnSUWA1QkjbgDTdHSc5RD%2BGoA0%2BkaNixExIocqc2HLnw33AGN%2FEYgOYs5461QXsWU2%2BQFCwDqTyuEwVJIc7JGcLyjvJ%2BxPYwM"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=691200
cf-ray: 7485bde0f80abba3-FRA
cf-bgj: minify

GET
H2 200 prettify.css
www.unknowncheats.me/forum/clientscript/prettify/ 1 KB
795 B 20ms
19ms Stylesheet
text/css 2606:4700:20::681a:dfb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.unknowncheats.me/forum/clientscript/prettify/prettify.css?v=2
Requested by: Host: www.unknowncheats.me
URL: https://www.unknowncheats.me/forum/downloads.php?do=file&id=38109
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:dfb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eeaf7add3eac1012ec3ee5fc79379c7feb1ec7f20a86322c5393a434670a531a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.unknowncheats.me/forum/downloads.php?do=file&id=38109
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 05:25:12 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5294
cf-polished: origSize=1221
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 25 Sep 2016 03:00:59 GMT
server: cloudflare
etag: W/"4c5-53d4c388b10c0-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dI%2Fgj5dBGgakjFfTT5hziUBsyXmFQFLBsJZpLQNI6Nq3g4h3iZ6hMMZ60iavCu0lUGFja1C4fjAkiMsjC33YIg97lVZQw8rutzEK7E7sDrtklmBXBjczX%2BLSI%2FEDzHhZzOFRlbfZDiPODExq5HGGVZt5"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=691200
cf-ray: 7485bde0f804bba3-FRA
cf-bgj: minify

GET
H2 200 run_prettify.js Show response
www.unknowncheats.me/forum/clientscript/prettify/ 16 KB
8 KB 24ms
22ms Script
application/javascript 2606:4700:20::681a:dfb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.unknowncheats.me/forum/clientscript/prettify/run_prettify.js
Requested by: Host: www.unknowncheats.me
URL: https://www.unknowncheats.me/forum/downloads.php?do=file&id=38109
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:dfb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b3b8bbf477cc5f4448f15bcec10afbded3707219ccb6244448b85e0854c0de11

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.unknowncheats.me/forum/downloads.php?do=file&id=38109
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 05:25:12 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1076
cf-polished: origSize=16754
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 28 May 2015 21:22:14 GMT
server: cloudflare
etag: W/"4172-5172af40b4d80-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Oqqpfyt7SrFhROjAbRTNYVcpWLlru%2F8R5Y35JNfznyJOiS44fSEXhgGixVlo3UQbTbcUbZ9U%2FgcmyxVLDTM2C11Q5bKz8OgOg2%2BIEUySIHCB26OdmLpvEo%2FtlnpA9Drg7sPqHgoiHTTgouMhTsMa%2FLzm"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=691200
cf-ray: 7485bde0f80cbba3-FRA
cf-bgj: minify

GET
H2 200 usertitles.css
www.unknowncheats.me/forum/clientscript/ 10 KB
1 KB 24ms
23ms Stylesheet
text/css 2606:4700:20::681a:dfb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.unknowncheats.me/forum/clientscript/usertitles.css?v=5
Requested by: Host: www.unknowncheats.me
URL: https://www.unknowncheats.me/forum/downloads.php?do=file&id=38109
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:dfb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 29613220adae0f4ec529fb7ff252d75145c96e7566461642579f4f491eb3ee4f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.unknowncheats.me/forum/downloads.php?do=file&id=38109
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 05:25:12 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4619
cf-polished: origSize=11761
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 12 Oct 2020 11:39:46 GMT
server: cloudflare
etag: W/"2df1-5b177c15ea96a-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=01N1mmw2AYHqbjrIlqnL8aDAxBukyVuIjjknEEnmfXsS9j6FrIX5%2BvNTmuPMWgrMwdOCfPHwZutlqcBIgHxkgZ%2FFVVlOHCpnpRA7O2cUOjUim8g0VQNwTSY%2BpOR18425dgKaNvaM%2FATvihcPHjYyEHCk"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=691200
cf-ray: 7485bde0f805bba3-FRA
cf-bgj: minify

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 108 KB
42 KB 40ms
16ms Script
application/javascript 2a00:1450:4001:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-9795118-5

Requested by

Host: www.unknowncheats.me
URL: https://www.unknowncheats.me/forum/downloads.php?do=file&id=38109

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ff8ab39af19317c451ca38036367565d7716697378a7689b8e12d0ebaf2e24da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.unknowncheats.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 05:25:12 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42929
x-xss-protection: 0
expires: Sat, 10 Sep 2022 05:25:12 GMT

GET
H2 200 rules.js Show response
cdn.adligature.com/ucheats/prod/ 23 KB
6 KB 192ms
171ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adligature.com/ucheats/prod/rules.js
Requested by: Host: www.unknowncheats.me
URL: https://www.unknowncheats.me/forum/downloads.php?do=file&id=38109
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9aebf5f9493bf804a640a36497b5b28da385f28a8c45751c5838ee1f7c0624e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.unknowncheats.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-goog-hash: crc32c=ix5e0Q==, md5=g+c8uT1foeEYL9bGnxrTNw==
date: Sat, 10 Sep 2022 05:25:12 GMT
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=35084
x-guploader-uploadid: ADPycdt94fhitdXqB66-SMZM_-nSgEZyXAwlb3IjGN2yhXVii2gXCcYJZWyF03R9StNkV-bR1YzkPJ6IHaIIvD_g2Ye8WA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 02 Aug 2022 20:16:45 GMT
server: cloudflare
etag: W/"83e73cb93d5fa1e1182fd6c69f1ad337"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p4QvR75Y9LEwXQIsfO30v41Z49ZlbX6KmhuXBasSExE0fcASnEf8LYbk1bCnTBWnnl%2B8cwAaCaGaIqXqpRDeha3sIs48V0C5Uqz1GKtG8Vy7zNOJMGmtCt2CGa%2BDkLR121vXMy8uq8Cwiur6cEmz09E%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1659471404936542
content-type: application/javascript
cache-control: public, max-age=1800, s-maxage=600, must-revalidate
x-goog-stored-content-length: 35084
cf-ray: 7485bde11fd7695e-FRA
expires: Sat, 10 Sep 2022 05:35:12 GMT

GET
H2 200 uc_imageresizer.js Show response
www.unknowncheats.me/forum/clientscript/ 5 KB
2 KB 25ms
24ms Script
application/javascript 2606:4700:20::681a:dfb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.unknowncheats.me/forum/clientscript/uc_imageresizer.js
Requested by: Host: www.unknowncheats.me
URL: https://www.unknowncheats.me/forum/downloads.php?do=file&id=38109
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:dfb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9d2475aaa70c3d241c85f61b88a1c6d0b758710433c350a455f63b0c5fd3e29a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.unknowncheats.me/forum/downloads.php?do=file&id=38109
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 05:25:12 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 03 Apr 2018 20:38:45 GMT
server: cloudflare
age: 4619
etag: W/"13c4-568f7b1567f40-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hFiX5yLvL4Ps%2BgomDnPv7S1V1TdGFhgxq4WtppPuMKIADabKN4UmZL58zTEbSWXY0OyPlTVkS2fbqwugI1PWHHS1iYMiYaeNARelqIgAd4965nc5WWV9x4MtsDWp5wh1zn6QrI27Zb7mFG38OACGVyLA"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=691200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 7485bde0f80dbba3-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify

GET
H3 200 ucdownloads.png
www.unknowncheats.me/forum/ambience/misc/ 30 KB
31 KB 20ms
20ms Image
image/webp 2606:4700:20::681a:dfb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.unknowncheats.me/forum/ambience/misc/ucdownloads.png
Requested by: Host: www.unknowncheats.me
URL: https://www.unknowncheats.me/forum/downloads.php?do=file&id=38109
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:dfb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7dd295e8bad964edf9f03a9ca51f9ea53f0f8c9630ef30fc0a00b532fcccb2a9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.unknowncheats.me/forum/downloads.php?do=file&id=38109
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 05:25:12 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1741
cf-polished: origFmt=png, origSize=33571
content-disposition: inline; filename="ucdownloads.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 31114
last-modified: Wed, 23 Dec 2015 01:00:17 GMT
server: cloudflare
etag: "8323-527863ed80a40"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=upH8O0zXJWzzS4O9SYkjwISKHFpGb2s0Xe9GnLml%2BY%2F00eJJOGVLBPxTKnHfEVJKBTF%2B%2F30u%2FaZmgqzxXS9L4BOdI3X7p%2FnCDGotXTyxEaK7eGEydk9xV3YKHlT2qzr%2Ff7ZVx24obME5w8J8Pdnx6Qzw"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 7485bde1cfe2bb79-FRA
cf-bgj: imgq:85,h2pri

GET
H3 200 forum_banner_x.png
www.unknowncheats.me/forum/ambience/misc/ 144 B
718 B 22ms
22ms Image
image/webp 2606:4700:20::681a:dfb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.unknowncheats.me/forum/ambience/misc/forum_banner_x.png
Requested by: Host: www.unknowncheats.me
URL: https://www.unknowncheats.me/forum/downloads.php?do=file&id=38109
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:dfb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 30bf0a4666d1d3b78111dd607b466bfbbd06eb7eba869d9fe50f04cfcc104e61

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.unknowncheats.me/forum/downloads.php?do=file&id=38109
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 05:25:12 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3143
cf-polished: origFmt=png, origSize=293
content-disposition: inline; filename="forum_banner_x.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 144
last-modified: Mon, 10 Apr 2017 10:08:30 GMT
server: cloudflare
etag: "125-54ccd28332380"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZXvtA%2BoxaqKoHnXi7W%2FHSTls7sigS1yl27iytB1PhiJYiOkEhD%2BwtUf1ocv%2FedWTmGXzNucryTOaOTFkopsytQhZD6oRBwL3DV74%2FLk%2FGi9pcJ4dBSPIdUPTuTUrrcS4y%2Fi9VbC2iZFunBypYrHPNQKJ"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 7485bde1f820bb79-FRA
cf-bgj: imgq:85,h2pri

GET
H3 200 ambience_nav_home.png
www.unknowncheats.me/forum/ambience/misc/ 248 B
817 B 21ms
20ms Image
image/webp 2606:4700:20::681a:dfb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.unknowncheats.me/forum/ambience/misc/ambience_nav_home.png
Requested by: Host: www.unknowncheats.me
URL: https://www.unknowncheats.me/forum/downloads.php?do=file&id=38109
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:dfb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c76be96ebfe8065f9d9bbf58b776f1f94e356da3065cd21780a9a8a94de8b58e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.unknowncheats.me/forum/downloads.php?do=file&id=38109
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 05:25:12 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2313
cf-polished: origFmt=png, origSize=310
content-disposition: inline; filename="ambience_nav_home.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 248
last-modified: Mon, 14 Dec 2015 19:02:21 GMT
server: cloudflare
etag: "136-526e0500b4940"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8gCfkoHDagSneNZVpHGbYH0q10rCcEfCIz5piXBNknHyIazBXUgRsG2vbxwdXDB6IbLvodJGrmaVeY18tgIuouQQcZFlpsqs9EdUdFIvY6d%2BGGgr8L9qbbpJNLwt2iL0IqD1pIZANr5F%2BJA90DYPgzft"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 7485bde21864bb79-FRA
cf-bgj: imgq:85,h2pri

GET
H3 200 ambience_nav_forum.png
www.unknowncheats.me/forum/ambience/misc/ 226 B
797 B 19ms
18ms Image
image/webp 2606:4700:20::681a:dfb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.unknowncheats.me/forum/ambience/misc/ambience_nav_forum.png
Requested by: Host: www.unknowncheats.me
URL: https://www.unknowncheats.me/forum/downloads.php?do=file&id=38109
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:dfb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b274b33bfff219d321071de0b11e81c361b48532d38a9bfa2c5f9fa6c5a45f34

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.unknowncheats.me/forum/downloads.php?do=file&id=38109
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 05:25:12 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6405
cf-polished: origFmt=png, origSize=277
content-disposition: inline; filename="ambience_nav_forum.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 226
last-modified: Mon, 14 Dec 2015 19:02:21 GMT
server: cloudflare
etag: "115-526e0500b4940"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EL%2BB2toHaRRZ4s3A6RApjUPzHwZzhTKueHg9mi8mmDm7qgjFjrACm8n0Op%2BrIOkntsBYnEOk8qQBI85GKvnulnZ4wgHUEhqBuH8lCROl5IbwtcHSIzSga6xhM%2BL0wcrE0DfM3AVvdHQFQtnLYx5As8Ih"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 7485bde22889bb79-FRA
cf-bgj: imgq:85,h2pri

GET
H3 200 ambience_nav_ucwiki.png
www.unknowncheats.me/forum/ambience/misc/ 246 B
820 B 19ms
19ms Image
image/webp 2606:4700:20::681a:dfb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.unknowncheats.me/forum/ambience/misc/ambience_nav_ucwiki.png
Requested by: Host: www.unknowncheats.me
URL: https://www.unknowncheats.me/forum/downloads.php?do=file&id=38109
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:dfb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d59ed52c51b0badfc13e95ac916e50649bf71d6b1757fda2d2a0843f869f26e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.unknowncheats.me/forum/downloads.php?do=file&id=38109
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 05:25:12 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3141
cf-polished: origFmt=png, origSize=320
content-disposition: inline; filename="ambience_nav_ucwiki.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 246
last-modified: Mon, 14 Dec 2015 19:02:21 GMT
server: cloudflare
etag: "140-526e0500b4940"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9VcWbnmqsOLmKOHyl3K6YcX6PZGf1MpILIEII75%2F%2BGAC2HRtuYn4XH4HMNgiARxCYYEHCVha2JoV4YkLIaudDW19kMrST7D0pUjQdHEeHwOsL7VpovqfniCi1d8U27wQ3LdTmU5PKN0DFQC%2FbpG%2F0mVJ"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 7485bde248b0bb79-FRA
cf-bgj: imgq:85,h2pri

GET
H3 200 ambience_nav_downloads.png
www.unknowncheats.me/forum/ambience/misc/ 264 B
843 B 20ms
19ms Image
image/webp 2606:4700:20::681a:dfb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.unknowncheats.me/forum/ambience/misc/ambience_nav_downloads.png
Requested by: Host: www.unknowncheats.me
URL: https://www.unknowncheats.me/forum/downloads.php?do=file&id=38109
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:dfb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3494aa511521699cb90ce58b95524b7632254270e6dfec8e58a8c0c13105d568

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.unknowncheats.me/forum/downloads.php?do=file&id=38109
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 05:25:12 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6404
cf-polished: origFmt=png, origSize=315
content-disposition: inline; filename="ambience_nav_downloads.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 264
last-modified: Mon, 14 Dec 2015 19:02:21 GMT
server: cloudflare
etag: "13b-526e0500b4940"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J4vkTxR9iiHhKlw2%2BqKspr%2FCGaMYoKhG%2BdSzKtn3SL7lybFiGVKqN2vcjOcZqWmh5F8XOOgMsIgu%2BmX3tKQAPTxKPKfzyNUV8lGUetDgTZPjvU8QyEGpeZ6uiGUZkVT%2BTpLBvUfDfX5GMoIgIvHkbldD"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 7485bde258babb79-FRA
cf-bgj: imgq:85,h2pri

GET
H3 200 ambience_nav_faq.png
www.unknowncheats.me/forum/ambience/misc/ 222 B
792 B 31ms
28ms Image
image/webp 2606:4700:20::681a:dfb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.unknowncheats.me/forum/ambience/misc/ambience_nav_faq.png
Requested by: Host: www.unknowncheats.me
URL: https://www.unknowncheats.me/forum/downloads.php?do=file&id=38109
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:dfb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e15c4d4645646d56934e639cd1e1750ac098b435fbc3b7839173e8c5d5aee62b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.unknowncheats.me/forum/downloads.php?do=file&id=38109
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 05:25:12 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2312
cf-polished: origFmt=png, origSize=281
content-disposition: inline; filename="ambience_nav_faq.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 222
last-modified: Mon, 14 Dec 2015 19:02:21 GMT
server: cloudflare
etag: "119-526e0500b4940"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I8P7K5svgDXdS8KxUpMLC0JVB5xeppUnjhHTvVPKCurBF8XfcJGvJ57okHWORgi6Nk07BNzKYU0BzOPM%2FOsAvlAnhxRZewNwnnTLqph3Y8qqyCP%2BMELHEWQ1zRp1VLEYzEfPVhOwuUykb76FiWYgC3li"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 7485bde258bebb79-FRA
cf-bgj: imgq:85,h2pri

GET
H3 200 ambience_nav_discord.png
www.unknowncheats.me/forum/ambience/misc/ 238 B
815 B 24ms
19ms Image
image/webp 2606:4700:20::681a:dfb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.unknowncheats.me/forum/ambience/misc/ambience_nav_discord.png
Requested by: Host: www.unknowncheats.me
URL: https://www.unknowncheats.me/forum/downloads.php?do=file&id=38109
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:dfb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 218fdbf4bd6797db4267dff86452c06b5938c8750f3bc26333736d03a63f7899

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.unknowncheats.me/forum/downloads.php?do=file&id=38109
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 05:25:12 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2441
cf-polished: origFmt=png, origSize=423
content-disposition: inline; filename="ambience_nav_discord.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 238
last-modified: Sat, 13 May 2017 10:11:43 GMT
server: cloudflare
etag: "1a7-54f650c7775c0"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YREJfUza7cCHzXnUBnPQcSOLhj%2F1KsyuL7gTmSa7ERogAjvJZlcUKwkm39BZkwbbTSiJxbFE7%2BLj4ElpQDrlALsG6c2Nn7Q9Ob%2BIPMj2%2BjqxB6TMz%2BGMCz23M1t74J0iqrWgQxHkAeRhOJuLgWdg8Zke"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 7485bde258bfbb79-FRA
cf-bgj: imgq:85,h2pri

GET
H3 200 ambience_nav_cp.png
www.unknowncheats.me/forum/ambience/misc/ 250 B
823 B 25ms
21ms Image
image/webp 2606:4700:20::681a:dfb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.unknowncheats.me/forum/ambience/misc/ambience_nav_cp.png
Requested by: Host: www.unknowncheats.me
URL: https://www.unknowncheats.me/forum/downloads.php?do=file&id=38109
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:dfb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 22751a98f97cc17346b7ced826f337ca6c7c99112f86316ca26c5f2258b6fda8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.unknowncheats.me/forum/downloads.php?do=file&id=38109
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 05:25:12 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6404
cf-polished: origFmt=png, origSize=307
content-disposition: inline; filename="ambience_nav_cp.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 250
last-modified: Mon, 14 Dec 2015 19:02:21 GMT
server: cloudflare
etag: "133-526e0500b4940"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=197cY%2Bv3T86PeN7%2FA1Q0jYFXVE%2Bh3tW3txPCDMzcZcU6TfhdoU51NfbVmNSugc2%2BCpiUGJMXSPhMTyUKrPe7LDrnbcAcJq5EVXf0%2BjCA2wYHvmFA5L%2BbkWFplH9NpCRPVJQu2IX9WTIcnrjxS5IbkcZB"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 7485bde258c0bb79-FRA
cf-bgj: imgq:85,h2pri

GET
H3 200 ambience_nav_reg.png
www.unknowncheats.me/forum/ambience/misc/ 250 B
826 B 32ms
27ms Image
image/webp 2606:4700:20::681a:dfb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.unknowncheats.me/forum/ambience/misc/ambience_nav_reg.png
Requested by: Host: www.unknowncheats.me
URL: https://www.unknowncheats.me/forum/downloads.php?do=file&id=38109
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:dfb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44bcbe7df51c5d121237399d1e2c80d6599ca37bc0ca62bdf263418bbccebcb6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.unknowncheats.me/forum/downloads.php?do=file&id=38109
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 05:25:12 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1076
cf-polished: origFmt=png, origSize=307
content-disposition: inline; filename="ambience_nav_reg.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 250
last-modified: Mon, 14 Dec 2015 19:02:21 GMT
server: cloudflare
etag: "133-526e0500b4940"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YpTvtvLL3EPRpiUFr120S58gGz8w8r3K8Kb4Iad8cUnPHnhIEIfqfZVFF4zhXi%2B9CJphIf%2BSuo%2B5Q%2FkCihwpiM4xpm%2FmS07oC5FPP94HsJJB30qcHb4UXTznW%2BNfg6xFAbqfTz5a51WAYPv7AZ5%2BDOo%2B"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 7485bde258c1bb79-FRA
cf-bgj: imgq:85,h2pri

GET
H3 200 navbits_start.gif
www.unknowncheats.me/forum/ambience/misc/ 174 B
700 B 36ms
32ms Image
image/gif 2606:4700:20::681a:dfb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.unknowncheats.me/forum/ambience/misc/navbits_start.gif
Requested by: Host: www.unknowncheats.me
URL: https://www.unknowncheats.me/forum/downloads.php?do=file&id=38109
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:dfb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0d337d49eb4b17b33203922587439006159115bfc95708424fc18175a6cb2ae2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.unknowncheats.me/forum/downloads.php?do=file&id=38109
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 05:25:12 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6404
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 174
last-modified: Tue, 19 Nov 2013 17:54:48 GMT
server: cloudflare
etag: "ae-4eb8b5c474a00"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y3kZB5CiRyi8wrGOKx1sOCE1CGKqYFPthp9ehFRqj1zCqdWS6cDBhgOGsvzrfl7lxaC4kogIrQikXncNYxzMPUiheFGnt3k480ZlhqgkJ8tmGXI%2Bk8GVeKDm5DXtPA5edJXd1qbFGVci60EhcJ%2Foi3nF"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 7485bde258c2bb79-FRA
cf-bgj: imgq:85,h2pri

GET
H3 200 navbits_finallink.gif
www.unknowncheats.me/forum/ambience/misc/ 204 B
778 B 22ms
18ms Image
image/webp 2606:4700:20::681a:dfb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.unknowncheats.me/forum/ambience/misc/navbits_finallink.gif
Requested by: Host: www.unknowncheats.me
URL: https://www.unknowncheats.me/forum/downloads.php?do=file&id=38109
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:dfb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fef68fef77694597945cb94ee1809714617af5341e0759626547a4385807f9b8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.unknowncheats.me/forum/downloads.php?do=file&id=38109
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 05:25:12 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2441
cf-polished: origFmt=gif, origSize=257
content-disposition: inline; filename="navbits_finallink.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 204
last-modified: Tue, 19 Nov 2013 17:54:47 GMT
server: cloudflare
etag: "101-4eb8b5c3807c0"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1S%2BCHNLSbhCLV8%2FX%2B8vzmuNoNtADTNBPFGkPW0945mNvOr2cVqmuSx3DafFkCnSvDhiMc0DwyI2d8FdslCq4OGkjQ4oaEYVlVyvOIyT4CsaWjFPG7UyUp36DQu5M8Q%2BAx97V7lXITHWUqD85GcLPUcUs"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 7485bde258c3bb79-FRA
cf-bgj: imgq:85,h2pri

GET
H3 200 warzone-hack-cod.gif
www.unknowncheats.me/forum/images/ez/ 52 KB
52 KB 55ms
51ms Image
image/gif 2606:4700:20::681a:dfb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.unknowncheats.me/forum/images/ez/warzone-hack-cod.gif
Requested by: Host: www.unknowncheats.me
URL: https://www.unknowncheats.me/forum/downloads.php?do=file&id=38109
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:dfb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 125f6de14c750fb35215c4ca49651563bad0b395af17a15a7da0ed532db24c7e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.unknowncheats.me/forum/downloads.php?do=file&id=38109
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 05:25:12 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2312
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 53031
last-modified: Fri, 23 Apr 2021 21:28:54 GMT
server: cloudflare
etag: "cf27-5c0aa7b9b7bbb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n0Lj6cftHUD3iUPlWIEdH37NO%2BfZklKNL4axGOac0EKWuC1DtQYbjiyA%2BULpfuvRjhymkatKjGt5GTT1jkhJOO6hxVV9K14c4IAMSzK0OebPYZ05xfXIi6RDAqD1fQw%2Blv2VCcZEFZ6Agud3Cmdrq0p8"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 7485bde258c4bb79-FRA
cf-bgj: imgq:85,h2pri

GET
H3 200 banner.gif
www.unknowncheats.me/forum/images/ez/proxy-seller/ 399 KB
399 KB 25ms
21ms Image
image/gif 2606:4700:20::681a:dfb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.unknowncheats.me/forum/images/ez/proxy-seller/banner.gif
Requested by: Host: www.unknowncheats.me
URL: https://www.unknowncheats.me/forum/downloads.php?do=file&id=38109
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:dfb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1a7c50c9e79b96b7dada2619f651493cbbbd3f2a4a7f67f1e07dbfccab64b9e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.unknowncheats.me/forum/downloads.php?do=file&id=38109
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 05:25:12 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1075
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 408210
last-modified: Wed, 11 May 2022 12:13:40 GMT
server: cloudflare
etag: "63a92-5debb5f26b947"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N8vZuUlzIj3z7JLsTfP0IRIxrCknLRAFdTwRzouO3eJPyGxP8VJaqoDUVkVtcb46inrFWKAHhTByH%2Br63oKv5TqjMvxcqoyW588aW3G7ZI8DyvVc4W7v8Da%2Bn10m0biNZJa%2FfAyc83dBMEBKgYcnb1D0"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 7485bde258c6bb79-FRA
cf-bgj: imgq:85,h2pri

GET
H3 200 vbulletin_md5.js Show response
www.unknowncheats.me/forum/clientscript/ 5 KB
2 KB 29ms
28ms Script
application/javascript 2606:4700:20::681a:dfb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.unknowncheats.me/forum/clientscript/vbulletin_md5.js
Requested by: Host: www.unknowncheats.me
URL: https://www.unknowncheats.me/forum/downloads.php?do=file&id=38109
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:dfb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6e4ed9f4271f22c3bb4405155731f16c131e71d4c752060017496c0bbd2d5c85

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.unknowncheats.me/forum/downloads.php?do=file&id=38109
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 05:25:12 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 11 Aug 2013 18:13:19 GMT
server: cloudflare
age: 1076
etag: W/"1558-4e3aff65e4dc0-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nq5pJS43GZsdSw7uVpyxL%2FIqdd0lpPfmITCg27CT3k4Ct1PmA6Ku8y71nGrfWkr1%2F4eK759Z78JVEK87Y8sowJkNuoXoF3IKCeCnc7juEqBhOKLeEheNe4Vlr3nM39H8JtDmFG1az7VaCSeNgIIMyQIt"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=691200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 7485bde12f29bb79-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify

GET
H3 200 download_file_disabled.gif
www.unknowncheats.me/forum/ambience/buttons/ 3 KB
4 KB 509ms
505ms Image
image/webp 2606:4700:20::681a:dfb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.unknowncheats.me/forum/ambience/buttons/download_file_disabled.gif
Requested by: Host: www.unknowncheats.me
URL: https://www.unknowncheats.me/forum/downloads.php?do=file&id=38109
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:dfb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1ff696ac63133a691e51ad6088b48b5cea9f7d47e770e89e05e8c2a4b2011f40

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.unknowncheats.me/forum/downloads.php?do=file&id=38109
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 05:25:13 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origFmt=gif, origSize=4059
content-disposition: inline; filename="download_file_disabled.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3150
last-modified: Mon, 01 May 2017 20:10:02 GMT
server: cloudflare
etag: "fdb-54e7c021e3a80"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=keFnqjMnpa8Z%2FjieMxVDRKGV8vDoC8fv%2BRLL5xDC%2FWcaM5BHFuu%2B1cOwm7ooyFDf5uvpQ%2Foo0OhhxRgkUdR5hrQo9hjbpWEfNelfPgBFtGvfRv3gGLp%2FoV3xGEaVEHncdg%2BL9nLa26z%2B7lq6D5VOABGX"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 7485bde258c7bb79-FRA
cf-bgj: imgq:85,h2pri

GET
H3 200 email-decode.min.js Show response
www.unknowncheats.me/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 10ms
10ms Script
application/javascript 2606:4700:20::681a:dfb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.unknowncheats.me/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: www.unknowncheats.me
URL: https://www.unknowncheats.me/forum/downloads.php?do=file&id=38109

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:dfb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.unknowncheats.me/forum/downloads.php?do=file&id=38109
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 05:25:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 06 Sep 2022 17:30:56 GMT
server: cloudflare
etag: W/"631783d0-4d7"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FQvHDQTluhpAIBqo38m5w2tAnYY%2BTm8yHZjqWw2b71p8satnA%2BL4QyPNUK%2FKrWVUcGCs6N92FBnRKXj4v6urALIvRsqw9Mgc3XzTrSG14v%2BYVhEitL0Tc25l6hT5vOJDOuEZxxMpQJorkwAFzO9f5X%2B6"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 7485bde16f5ebb79-FRA
vary: Accept-Encoding
expires: Mon, 12 Sep 2022 05:25:12 GMT

GET
H3 200 close.gif
www.unknowncheats.me/forum/ambience/misc/ 428 B
957 B 23ms
20ms Image
image/gif 2606:4700:20::681a:dfb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.unknowncheats.me/forum/ambience/misc/close.gif
Requested by: Host: www.unknowncheats.me
URL: https://www.unknowncheats.me/forum/downloads.php?do=file&id=38109
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:dfb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce2fcedb8e9559c36759ed08297739454ae14353379d363384ef9b70be101b66

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.unknowncheats.me/forum/downloads.php?do=file&id=38109
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 05:25:12 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4845
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 428
last-modified: Tue, 19 Nov 2013 17:54:43 GMT
server: cloudflare
etag: "1ac-4eb8b5bfafec0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=INdsx5F6MUxS231ybppuDKT0ZGbjzOmvLDkfml%2F1nRmlH37SzdMfOueqye6HB2uKFLfLg8hmrItfvgPAbOUQByR81%2B3NFvViZthf0cs19Dar51DylQotW6wnYYY9PZiFgZmh8dxJCYiKCcQ%2BTcoY%2FpM0"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 7485bde258c8bb79-FRA
cf-bgj: imgq:85,h2pri

GET
H3 200 prettify.css
www.unknowncheats.me/forum/clientscript/prettify/ 1 KB
926 B 29ms
29ms Stylesheet
text/css 2606:4700:20::681a:dfb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.unknowncheats.me/forum/clientscript/prettify/prettify.css
Requested by: Host: www.unknowncheats.me
URL: https://www.unknowncheats.me/forum/clientscript/prettify/run_prettify.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:dfb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eeaf7add3eac1012ec3ee5fc79379c7feb1ec7f20a86322c5393a434670a531a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.unknowncheats.me/forum/downloads.php?do=file&id=38109
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 05:25:12 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2312
cf-polished: origSize=1221
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 25 Sep 2016 03:00:59 GMT
server: cloudflare
etag: W/"4c5-53d4c388b10c0-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RckGNzf6MKmYZlzc78hHsCovKcxhJEvxgLVzpZjCAOmMkaR3Ewr7ejoWQk02D%2By5BBCXQyyJE1KfDwE4qdwKq9WwyvaPH5NijMxbhi29yom%2BZx5AUPAM%2B6XP75sITftsx1s7nYtBXWtkWXcc35CDpvfg"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=691200
cf-ray: 7485bde13f30bb79-FRA
cf-bgj: minify

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 209 KB
73 KB 36ms
18ms Script
application/javascript 2a00:1450:4001:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-WW5GLB1G9F&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-9795118-5

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c7494c2d9f986202f2787a1d59e2efe56a0215048ee7f1e362196f1caff435b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.unknowncheats.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 05:25:12 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 74812
x-xss-protection: 0
expires: Sat, 10 Sep 2022 05:25:12 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 33ms
7ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-9795118-5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.unknowncheats.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 1392
date: Sat, 10 Sep 2022 05:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sat, 10 Sep 2022 07:02:00 GMT

GET
H3 200 advally-4.28.0.js Show response
cdn.adligature.com/rules.js/ 111 KB
31 KB 31ms
16ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adligature.com/rules.js/advally-4.28.0.js
Requested by: Host: cdn.adligature.com
URL: https://cdn.adligature.com/ucheats/prod/rules.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 87aaed4f3916cf62500d91addfbee22555632283e0202262fcada2474d32bf1d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.unknowncheats.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-goog-hash: crc32c=D9BinA==, md5=dAQHgZ4BGAtkuh8ytVwoqQ==
date: Sat, 10 Sep 2022 05:25:12 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 570
cf-polished: origSize=183055
x-guploader-uploadid: ADPycdueaVQEZOeaX77PIekhsMaaH6iupstFS5PykNTxYP41VhmK7QH4rUyLAv2bVabPGrNccQ1zoevVZUPaMtJsUGgXEQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 18 Jul 2022 19:47:35 GMT
server: cloudflare
etag: W/"740407819e01180b64ba1f32b55c28a9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EZc9ywJMWRhgnqedxs%2BoLt8w5njhz8tWPiEhaC5XQGtir59yYjTtvv9EY4LS9SGtjf9xJm4cFW%2BXha4pqbLOu23Ia4yHg4hpr2pNXjEM%2BSuoamsLQg8mHkXR62b2mcD8CHadRCmqh1fM9Ta2G%2Ftz2X0%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1658173655659676
content-type: application/javascript
expires: Sat, 10 Sep 2022 06:25:36 GMT
cache-control: public, max-age=7200, s-maxage=7200, must-revalidate
x-goog-stored-content-length: 183055
cf-ray: 7485bde278209119-FRA
cf-bgj: minify

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.6.0/ 87 KB
88 KB 46ms
8ms Script
text/javascript 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js

Requested by

Host: www.unknowncheats.me
URL: https://www.unknowncheats.me/forum/downloads.php?do=file&id=38109

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.unknowncheats.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 02:56:15 GMT
x-content-type-options: nosniff
age: 8937
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 89501
x-xss-protection: 0
last-modified: Wed, 10 Mar 2021 14:28:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 10 Sep 2023 02:56:15 GMT

GET
H3 200 vbulletin_editor.css
www.unknowncheats.me/forum/clientscript/ 1 KB
950 B 22ms
22ms Stylesheet
text/css 2606:4700:20::681a:dfb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.unknowncheats.me/forum/clientscript/vbulletin_editor.css?v=387
Requested by: Host: client
URL: about:client
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:dfb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c2989ffa1d43e198942b6b750b81c31a6fb185d87c743c293a607297c68e976e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.unknowncheats.me/forum/downloads.php?do=file&id=38109
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 05:25:12 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4618
cf-polished: origSize=3232
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 11 Aug 2013 18:13:18 GMT
server: cloudflare
etag: W/"ca0-4e3aff64f0b80-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ogYoAs1aIyKEzkbhZUAsEN5nUWyjIoXSTWE4XCbCWmjxeBQ99QI9Q2mnV5EdV4%2Fcm7ktrLF4q9ueG7OTBTLtxthi7gO4%2Fc3PBQp6oQCP4xpwYJhZDENZggWIWEpl%2BsedusJOgjy%2F1TcwL9hDTx23E1jb"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=691200
cf-ray: 7485bde2288bbb79-FRA
cf-bgj: minify

GET
H3 200 back2.png
www.unknowncheats.me/forum/ambience/misc/ 2 KB
3 KB 20ms
17ms Image
image/webp 2606:4700:20::681a:dfb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.unknowncheats.me/forum/ambience/misc/back2.png
Requested by: Host: www.unknowncheats.me
URL: https://www.unknowncheats.me/forum/clientscript/vbulletin_css/style-71813e7a-00033.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:dfb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 57b53e5480adae13adc097a86f283b9bd76e8cee1ae5fcac898453018559ac65

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.unknowncheats.me/forum/clientscript/vbulletin_css/style-71813e7a-00033.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 05:25:12 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2440
cf-polished: origFmt=png, origSize=3356
content-disposition: inline; filename="back2.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2460
last-modified: Mon, 14 Dec 2015 19:02:21 GMT
server: cloudflare
etag: "d1c-526e0500b4940"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9z94WdPU98r61wsEEvSjj6XU69mqRhBhuyASjhlCXgS6bN6onlACgPliN3BDfp8D%2FrhrrkTc8DKlvYwnKT1xaYpHc05TtiIWZoB6XyzmjiPJj%2FHjckenoyI9vv4I4LBvSDktsfIqI%2BU1UOPgC4zPaeHJ"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 7485bde258c9bb79-FRA
cf-bgj: imgq:85,h2pri

GET
H3 200 ambience_nav_x.png
www.unknowncheats.me/forum/ambience/misc/ 122 B
697 B 22ms
19ms Image
image/webp 2606:4700:20::681a:dfb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.unknowncheats.me/forum/ambience/misc/ambience_nav_x.png
Requested by: Host: www.unknowncheats.me
URL: https://www.unknowncheats.me/forum/downloads.php?do=file&id=38109
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:dfb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7d5f9f6239da37de095976ec70063415783c0cd27b80123c29d77f3811a39733

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.unknowncheats.me/forum/downloads.php?do=file&id=38109
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 05:25:12 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5752
cf-polished: origFmt=png, origSize=203
content-disposition: inline; filename="ambience_nav_x.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 122
last-modified: Mon, 14 Dec 2015 19:02:21 GMT
server: cloudflare
etag: "cb-526e0500b4940"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hbPUzWw4esx%2BEAWw%2BFcDNJ6%2FmY5o1e8rs0uWxR%2FcocIZ9pPkxOjVF5SCAR89oEEVZEQDALKU1ctFIPn40US7w4gmPdrk%2FlSMxHY8BLgA6WVGDFNOellI4wpz99Z%2B0fyALFpQws%2B5V%2Fd6UbzyVuQEE7Wv"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 7485bde258cabb79-FRA
cf-bgj: imgq:85,h2pri

GET
H3 200 strip_back.png
www.unknowncheats.me/forum/ambience/misc/ 426 B
993 B 43ms
41ms Image
image/webp 2606:4700:20::681a:dfb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.unknowncheats.me/forum/ambience/misc/strip_back.png
Requested by: Host: www.unknowncheats.me
URL: https://www.unknowncheats.me/forum/clientscript/vbulletin_css/style-71813e7a-00033.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:dfb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a8185b3d295a4f2f10b24390f8b03bb594fcd55e3fd28155d26be26e0067f641

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.unknowncheats.me/forum/clientscript/vbulletin_css/style-71813e7a-00033.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 05:25:12 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6409
cf-polished: origFmt=png, origSize=649
content-disposition: inline; filename="strip_back.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 426
last-modified: Mon, 14 Dec 2015 19:02:22 GMT
server: cloudflare
etag: "289-526e0501a8b80"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N6kcN9l9RTZO4klCnQPFN4FCutKxSPK56xlCHsYBr4SBi1frbJLvf4ONxXRB4K66CEQHH1XuLroLWLEHRScrF9zWU7kZvCo4PgFpzLabUMIKJxkRjYSoY1Z73lgf0h%2BtM2jVomqYKSMvUIqOx%2Fw3zJkc"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 7485bde278f6bb79-FRA
cf-bgj: imgq:85,h2pri

HEAD
H3 200 /
cdn.adligature.com/ 0
0 37ms
18ms Fetch
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adligature.com/
Requested by: Host: www.unknowncheats.me
URL: https://www.unknowncheats.me/forum/downloads.php?do=file&id=38109
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.unknowncheats.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-goog-hash: crc32c=1qb8Eg==, md5=02+PlCXEqAAK2cSpcYWspQ==
date: Sat, 10 Sep 2022 05:25:12 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3448
x-guploader-uploadid: ADPycdv9hOPFJp3c_VRZVxPGj_8c6eYZ6j7xxUnT5Fs1cyRN9A12UVtl9unVrbLyn-d51zguGVQldEfkIltLwzlJhA8bBV0r5_lE
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 16 Jan 2018 21:42:33 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LrIwXIohTiWUfaXlH2YmntOie5qBMQKfpz%2BYHATDShYwWoblmEZjoz4Juy0U9jEipM%2FGkWgMGNKGgK3ULjevdbBerLe8KKW3ZSrGC4e65MuQa6d2rsusStJXET4QCbNA7R2t2n%2Bqi%2Fg%2Fr%2Bv05KPKU78%3D"}],"group":"cf-nel","max_age":604800}
content-language: en
x-goog-generation: 1516138953284078
content-type: text/html
cache-control: public, max-age=3600
x-goog-stored-content-length: 3
cf-ray: 7485bde2cdbb9159-FRA
expires: Sat, 10 Sep 2022 05:27:44 GMT

GET
H3 200 invisible.js Show response
www.unknowncheats.me/cdn-cgi/challenge-platform/h/g/scripts/alpha/ Frame 0413 37 KB
14 KB 18ms
18ms Script
application/javascript 2606:4700:20::681a:dfb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.unknowncheats.me/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1662782400
Requested by: Host: www.unknowncheats.me
URL: https://www.unknowncheats.me/forum/downloads.php?do=file&id=38109
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:dfb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8171a9ba93396b21620ab0b268e56035cef7dc572a3d77300de3b539104dc24d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 05:25:12 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wSlrQk375ovI4dFVo6nXca8gI%2F7%2Ff60GQnX6Ng9IoVMOe4XNHnoHdAAiHD4aWEo77eTQzP67Qry%2BNKg6yfnM92G1Y9ysqkNmI5tHD47uyPNQPmEya2BFBA3dNPc9qliZOBlgkr3RaZNCRWaPfUmH4lUG"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 7485bde2a91cbb79-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK / Show response
pro.ip-api.com/json/ 53 B
208 B 43ms
9ms XHR
application/json 51.77.64.70
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://pro.ip-api.com/json/?key=ZxSSLwZtxrKxQbv&fields=status,countryCode,region
Requested by: Host: cdn.adligature.com
URL: https://cdn.adligature.com/rules.js/advally-4.28.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 51.77.64.70 , Germany, ASN16276 (OVH, FR),
Reverse DNS: de-fra-1.pro.ip-api.com
Software: /
Resource Hash: 3a4188c3c29f92b11b547ebf10d80c8ed9a3db7be8e2fd2835d9377c2c5f9fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.unknowncheats.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 10 Sep 2022 05:25:12 GMT
Content-Length: 53
Content-Type: application/json; charset=utf-8

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 84 KB
29 KB 56ms
20ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.adligature.com
URL: https://cdn.adligature.com/rules.js/advally-4.28.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d466a4b2b852286223f23f149a78587be16f7b24eb507fa9268bcccd6d60bc0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.unknowncheats.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 05:25:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28684
x-xss-protection: 0
server: sffe
etag: "1329 / 274 of 1000 / last-modified: 1662761167"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 10 Sep 2022 05:25:12 GMT

GET
H3 200 prebid-6.29.1.js Show response
cdn.adligature.com/prebid/ 522 KB
149 KB 153ms
152ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adligature.com/prebid/prebid-6.29.1.js
Requested by: Host: cdn.adligature.com
URL: https://cdn.adligature.com/rules.js/advally-4.28.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c436c070b4846bddc3edcd9b1a64b2847af21d3725bf4e9e297c978db85259b6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.unknowncheats.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-goog-hash: crc32c=n4q/cA==, md5=u/DhgSX9yJ8E7fdLLNkg7Q==
date: Sat, 10 Sep 2022 05:25:12 GMT
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=534394
x-guploader-uploadid: ADPycdvg3okQplkZuBt9LMvl1vyMrm6HI2hx5cg3Tg7fr-bBfHYvQdqSaTMXbZ-BcOzZJQmeKObblCKj5AaBDdrNCUma7g
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 30 Jun 2022 20:59:21 GMT
server: cloudflare
etag: W/"bbf0e18125fdc89f04edf74b2cd920ed"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=frmwtr%2BCCO0inqCFZxvLuHH3mLIWPcWosCG5vIlJ2j1s6OcNq%2FYntCeiOd2XMEf%2Bdf74SAzJ0FMEZZ1xgOicWm076fcvJFDJyCX13Jdyjwv%2BdI7hL%2BIqCud9FYcu29oZYmzGhCyMGuAPMME3VMkRXO4%3D"}],"group":"cf-nel","max_age":604800}
content-language: en
x-goog-generation: 1656622761936025
content-type: application/javascript
expires: Sat, 10 Sep 2022 05:35:12 GMT
cache-control: public, max-age=1800, s-maxage=600, must-revalidate
x-goog-stored-content-length: 534394
cf-ray: 7485bde2c86e9119-FRA
cf-bgj: minify

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 166 KB
43 KB 41ms
9ms Script
application/javascript 108.138.4.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: cdn.adligature.com
URL: https://cdn.adligature.com/rules.js/advally-4.28.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.4.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-4-10.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 37bdde71eda05551adae1974b43916d2fc58ca04bc1b8325aab65e2668152b66

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.unknowncheats.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Sat, 10 Sep 2022 05:11:35 GMT
via: 1.1 1877c1d3c1c0435e896415d580d52c52.cloudfront.net (CloudFront), 1.1 3a4987afa567e120a2fa0d82969d4c0a.cloudfront.net (CloudFront)
last-modified: Thu, 01 Sep 2022 20:50:54 GMT
server: AmazonS3
age: 818
etag: W/"d9d3c87337955401df6a2e4474e61700"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-pop: FRA60-P1, FRA56-P6
content-encoding: gzip
x-amz-cf-id: hf7zY8FddqCr3E5oINLALLmfwUJ8c4zn9IxPO5bOwVdvQFvzwq9Hog==

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 31ms
14ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1527073726&t=pageview&_s=1&dl=https%3A%2F%2Fwww.unknowncheats.me%2Fforum%2Fdownloads.php%3Fdo%3Dfile%26id%3D38109&ul=en-us&de=windows-1252&dt=UnKnoWnCheaTs%20-%20Multiplayer%20Game%20Hacking%20and%20Cheats%20-%20v%200.228&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=4GBAAUABAAAAAC~&jid=1454802925&gjid=587562845&cid=1902994991.1662787513&tid=UA-9795118-5&_gid=1968797278.1662787513&_r=1&gtm=2ou970&cd1=Visitor&z=475706590

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.unknowncheats.me/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 10 Sep 2022 05:25:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.unknowncheats.me
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
351 B 42ms
15ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-WW5GLB1G9F&gtm=2oe970&_p=1527073726&cid=1902994991.1662787513&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=1&sid=1662787512&sct=1&seg=0&dl=https%3A%2F%2Fwww.unknowncheats.me%2Fforum%2Fdownloads.php%3Fdo%3Dfile%26id%3D38109&dt=UnKnoWnCheaTs%20-%20Multiplayer%20Game%20Hacking%20and%20Cheats%20-%20v%200.228&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WW5GLB1G9F&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.unknowncheats.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Sep 2022 05:25:12 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.unknowncheats.me
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pica.js
www.unknowncheats.me/cdn-cgi/challenge-platform/h/g/scripts/ Frame 0413 22 KB
8 KB 14ms
13ms Other
application/javascript 2606:4700:20::681a:dfb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.unknowncheats.me/cdn-cgi/challenge-platform/h/g/scripts/pica.js
Requested by: Host: www.unknowncheats.me
URL: https://www.unknowncheats.me/forum/downloads.php?do=file&id=38109
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:dfb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 255c05faea25c9b0aae0bf6039ee72987159009d2c2fec984ee4c9f9a0964943

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 05:25:12 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2%2BEL2mRavGqhb2i3w7DBy1ZET1HuA3ZZ0cRpC19kEn6Vk6VjshUXabtT69QUP9bMoHsY6xPWG6eIhxlLVBXSr5lQrXkM2zjZoyA%2BIE3jrhh3lZHP13cRrytxaAwf5cAcBEI6WHcLcBASW0Ma7YWKBzys"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 7485bde339a8bb79-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 23ms
8ms XHR
application/javascript 108.138.4.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.4.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-4-10.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.unknowncheats.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id: tKimXuvhjexkvOlm5D.ynBWfUtiJgbbH
content-encoding: gzip
etag: W/"a4d296427fc806b21335359e398c025c"
age: 14524
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Wed, 24 Aug 2022 19:06:24 GMT
server: AmazonS3
date: Sat, 10 Sep 2022 01:23:13 GMT
vary: Accept-Encoding,Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 88cabd6b8652306789c6bc8090fbcb1a.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA56-P6
x-amz-cf-id: GLFQu-TYgd-r9RFt7NkdHpG69a2zDg5yfGGCGblNOdRexhMz6EnBWw==

GET
H3 200 pubads_impl_2022090601.js Show response
securepubads.g.doubleclick.net/gpt/ 382 KB
130 KB 25ms
8ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce67b0786f14c7c1861eebd94f6557072e99e50ab95176a2f23d7444c4dc2741

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.unknowncheats.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 05:07:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1092
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133157
x-xss-protection: 0
last-modified: Tue, 06 Sep 2022 08:35:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 10 Sep 2023 05:07:00 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 102 B
117 B 59ms
42ms XHR
application/json 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.unknowncheats.me

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7f53cd5bc59f5238abacda44b318fc949159b0988351d407c0b3f286966e7731

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.unknowncheats.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 10 Sep 2022 05:25:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 92
x-xss-protection: 0
expires: Sat, 10 Sep 2022 05:25:12 GMT

GET
H2 200 vglnk.js Show response
cdn.viglink.com/api/ 81 KB
28 KB 47ms
25ms Script
text/javascript 2606:4700::6810:a10d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viglink.com/api/vglnk.js
Requested by: Host: cdn.adligature.com
URL: https://cdn.adligature.com/ucheats/prod/rules.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:a10d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 73073ed7160406dcfbe826dcabd7ec807cf2aa72afe0303424f518767120cf2e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.unknowncheats.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 05:25:12 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 330162
cf-ray: 7485bde3cfdbbb50-FRA
content-length: 28567
x-amz-id-2: 1pZywajAnxsSQUK746pJRhEJafXfBBJ4VeXOH27iBNEvn94Kr1gDs2cjd4pMG4L7jIZUWgDUpUk=
last-modified: Wed, 02 Dec 2020 18:57:12 GMT
server: cloudflare
etag: "072eaf64a771815874455704fca9301b"
vary: Accept-Encoding
x-amz-request-id: GNV6HTHBK6Y749FH
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: text/javascript
expires: Sat, 17 Sep 2022 05:25:12 GMT

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 386 B
747 B 9ms
7ms XHR
application/json 108.138.4.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.unknowncheats.me&pubid=7e29cf92-dbd2-479a-865a-9cb3658a40f8
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.4.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-4-10.fra56.r.cloudfront.net
Software: Server /
Resource Hash: fa9999fc7002f0cbf3c17e4f493982047db8918c5bfd1a7169eeb7e3b4a455d6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.unknowncheats.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 01:28:55 GMT
via: 1.1 3a4987afa567e120a2fa0d82969d4c0a.cloudfront.net (CloudFront)
server: Server
age: 14176
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.unknowncheats.me
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P6
content-length: 386
x-amz-cf-id: FHMe9xO2MMOS6KKCtWAnEVQacheI6V1SCnDo5x1D9WWuBwauz_a3Lw==

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 14ms
14ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&aip=1&a=1527073726&t=pageview&_s=1&dl=https%3A%2F%2Fwww.unknowncheats.me%2Fforum%2Fdownloads.php%3Fdo%3Dfile%26id%3D38109&ul=en-us&de=windows-1252&dt=UnKnoWnCheaTs%20-%20Multiplayer%20Game%20Hacking%20and%20Cheats%20-%20v%200.228&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=6GDAAUABAAAAAC~&jid=758143834&gjid=262065775&cid=1902994991.1662787513&tid=UA-105997136-2&_gid=1968797278.1662787513&_r=1&_slc=1&z=1814162776

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.unknowncheats.me/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 10 Sep 2022 05:25:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.unknowncheats.me
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ 48 KB
14 KB 35ms
14ms Script
text/javascript 2606:4700:10::ac43:266a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: www.unknowncheats.me
URL: https://www.unknowncheats.me/forum/downloads.php?do=file&id=38109

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e85815908064ec7977f13468af609ac980317a21b5b519cfa107948cf76b8ce9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.unknowncheats.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Sat, 10 Sep 2022 05:25:12 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 31 Aug 2022 11:00:45 GMT
server: cloudflare
age: 2209
etag: W/"b17c28d6fd88a6b12feea5c52e9a7485"
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-ray: 7485bde3eff2bb50-FRA
x-amz-request-id: QDJ9R5CVV2749CKB
x-amz-id-2: uVNmhB5CKjvW2kk6nRvAAf2zFKzUZJGA7DDEuDmwhdWc2UFdhoWIxBcT17B4tBgSKZtq5vmjCwU=

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
443 B 76ms
20ms XHR
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-105997136-2&cid=1902994991.1662787513&jid=758143834&gjid=262065775&_gid=1968797278.1662787513&_u=6GDAAUABAAAAAC~&z=1446805224

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.unknowncheats.me/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sat, 10 Sep 2022 05:25:13 GMT
content-type: text/plain
access-control-allow-origin: https://www.unknowncheats.me
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 op.js Show response
tagan.adlightning.com/advally/ 48 KB
20 KB 45ms
10ms Script
application/javascript 18.66.147.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/advally/op.js
Requested by: Host: cdn.adligature.com
URL: https://cdn.adligature.com/rules.js/advally-4.28.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-50.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e0033715ccc8dd908987ecda5a544489f0704396de686e26be88ddfdaa2a9294

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.unknowncheats.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id: PJgotESD9KzA9x_eBygVi.OI9bFl0UWQ
content-encoding: gzip
etag: "b050533cbb5232d32ea585b3e0454762"
age: 3145
x-cache: Hit from cloudfront
content-length: 19586
x-amz-meta-git_commit: 92ee7c4
last-modified: Fri, 09 Sep 2022 20:32:13 GMT
server: AmazonS3
date: Sat, 10 Sep 2022 04:33:24 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 b2ba97e9b6a83eff85433dad7f6e6288.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: FRA60-P4
accept-ranges: bytes
x-amz-cf-id: fIGvu3PMZ5vfJysLRedV8wlYh3I68gld5NsyRQqtOHtXYxRpKpZ6LA==

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
465 B 50ms
50ms XHR
text/javascript 108.138.4.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.unknowncheats.me%2Fforum%2Fdownloads.php%3Fdo%3Dfile%26id%3D38109&pid=qWkGra9jgZDIz&cb=0&ws=1600x1200&v=22.8.252032&t=800&slots=%5B%7B%22sd%22%3A%22Top_Leaderboard_1%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F1093718%2FUNKNOWNCHEATS%2FTop_Leaderboard_1%22%7D%2C%7B%22sd%22%3A%22Skyscraper_Downloads_Page_1%22%2C%22s%22%3A%5B%22160x600%22%5D%2C%22sn%22%3A%22%2F1093718%2FUNKNOWNCHEATS%2FSkyscraper_Downloads_Page_1%22%7D%2C%7B%22sd%22%3A%22Footer_Downloads_Page_2%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F1093718%2FUNKNOWNCHEATS%2FFooter_Downloads_Page_2%22%7D%5D&schain=1.0%2C1!advally.com%2CP33S16%2C1%2C%2C%2C&pubid=7e29cf92-dbd2-479a-865a-9cb3658a40f8&gdprl=%7B%22status%22%3A%22no-cmp%22%2C%22cmpTimeout%22%3A2000%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.4.10 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-4-10.fra56.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.unknowncheats.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 05:25:13 GMT
via: 1.1 3a4987afa567e120a2fa0d82969d4c0a.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P6
x-amz-rid: XJE1GV16QQ9KYGY3Q0M3
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.unknowncheats.me
access-control-allow-credentials: true
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 23
x-amz-cf-id: ZY6SeXdVJCac75g921ViIewpv8BkLSD5Dfm0rRVF-UjUcGMdwvElGA==

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 47ms
19ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.unknowncheats.me

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.unknowncheats.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 10 Sep 2022 05:25:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 46ms
16ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.unknowncheats.me

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.unknowncheats.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 10 Sep 2022 05:25:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 46 KB
16 KB 320ms
319ms XHR
text/plain 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2367235302713423&correlator=4014356002330377&eid=31069183%2C44769661&output=ldjh&gdfp_req=1&vrg=2022090601&ptt=17&impl=fifs&iu_parts=1093718%2CUNKNOWNCHEATS%2CTop_Leaderboard_1%2CSkyscraper_Downloads_Page_1%2CFooter_Downloads_Page_2&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3%2C%2F0%2F1%2F4&prev_iu_szs=728x90%2C160x600%2C728x90&ifi=1&adks=125477129%2C987977118%2C2042815370&sfv=1-0-38&fsapi=false&eri=1&cust_params=refid%3D2%26amznbid%3D0%26amznp%3D0&sc=1&cookie_enabled=1&abxe=1&dt=1662787513003&lmt=1662787513&dlt=1662787512468&idt=430&adxs=867%2C36%2C592&adys=20%2C996%2C764&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0&ucis=1%7C2%7C3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.unknowncheats.me%2Fforum%2Fdownloads.php%3Fdo%3Dfile%26id%3D38109&frm=20&vis=1&psz=728x-1%7C300x600%7C728x90&msz=728x-1%7C300x-1%7C728x-1&fws=0%2C0%2C0&ohw=0%2C0%2C0&ga_vid=1902994991.1662787513&ga_sid=1662787513&ga_hid=1527073726&ga_fc=true&ga_cid=1968797278.1662787513

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f2af2ccfb0f7f6add44a04c4f53ced657e2e1ea4c584a2b9d965228730ff7515

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.unknowncheats.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 05:25:13 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16259
x-xss-protection: 0
google-lineitem-id: -1,-1,-1
pragma: no-cache
server: cafe
google-creative-id: -1,-1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.unknowncheats.me
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
c96ea1d41c82c81a001846353bbc8487.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame F8AF 6 KB
4 KB 102ms
15ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c96ea1d41c82c81a001846353bbc8487.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.unknowncheats.me/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 10 Sep 2022 05:25:13 GMT
expires: Sun, 10 Sep 2023 05:25:13 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 33 B
334 B 35ms
10ms XHR
application/json 141.95.98.69
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://lb.eu-1-id5-sync.com/lb/v1
Requested by: Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 141.95.98.69 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3216534.ip-141-95-98.eu
Software: /
Resource Hash: 40a72ff7f1dd333f42733db6da235b86f461544b2acc8d948262aed68319fe9a

Request headers

Referer: https://www.unknowncheats.me/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.unknowncheats.me
date: Sat, 10 Sep 2022 05:25:12 GMT
transfer-encoding: chunked
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

GET
H2 200 b-92ee7c4-6fe72e44.js Show response
tagan.adlightning.com/advally/ 81 KB
31 KB 9ms
8ms Script
application/javascript 18.66.147.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/advally/b-92ee7c4-6fe72e44.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-50.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bf582157bbcf94a71f11d871eb8ce1d392d16023bab93914eec2d6c7eadb903c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.unknowncheats.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 11:59:48 GMT
content-encoding: gzip
age: 1272326
x-cache: Hit from cloudfront
content-length: 31137
x-amz-meta-git_commit: 92ee7c4
last-modified: Tue, 15 Mar 2022 17:44:44 GMT
server: AmazonS3
etag: "0893649fa4cd9616465e62cb671a6312"
x-amz-version-id: 4ZXL5hWYND73uSYAH1aq0DnMghvKpLjC
via: 1.1 b2ba97e9b6a83eff85433dad7f6e6288.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA60-P4
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: x_bti1IUAl-vNIGwjMc_q21sA-3yEDraLH6JN3v1e_qs5yQFw8n19w==

GET
H2 200 bl-6399065-e1b59107.js Show response
tagan.adlightning.com/advally/ 44 KB
19 KB 11ms
11ms Script
application/javascript 18.66.147.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/advally/bl-6399065-e1b59107.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-50.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8d502b243768081a6be115640575cf13d65d403c40ccb83a6b576bd3411d7311

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.unknowncheats.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 09 Sep 2022 20:32:22 GMT
content-encoding: gzip
age: 31971
x-cache: Hit from cloudfront
content-length: 18983
x-amz-meta-git_commit: 6399065
last-modified: Fri, 09 Sep 2022 20:31:54 GMT
server: AmazonS3
etag: "26a99528831c03d3ab43badbba2f1cb6"
x-amz-version-id: j9GF8vyttKDi5sBXQYQZapP_i0oVab97
via: 1.1 b2ba97e9b6a83eff85433dad7f6e6288.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA60-P4
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: KKODKBfNDWelOtVgZXiqHMvGYB77A8ktyiqTFSH-jB7btFCUOfY_Ug==

POST
H3 200 7485bddd3b0bbba3 Show response
www.unknowncheats.me/cdn-cgi/challenge-platform/h/g/cv/result/ Frame 0413 2 B
661 B 31ms
31ms XHR
text/plain 2606:4700:20::681a:dfb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.unknowncheats.me/cdn-cgi/challenge-platform/h/g/cv/result/7485bddd3b0bbba3
Requested by: Host: www.unknowncheats.me
URL: https://www.unknowncheats.me/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1662782400
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:dfb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 10 Sep 2022 05:25:13 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hHaNEGrORaoNlB9hGD9QXMJXtl%2BwvPGgUC86vPmPF%2F6p9zmcL4Gc28udhrVbkRiC4Z1ZCRxSBtWkwlDI5EQeZ3bVtP7%2Fl7vSrM8Ao7JYVq1kGlBwl%2FtlQFjXIu0wBoTwRM141zsMg29YThKmt1TCMDdq"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 7485bde61cf3bb79-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H/1.1 200 1102.json Show response
id5-sync.com/g/v2/ 216 B
630 B 32ms
9ms XHR
application/json 162.19.138.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/1102.json

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.117 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31533568.ip-162-19-138.eu

Software

Resource Hash

a790865503f382061ada25a1455e527a41ee12e12c227e9f328cd750db5f8366

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.unknowncheats.me/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.unknowncheats.me
date: Sat, 10 Sep 2022 05:25:12 GMT
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/json;charset=UTF-8

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 79ms
56ms XHR
application/json 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022090601&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022090601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fad40d5a22112d71b39845206a3c24384a5fd2aba357ef8d7e9b107419b23609

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.unknowncheats.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 10 Sep 2022 05:25:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11026
x-xss-protection: 0

GET
H3 200 container.html Show response
c96ea1d41c82c81a001846353bbc8487.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame F920 6 KB
3 KB 25ms
8ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c96ea1d41c82c81a001846353bbc8487.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally/op.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.unknowncheats.me/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 10 Sep 2022 05:25:13 GMT
expires: Sun, 10 Sep 2023 05:25:13 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
c96ea1d41c82c81a001846353bbc8487.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 0CE9 6 KB
3 KB 9ms
9ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c96ea1d41c82c81a001846353bbc8487.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally/op.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.unknowncheats.me/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 10 Sep 2022 05:25:13 GMT
expires: Sun, 10 Sep 2023 05:25:13 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
c96ea1d41c82c81a001846353bbc8487.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame F80D 6 KB
3 KB 8ms
7ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c96ea1d41c82c81a001846353bbc8487.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally/op.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.unknowncheats.me/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 10 Sep 2022 05:25:13 GMT
expires: Sun, 10 Sep 2023 05:25:13 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 54ms
25ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.unknowncheats.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 05:25:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 10 Sep 2022 05:25:13 GMT

GET
H2 200 bl-6399065-e1b59107.js Show response
tagan.adlightning.com/advally/ Frame F920 44 KB
19 KB 9ms
8ms Script
application/javascript 18.66.147.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/advally/bl-6399065-e1b59107.js
Requested by: Host: c96ea1d41c82c81a001846353bbc8487.safeframe.googlesyndication.com
URL: https://c96ea1d41c82c81a001846353bbc8487.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-50.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8d502b243768081a6be115640575cf13d65d403c40ccb83a6b576bd3411d7311

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c96ea1d41c82c81a001846353bbc8487.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 09 Sep 2022 20:32:22 GMT
content-encoding: gzip
age: 31971
x-cache: Hit from cloudfront
content-length: 18983
x-amz-meta-git_commit: 6399065
last-modified: Fri, 09 Sep 2022 20:31:54 GMT
server: AmazonS3
etag: "26a99528831c03d3ab43badbba2f1cb6"
x-amz-version-id: j9GF8vyttKDi5sBXQYQZapP_i0oVab97
via: 1.1 b2ba97e9b6a83eff85433dad7f6e6288.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA60-P4
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: 0tpuGFTxS-wGU-vUtg76YN72HjUwoWTy2NGKdoNIgkuP8C0FA2OkTQ==

GET
H2 200 b-92ee7c4-6fe72e44.js Show response
tagan.adlightning.com/advally/ Frame F920 81 KB
31 KB 9ms
9ms Script
application/javascript 18.66.147.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/advally/b-92ee7c4-6fe72e44.js
Requested by: Host: c96ea1d41c82c81a001846353bbc8487.safeframe.googlesyndication.com
URL: https://c96ea1d41c82c81a001846353bbc8487.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-50.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bf582157bbcf94a71f11d871eb8ce1d392d16023bab93914eec2d6c7eadb903c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c96ea1d41c82c81a001846353bbc8487.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 11:59:48 GMT
content-encoding: gzip
age: 1272326
x-cache: Hit from cloudfront
content-length: 31137
x-amz-meta-git_commit: 92ee7c4
last-modified: Tue, 15 Mar 2022 17:44:44 GMT
server: AmazonS3
etag: "0893649fa4cd9616465e62cb671a6312"
x-amz-version-id: 4ZXL5hWYND73uSYAH1aq0DnMghvKpLjC
via: 1.1 b2ba97e9b6a83eff85433dad7f6e6288.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA60-P4
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: 7Bnofdfla1qxPSnjknB3rRvEjFm-XmJGl-ZHNI31zPWI7bJufc_oGA==

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame F920 42 B
63 B 59ms
43ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-An_-b7Z2Y3XxgYwCNIHiby-pu-EYtBqgpsKfTSmDukEx9wkEa4UA9RNFLfaATBHOJyb0JmA3mC6h0rXbrm5WMwG5N_DWRG8rC5u9F2Pt0Z6qtnIMw

Requested by

Host: c96ea1d41c82c81a001846353bbc8487.safeframe.googlesyndication.com
URL: https://c96ea1d41c82c81a001846353bbc8487.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c96ea1d41c82c81a001846353bbc8487.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Sep 2022 05:25:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

skeleton.gif
static.adsafeprotected.com/ Frame F920
Redirect Chain

https://pixel.adsafeprotected.com/rfw/st/1083870/65517242/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=&ias_dspID=3&ias_campId=1008819312&ias_pubId=pub-5271106494767468&ias_chanId=1&ias_placementId=181...
https://static.adsafeprotected.com/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=

43 B
484 B

28ms
7ms

Image
image/gif

2600:9000:223f:f800:8:48e:53c0:93a1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adsafeprotected.com/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=
Requested by: Host: c96ea1d41c82c81a001846353bbc8487.safeframe.googlesyndication.com
URL: https://c96ea1d41c82c81a001846353bbc8487.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Server: 2600:9000:223f:f800:8:48e:53c0:93a1 , United States, ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c96ea1d41c82c81a001846353bbc8487.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 25 Jun 2022 14:52:58 GMT
via: 1.1 7463e2e784b132604afa3cd91a5d39a2.cloudfront.net (CloudFront)
age: 6618736
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 43
last-modified: Mon, 17 Aug 2020 23:55:15 GMT
server: AmazonS3
etag: "45cf913e5d9d3c9b2058033056d3dd23"
x-amz-version-id: iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
cache-control: max-age=315360000
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-type: image/gif
x-amz-cf-id: JmqfWSuHozXFDlMhIZX0O6q1SI0_DItJyM2NSqLoyV9JuKMayK1Y_g==

Redirect headers

pragma: no-cache
date: Sat, 10 Sep 2022 05:25:13 GMT
x-server-name: app03.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=
cache-control: no-cache
content-length: 0
server: nginx

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/ Frame F920 3 KB
1 KB 27ms
8ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/window_focus_fy2021.js

Requested by

Host: c96ea1d41c82c81a001846353bbc8487.safeframe.googlesyndication.com
URL: https://c96ea1d41c82c81a001846353bbc8487.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c96ea1d41c82c81a001846353bbc8487.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 04:55:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1756
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 24 Sep 2022 04:55:57 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/ Frame F920 17 KB
8 KB 17ms
7ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: c96ea1d41c82c81a001846353bbc8487.safeframe.googlesyndication.com
URL: https://c96ea1d41c82c81a001846353bbc8487.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e368951bc5918b3d9fbc8205bfdf0d8be8b79da09b457bb113307063f3b1bc89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c96ea1d41c82c81a001846353bbc8487.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 05:08:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1017
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7592
x-xss-protection: 0
server: cafe
etag: 7248493764890666469
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 24 Sep 2022 05:08:16 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame F920 0
0 39ms
16ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRU6TtX4SN3rAsjq2XhkcpLo_7r4s6F4XT1mwnZoiy6cpGzj69uucZe3e_ZRO0jQHTTexe-Zh71M0bznXEuEg9lrCWCvg
Requested by: Host: c96ea1d41c82c81a001846353bbc8487.safeframe.googlesyndication.com
URL: https://c96ea1d41c82c81a001846353bbc8487.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c96ea1d41c82c81a001846353bbc8487.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F920 141 KB
44 KB 44ms
19ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: c96ea1d41c82c81a001846353bbc8487.safeframe.googlesyndication.com
URL: https://c96ea1d41c82c81a001846353bbc8487.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

50f77fa9d32c1323f7e50da8d807f556cdddaea2161de6cf84a0c8b4c1dd6f79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c96ea1d41c82c81a001846353bbc8487.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 05:25:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44740
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1662550240112033"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 10 Sep 2022 05:25:13 GMT

GET
H2 200 bl-6399065-e1b59107.js Show response
tagan.adlightning.com/advally/ Frame 0CE9 44 KB
19 KB 9ms
8ms Script
application/javascript 18.66.147.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/advally/bl-6399065-e1b59107.js
Requested by: Host: c96ea1d41c82c81a001846353bbc8487.safeframe.googlesyndication.com
URL: https://c96ea1d41c82c81a001846353bbc8487.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-50.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8d502b243768081a6be115640575cf13d65d403c40ccb83a6b576bd3411d7311

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c96ea1d41c82c81a001846353bbc8487.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 09 Sep 2022 20:32:22 GMT
content-encoding: gzip
age: 31971
x-cache: Hit from cloudfront
content-length: 18983
x-amz-meta-git_commit: 6399065
last-modified: Fri, 09 Sep 2022 20:31:54 GMT
server: AmazonS3
etag: "26a99528831c03d3ab43badbba2f1cb6"
x-amz-version-id: j9GF8vyttKDi5sBXQYQZapP_i0oVab97
via: 1.1 b2ba97e9b6a83eff85433dad7f6e6288.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA60-P4
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: 9IO5eHpCCOFFkHwTc8Ej7kbh1OCkL1_kcD_9ZOoKF8r2RySX8_iUYg==

GET
H2 200 b-92ee7c4-6fe72e44.js Show response
tagan.adlightning.com/advally/ Frame 0CE9 81 KB
31 KB 11ms
10ms Script
application/javascript 18.66.147.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/advally/b-92ee7c4-6fe72e44.js
Requested by: Host: c96ea1d41c82c81a001846353bbc8487.safeframe.googlesyndication.com
URL: https://c96ea1d41c82c81a001846353bbc8487.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-50.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bf582157bbcf94a71f11d871eb8ce1d392d16023bab93914eec2d6c7eadb903c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c96ea1d41c82c81a001846353bbc8487.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 11:59:48 GMT
content-encoding: gzip
age: 1272326
x-cache: Hit from cloudfront
content-length: 31137
x-amz-meta-git_commit: 92ee7c4
last-modified: Tue, 15 Mar 2022 17:44:44 GMT
server: AmazonS3
etag: "0893649fa4cd9616465e62cb671a6312"
x-amz-version-id: 4ZXL5hWYND73uSYAH1aq0DnMghvKpLjC
via: 1.1 b2ba97e9b6a83eff85433dad7f6e6288.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA60-P4
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: 6Mp2fBcohLEPE3es5gE-6Tf5H4zdqll3sWfTVxn6orW1lEQ9pMaPlg==

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0CE9 42 B
63 B 42ms
41ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DPVbzKLbpWoD-IsYr_bpwpVO9hqxJbrodQUlaRZSXSKdD4fsFIpg0w2b5GJM876d0TKq80xlZh4ShllwxuHErV9-cdQy1B_s7_othby_6Xmc3WMRQ

Requested by

Host: c96ea1d41c82c81a001846353bbc8487.safeframe.googlesyndication.com
URL: https://c96ea1d41c82c81a001846353bbc8487.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c96ea1d41c82c81a001846353bbc8487.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Sep 2022 05:25:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/ Frame 0CE9 3 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/window_focus_fy2021.js

Requested by

Host: c96ea1d41c82c81a001846353bbc8487.safeframe.googlesyndication.com
URL: https://c96ea1d41c82c81a001846353bbc8487.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c96ea1d41c82c81a001846353bbc8487.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 04:55:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1757
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 24 Sep 2022 04:55:57 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/ Frame 0CE9 17 KB
7 KB 15ms
8ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: c96ea1d41c82c81a001846353bbc8487.safeframe.googlesyndication.com
URL: https://c96ea1d41c82c81a001846353bbc8487.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e368951bc5918b3d9fbc8205bfdf0d8be8b79da09b457bb113307063f3b1bc89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c96ea1d41c82c81a001846353bbc8487.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 05:08:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1017
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7592
x-xss-protection: 0
server: cafe
etag: 7248493764890666469
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 24 Sep 2022 05:08:16 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 0CE9 0
0 37ms
15ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaT1ACix2ltV9hkxAu-u8pbfrnX164ErgXHvgMYI0AIa4YiZf1JLcstuEbYkscuBVyy6DJQi-jZqEemAtsFeQ8wDRe3Cvw
Requested by: Host: c96ea1d41c82c81a001846353bbc8487.safeframe.googlesyndication.com
URL: https://c96ea1d41c82c81a001846353bbc8487.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c96ea1d41c82c81a001846353bbc8487.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0CE9 141 KB
44 KB 51ms
28ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: c96ea1d41c82c81a001846353bbc8487.safeframe.googlesyndication.com
URL: https://c96ea1d41c82c81a001846353bbc8487.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

50f77fa9d32c1323f7e50da8d807f556cdddaea2161de6cf84a0c8b4c1dd6f79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c96ea1d41c82c81a001846353bbc8487.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 05:25:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44740
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1662550240112033"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 10 Sep 2022 05:25:13 GMT

GET
H2 200 bl-6399065-e1b59107.js Show response
tagan.adlightning.com/advally/ Frame F80D 44 KB
19 KB 11ms
11ms Script
application/javascript 18.66.147.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/advally/bl-6399065-e1b59107.js
Requested by: Host: c96ea1d41c82c81a001846353bbc8487.safeframe.googlesyndication.com
URL: https://c96ea1d41c82c81a001846353bbc8487.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-50.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8d502b243768081a6be115640575cf13d65d403c40ccb83a6b576bd3411d7311

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c96ea1d41c82c81a001846353bbc8487.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 09 Sep 2022 20:32:22 GMT
content-encoding: gzip
age: 31971
x-cache: Hit from cloudfront
content-length: 18983
x-amz-meta-git_commit: 6399065
last-modified: Fri, 09 Sep 2022 20:31:54 GMT
server: AmazonS3
etag: "26a99528831c03d3ab43badbba2f1cb6"
x-amz-version-id: j9GF8vyttKDi5sBXQYQZapP_i0oVab97
via: 1.1 b2ba97e9b6a83eff85433dad7f6e6288.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA60-P4
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: vAcnY7g3XLCmBCJ5jlim5v4bLx4hifhjO0H8NZWF8Jn5RATmDQvHSQ==

GET
H2 200 b-92ee7c4-6fe72e44.js Show response
tagan.adlightning.com/advally/ Frame F80D 81 KB
31 KB 12ms
11ms Script
application/javascript 18.66.147.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/advally/b-92ee7c4-6fe72e44.js
Requested by: Host: c96ea1d41c82c81a001846353bbc8487.safeframe.googlesyndication.com
URL: https://c96ea1d41c82c81a001846353bbc8487.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-50.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bf582157bbcf94a71f11d871eb8ce1d392d16023bab93914eec2d6c7eadb903c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c96ea1d41c82c81a001846353bbc8487.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 11:59:48 GMT
content-encoding: gzip
age: 1272326
x-cache: Hit from cloudfront
content-length: 31137
x-amz-meta-git_commit: 92ee7c4
last-modified: Tue, 15 Mar 2022 17:44:44 GMT
server: AmazonS3
etag: "0893649fa4cd9616465e62cb671a6312"
x-amz-version-id: 4ZXL5hWYND73uSYAH1aq0DnMghvKpLjC
via: 1.1 b2ba97e9b6a83eff85433dad7f6e6288.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA60-P4
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: BUpUz9ARW33B3gUlAqvvhiNDGo3PrzqbNwOvQvFEo-a2PDwtASoMiA==

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame F80D 42 B
63 B 41ms
40ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AV5BKizO90wF_ekfXxK_g2FilDPcLu8O0yYScbPv01crO9d0tJuLb_gi57PDfzNFIjTrONL6oMwfsWcLAWUkIuEvdVKIELW0bvfQTJSOilwF-tncg

Requested by

Host: c96ea1d41c82c81a001846353bbc8487.safeframe.googlesyndication.com
URL: https://c96ea1d41c82c81a001846353bbc8487.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c96ea1d41c82c81a001846353bbc8487.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Sep 2022 05:25:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

skeleton.gif
static.adsafeprotected.com/ Frame F80D
Redirect Chain

https://pixel.adsafeprotected.com/rfw/st/1083870/65517242/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=&ias_dspID=3&ias_campId=1008819312&ias_pubId=pub-5271106494767468&ias_chanId=1&ias_placementId=181...
https://static.adsafeprotected.com/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=

43 B
483 B

14ms
7ms

Image
image/gif

2600:9000:223f:f800:8:48e:53c0:93a1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adsafeprotected.com/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=
Requested by: Host: c96ea1d41c82c81a001846353bbc8487.safeframe.googlesyndication.com
URL: https://c96ea1d41c82c81a001846353bbc8487.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Server: 2600:9000:223f:f800:8:48e:53c0:93a1 , United States, ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c96ea1d41c82c81a001846353bbc8487.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 25 Jun 2022 14:52:58 GMT
via: 1.1 7463e2e784b132604afa3cd91a5d39a2.cloudfront.net (CloudFront)
age: 6618736
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 43
last-modified: Mon, 17 Aug 2020 23:55:15 GMT
server: AmazonS3
etag: "45cf913e5d9d3c9b2058033056d3dd23"
x-amz-version-id: iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
cache-control: max-age=315360000
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-type: image/gif
x-amz-cf-id: _vHH8eh4Vx-E_DYDLHyPTO73qpwD-HJAXGRZ2sTqmYEQgivj_8Fd0w==

Redirect headers

pragma: no-cache
date: Sat, 10 Sep 2022 05:25:14 GMT
x-server-name: app03.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=
cache-control: no-cache
content-length: 0
server: nginx

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/ Frame F80D 3 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/window_focus_fy2021.js

Requested by

Host: c96ea1d41c82c81a001846353bbc8487.safeframe.googlesyndication.com
URL: https://c96ea1d41c82c81a001846353bbc8487.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c96ea1d41c82c81a001846353bbc8487.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 04:55:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1757
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 24 Sep 2022 04:55:57 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/ Frame F80D 17 KB
7 KB 16ms
11ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220907/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: c96ea1d41c82c81a001846353bbc8487.safeframe.googlesyndication.com
URL: https://c96ea1d41c82c81a001846353bbc8487.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e368951bc5918b3d9fbc8205bfdf0d8be8b79da09b457bb113307063f3b1bc89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c96ea1d41c82c81a001846353bbc8487.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 05:08:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1017
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7592
x-xss-protection: 0
server: cafe
etag: 7248493764890666469
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 24 Sep 2022 05:08:16 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame F80D 0
0 17ms
15ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRDkm3bAcXZjwnbVMBQBH6HAhM50lX7M5ePCVC3y-0nq7Ta_UKmUXF2_wCYBzkkPr4CtkL3mmTj0vSPodZ4hJRbggsq3g
Requested by: Host: c96ea1d41c82c81a001846353bbc8487.safeframe.googlesyndication.com
URL: https://c96ea1d41c82c81a001846353bbc8487.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c96ea1d41c82c81a001846353bbc8487.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F80D 141 KB
44 KB 53ms
32ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: c96ea1d41c82c81a001846353bbc8487.safeframe.googlesyndication.com
URL: https://c96ea1d41c82c81a001846353bbc8487.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

50f77fa9d32c1323f7e50da8d807f556cdddaea2161de6cf84a0c8b4c1dd6f79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c96ea1d41c82c81a001846353bbc8487.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 05:25:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44740
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1662550240112033"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 10 Sep 2022 05:25:13 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 1D78 624 B
975 B 69ms
47ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGNGxxtIBMAE&v=APEucNXtVq5ERtbd1UcaulJh9VkFP0htdhQyVGnZ2qC1RRXpkRSHV69-w-JO8vjPYzot6bg35C5D3O7cg29ViLwV-Ji4C4-UEpwefYYL237hJ7s_1XiNKEP9q6slpsrRLEAvcb9pB0U1LXweb5cky9z3PnOAshGMt3Gk0bra_FKk--JxH9-_cGY

Requested by

Host: c96ea1d41c82c81a001846353bbc8487.safeframe.googlesyndication.com
URL: https://c96ea1d41c82c81a001846353bbc8487.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c96ea1d41c82c81a001846353bbc8487.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 10 Sep 2022 05:25:13 GMT
expires: Sat, 10 Sep 2022 05:25:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame F920 82 KB
34 KB 56ms
56ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DGZt7G6lmEUtsToF3bP7m7iGxT25f-kHLoO3Mq3jn5iBQ6DTNGKhM1DHHm386q9nPehDl_fVoW1i7CzRUZWybV84v7cXgCSG_ziAXzt2dvuVSH_RlLGq4Cip8CrVmmXOUz-ewseNSOEcUptM98hKT4_l8oDQ&dbm_d=AKAmf-CdrNxC-VqK84xVgUZ86vVPdHdwMIR8hICqptAXBGdYC97Vfs-ydyoUY39bqbNgCvbzu36xcWWNcZsA2rVNXCmeLQXhdY6MKSdlgUGb31wnXBMNvChapEV9i5DmGS1-aUHHq8GyW2SGDMH1tNAhk53cqt15WFLlE07n60kHngeAq226JgBBS6ehuIWHUpUCjdnsA23-_wRGM9JoLOdbu2FgL7_oqehmuWJDxGhni48HYO7JEPUPZYGQRVolo-WpFCNEUDbUWNaCptldHq7yT4XSPiQYhmZoCLBgwiqismBbu41kyPh_-HjKMKYrWVhChj2vZ36bCwjzVtBzLqP2fpYmUUliLKnMmHdKftwivXwmudUDiJxl9zTay-GLO4adaOcZdbrBYE9wc5Ad6XMKC7GcRWhKmZR-eUbH40JWiZuYhrGBGmdeq9krhtkW3wjAGHDxDABODyOPTicnRcBvFXLX4_0Gjf8C5v6nL9I629HFzMsc5bLqcHuGu6ZV4hEsApwOLQWmfGSkUTGLm1frQGI1GmGSh1hKX1tYNfhGITs1bVXEN7tJX2--Enl7EjsDDNCJjMuYnaR56bolDQ0Tc1wNLRTFF5qcj-r1QQZGeBjxkeg5wn5uVVbnmq74WhsXYOnTGqXZlWJpQwYhETOXaOJ8zjhdSpyXjVRaC0LdZZ5c7FLqZco37xkD2WedDKjZ5AVwMxtvuMPOSdgSvpyF28W0RB_W5a1ujfjMhOebDgpxXS-j7UBmdt7hUBXpZw-Atdy_jDHNNlxRbTwHJwB4yca_eOwOVp3S6YzCw8CbpsgkoBpE4wod83fcFLGqlLTTRYtT2O-Ro4hHPtzbqqmXhI0YR9TaN1Usg5DtqgcF1CegzSL3b5WIT3j7Vqumf9FYoyUBHT6VOWKfzi_Y0hXtemf30BHoBp_9rLqqwgvzFcTbME5gtMLs4hGLpHHbYTxcpU5BtX5rhtBX1EApzG1ckjGKRTbkhuhliMbFkrEVwNfGUBkgQZ6ULGa3PtY8ShUyHlcC-LHmRiCWc0GafQUZURth9w62jyg_ptSRa8M4mSsse-zAHSyW0JJuVVN0YjO1MJWVQ_KL3gltycu5R2ehmAIUMoNkUVYHU1UCHbfbRVWcl6zULMKkwBGrSPDCqLdZeqe0RVk6yEFSNT89aY3CAz-G5oLmuWDdYSmy-6VLsmMMGjoldLqmG2sCumsdXcVdU8iNIfZWAYBV7m6PHzTkUpVZyO8EOOrfEdbb0cAH_RrYHwPEqx6VxSIXIGP7hGM2sZdKSN_BkWHYCIfxHM2WzW53521jFq_Bmjkg7B9EenHrEybxRpJO91mGXvfpGS1NT8uRRIGGnWoEYRGqy_mydkKpA9bIe2uNI3r8vqBhq2t-pV11I0OtgTDX20kZCuXlvBa_TbeeLOJPu7qERtZ4W9C-Inc1uQccx86Y7EF6I5pnrjy4g5k9cM_hZOAkJ7mq4-u9p6PYiKFHn_OTLThQ5KH-0T24WomS8VNz2VVQYqBaI1bygAxMFX_tnvghU3AF9Y_qFQehUT8SwNSNoTt1mZIlXijUX_fToIjHPaiz3sr1cdtO7b98F0njJ34uSWsk8XUTPecxhos1l8ELN5hahKI4S2xiFE3L13UmhZ8Uq9n0vDoaSvqGZn0P5vnnV7ZxvOBgVqPOzxZMg1ANIWevBiG7ougSjEYBjJGr95EkRkhaxv2nTEro-QzhV7lPDykBJU_zxtaxa9Cb-gauOmFRdOF5MC2qv_U1z6s_eITWTuIBhX6pHUvF1w0JZddD7lcnXvSjhiNpjj5s9xxu4LhGJOkvXjOM_DSbUVFt-2yKHcIAkD4tyhsIwKKIpbk8FOSvS2P6LzMsTHdGeZIkwfEYzNCxDkjM-Ozc0W9pbE2zupcwNzmvRJpuvFT8LC4C7cmPTMhk_0UML-4DcEY4kBabZhuGsRJyQkUo9U3AY76fA11OI0_tdVeJecYv0D85nTKlgVnawX_wH-KAbpGZGKzPHoNZmSqmULCwY2GEuZ5eOFetaW64fRaNKFsAYPb8ypblFE3y3P4KDl1cEbDJJQEL-8FzwIM_lI62REiKioDDjZ8hx5vRRN256oJqsY-gH3KK_iZxPea8Of5XRoo1t4CTJ6jpVF-rgHd27XGqKf5YVaSfvXq1Ilxt5KW83QgxONstrWrpKNzDZH7ZOrxYTu8QJnMmoEqAzwgcD5b4YT_0kdm1-8VrbMPT-Wj57FGMrbEdVhKLt0EtGFpN3phvuVeT2hwVgYAhFaLKO5KVuFJEiJ-virBLQvgyf09Cta8EsFA8r79gQn0e3UzNqGmv-1sjWTkozBd1zMs7ZoKZhSBlfL9vHZlnuhEURy0kTp193zQeJS2N3WEf3TdkxnvbJq6OOtOMO8zAaIjnCJR1KOIWZLic8U_9rvZoFtWiFZBiwOGky69sd-3g272d4QM5a1pWRnNlpYU9SXPbqMZh-2Eq3pN4Pn8Yxvs1B-qvpeZO4PjOvHg5PQX6Z_BWmI5_XCxDRVHG7VUO-HhjmpvRuDEHrsRRAVAcXwsdoF36yqR9WGdpaHi6U1MpcVD82RCrCUyOrFr9CbCzwDC4D8tg5H_FlE3xp0LKjlsEUZakX7ta0vvTgNRSzBGEvDxyan5UUk9YHlBJO26eZ9Vk-jTu_ehNzgqb8xWmqe0VBuqq0Xbym0QNxYSAanTU_hrOnVddI4GByVIfl-tgmsBOBMNf0uetMCDIR7IePMkUCS2uo_btpl2Lw5fc5yFVLrRcR9bRGhUB-KoZG1f-70SKgvnd-pI4v97CtMW2VLlfFhYrTWlPgi8d6KHvGOnHTZH-lrmjfKkBWxClTeb3XsYdWvvo6gRVnLFg8fswCk7jM8jM-e_N5zVxtYCJtFoEzIvzsAzY1wOPZIHj3C_YABfqxhHjfPzz6wl3lvWS-fINsJRLLoEjO_yaYMRG3YtZ5xEuanbuRZZQLT8wWWb92CQ55W9nNV4rJ8Dzm5jwc86hXP13S790Qa-kdpBX1dIXLKO4uK2yk-_gZHoPOiEaLqdgYId-S1zm_sGoCsgNxi_ZtjN__5juc0A-u7H2jrZZVa4M4acbsY-_qJ_vrkqSDwvq82p7lhS8yY_cvHUolxG6m-k9RpWYm_e4QqKsBcp_aiAiib5sPrTYwuFc_uRseTdHX1sGc9QhnRaC7QQODFWRZxk0QnKLA5NjtbiDLmg4GDFGwrpVvYwjLTuFFaXTx2I4pU_CvwrJMWzd8Ny2_wcukKonHhRNH-v6Jb8G670IPdOFQCXsYZxBkv5NgvdXN885r-706_xXRrHrsNx-H8LDvCUnbWJUk5GcA7Q-ZuaPgod-x8dvDMGp46OTwafVl8eDdqA-KbEmXCKx8TyCzIme6DGFjl4LSDeKhUZXp0ZYp9D4od4AVD_rJNtUg8B6aAA8raVLRwQ7ia2PHBx4HtovZq1sg0t87kirt4c-ieKQ&cid=CAASKORoYxAfSDNk7Ec1vCfOtQpTmKZ0NCLmQk1Yr5bs7o_d-DeeGtninVQ&rfl=1%2Chttps%253A%252F%252Fwww.unknowncheats.me%252F%240

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally/b-92ee7c4-6fe72e44.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1fe879a8c447cec343ca5bb31772ba802bab0da4b82e0f00434bbc47b0f775ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c96ea1d41c82c81a001846353bbc8487.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Sep 2022 05:25:13 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34514
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame BC73 624 B
297 B 64ms
44ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYlfTiwAEwAQ&v=APEucNXBqTNEwgY_Quxg2EcLGxk0Hs5sASPsHxb31qoxAfjhHsKoCIDjD6M1pZ8J7Qd60a1hm7mjLW9IzmpOM2f8-eKuHGYcOjFto2Thq2SqhZ8fKRP7faSgRQ27ONV82zWD07b3SL_escIZ2k55trL-OLU6fvXzhefgGzolsBQBWPzSwfiHVIk

Requested by

Host: c96ea1d41c82c81a001846353bbc8487.safeframe.googlesyndication.com
URL: https://c96ea1d41c82c81a001846353bbc8487.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c96ea1d41c82c81a001846353bbc8487.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 10 Sep 2022 05:25:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 0CE9 85 KB
35 KB 64ms
63ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CG20YUJ_e6SCdPugr8YnsVwVuQs4yHE63qSyaeBkJjAHTLE6yrE0XYY7rOyDSheKOfO47XgzWD0dZjka0HaMKcYPcVQ8ze34L4-8LaHHAHJOgzBR4mWIYCe99tNwLhAszmMdi-gSbAha7xD0MSKJrK7oONUg&dbm_d=AKAmf-AL9NvPHQcO6wEy6IXWOBkRh2emkCD-L-LParjMMgIIs7jTOHWLg56XSqkLEaveaMOiZpPHO6ONlqvmB295Cgtb3ohRB5K_z1oHeHnKWZWoC6yI5HnHk2uug0z_mjeC-xM_mlvncoYlIOuV3sY-lMcIPcE9yRpGCsEXl7rNgmprqM-TPcG7R6MmozsTHVEikSONumczqvYLVVqjcxj_mHVxeJ03Zx9O1BgMyk-42X8H83Vh3nQvoplBJp5n0lbhBiEnLHP-GST4AhUzGvdAKDGGf7RL4zUvDB41xo6oRSyTH5xge-q9Kd9fzmESq-qbXZOQsQl60LkE7lDLKgWJ0j7vcZNZCe7v_m4cC8yrWIE8ZjFHW7mC9f2NGwCH1dxKV4w-TvK9jTobjBumt_sKjnXzi0QUp9ERHbc2c9QwSI_Rl8nzuNUDfL6lJWfP7jxL4347BmlZ9AiEkXoJ9wFXSL2d7_Bnx0nKYHPfXXZ-lsuYuJE-RBPflgQzULjFd8LNixuwfVtTcoOka5Qa5kyyL_tucdTMMK0TYYgSMnOZJies3bu5s7R57KJcXWy5BkwPNEfv8kDG-gXRQN-gzPpJLc-yMBLPgc2AHFbQ7ybIgNP_UtNidb2qP7PZrYS6NPMGtoTWaP0h11B6HT34vYPJMKTBGF4G5CqOUITR1MljxwfnbpDH_zg6DeX8JIHXW-C90qN_1e5lneRgHhjV1gKxmLGYjPxfoo91RGivPMg--jeHQLDYGjMICEjJaGZ9tNFmf92pxYDooMiXVp2suN57WIpcMsaMfp1AS1LUPXUZaQNxUAqoZbLKxAsqK84OcbHygUw7UXYci_ODPuwmsF6aAkiC94rZdo1rTnQcaF7JbA-1PpeOnrUIvTogSpa6miw5aYHL1Vlql5KQeRHdsAdzzGG-Q-lxUmraOBf9UL7U1KvY6lTor4hofR3XVhJ7LCOilKGF-CxeICFCiiH_rMYlo5PT_BGcwQOnGySTKJSE3WEWASRTzzC5Yrp56CyEZovKF2GyHmrOEPAIR__7GabR_JdoQ2l9UU3COdEEprpthpIByRMvLkkVcn1r86IL_qmC5GmFauuK3PdtGVAQFUl7Psbzn51DUJXVZSUcZ0XHTMAI-JRXXTTRyX2owm-GKPfoIdVYdUy_63BzxLdu5XQVeG-gALIaHn-hCuxa7lWZp1kazbmnN1iHg6IJDNV_vxN-Tkj_1Tb4bvv4hVux_8Bd1Va5jgcIOezzSJ2QdSczRo_TSf9rIVYCsjaEwqBq0STN1vsyzjSJHBlyOWhFBiwQAeCddoCjQZ-t3-Duccz1IUyY_jbaumJLNd_1MAqYNM7-AzlVqjwTzlXckfUXhUPnq9Rd2Jul-FOsNal0Xr1n94ra3VdklEiWlRC3ZHVs7_NwNslYuPw5wyzef5Iw9iIf621sI_RsKigVP-TX6ts13CtvNr1wGWu_ATEzITV7IT1QaEzZxV0S6_811Q3AK-jPW8RfeVUsqMsuXD-LC7CGjNmkAGj-loC_i_Pa1KScsWuaRu72l7FUFF3mdAvGEuNka73P19IN19ugKSdQOTOAA7OCFrelstKQ7kZAu7zEEBSL1wh1hZYYbGQiaTbeCCOgkg4w5JejlMvuAePwXSyE_jtOh-PITC_MINtUcr4fRxdTBEG00utTwOuOFSJScLfUqwvVTCyB5k0c0HRAg4zvXYLCX2WsHe0E8HRHW0JpUU9Ta5w-fj_zCU59nW467mnt9kOhPj_wSx8hsnk_UNo8_Xaj--KXLdlWolfG4M4IFuM-V4gf_9IaKeI50jQT8UNwpERs-3ctu30tRX45LhEUWu_o7vDSPq8gSDAWYwEzQl7PKbSWGSwsCadZOIHdeJCOITBYJnb-mk8q4BH8DnPwiNyqgBm1Rbk6xW_a1I9kzQYikBdbXHfCsNkDVdtv1FT-zYAxW9oqQQS0jrt4TjWwtzpGPCo_1tvMO1hEyj9SDBOjBRvuQDsSPemWEit-M-orD3OK6AIcjbge6U0LVcfVfcx9s4MN2E0QgBfIgiyYIZvHTyxzG2rRh9UzZJDtiTQGhcTbOAFfyjNSU7G61LcR0v8THHnnnDZxeSOoSAmSLq7ELkCL4oYA13j3YY4AsHVnYMHgPV7svy16XSXcukFY7I93k0gKox2-1pAotH_A_0U1vRB2EqEErmLMw1BAnNYH_Pj6I2-LWA5qd9XbCqxdFRhEfgu4xYM9O2rVzx531nAE14jMfyqTmttMaDLkgT8OrAmCVCaUbYrRGapxiHyIWX_zw9MmUmVVTyVcn1NoqHxrTpqdjsfNbfpP9jjdOOLBG-fuI-Me-GHP45FrdwRhs_U-PF09_uyHwdyIUYpoE2nmEAMl7JPGsE28qtwAUZgjWHqexjhEgKEyDKihtMfOqvwo5t58L-zLQdnzm_bc_OAg9puk8418gV5te_5je6r52eLSfiwcSqjI9qRNl19lkSZttc5V78_4vc5fegopPdI57YFL2EnjyypfSAhbuD9Nu06rXgRVcNV9XKsNMm9snTvBv1dYnRQ1DxUNyPLVZ26E0Lr7MYURREwy1GWjzundMPCzQSfpQCGwcshG2v4LXlfPfPkrItkJQX998NCoAudwN19qz9llBXeHWSxyGEvD0fkVkdoGWYaAJ4izrdkYGTISwQ3TaJuqO3JsJOSBaMkyAKOv3iYzB_NX2w9P3cQ2biJ7nPhCDXhPxvqHkgORDfCn6SpX0JKqeoUuwx4qeFij8fPQ3PE4Cx0AT7t-QIbROve6nbHLOqmjHh32HB5cYPMdSCxsoW9QPdQ0Jpk4EbDh3jmjvWojMFWxaU-CIAgYJf4BzTPd9tZseE0Ts4IzZTbdwzI5RsN1no49VO0n0BfeS5q2hAtRrP5UFV7HQ5LTsGDURfimsrcFNFBaRwqRIHo2r9k_dVPZFkiMXcmwozlmRZYNScGhvvYOzywGWsV5bOLQ__yhPzAvh1dqFECiv7uVYDMqwMNvc6dhYO1BVusTtRUnpo8_0JRXlc5TaC-aN5x8Qhb2NCudj0DOvtn0rO0VM_duxsHWa5VfNvGyVVv8rz4QOARpSQGtUttCpyK-b-ynuvPbXMeWhKPZJIk47dg_WAOdYV5UFdyEL5hYvofDhl4C5ObH_AZO95lT4lMEj6yXYYSVeiOyQfQx-LwzHIacaRj_54Ulib-imB9UAKVkOber7eLc_0JLbnPSrT9VaYTHCJoCW-rk9V1nX_GZHbB71IBO--5G0j04y1aXTcSFQtsGhLKYWi3o2e2GmmupYG1jFQK_hgmzsSkHm5uS7ns1KAy09r7Una_PofYtLtYBDBr7z6LxzcANIFkaAwvzpV5-6KnIqr1NTBoDpwLdl448ZSwO1Ehcgah19rCuFjPOqosC8tEiMk0DCBZVtLABAeA_9idcRA&cid=CAASKORop0XaACDIVKs3nDIWFz2fixpl5hr5Ay7LVHKj3dsSKka7rh3XOLw&rfl=1%2Chttps%253A%252F%252Fwww.unknowncheats.me%252F%240

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally/b-92ee7c4-6fe72e44.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

501bb607d8da868754e65c42b551b6e901a463ad707d8125a47f8b4c1c17e266

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c96ea1d41c82c81a001846353bbc8487.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Sep 2022 05:25:14 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35378
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame F4B0 640 B
316 B 46ms
45ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGNGxxtIBMAE&v=APEucNUaxDd4OrkyWuP55nlSmKE10YDUlgRKAvApWhCxL52LFy7Kk1bcQJLAmf1495dz4osWP0sqtOWUed-QI-ez28rT-4VZqSp73slpI0z-AAY0GvKooT1fWym1h0NhfDipwX7Ysy4wvL2aQcvHd9U5vFFgGShr979EWeAFsdXnoSIXhYEPUL8

Requested by

Host: c96ea1d41c82c81a001846353bbc8487.safeframe.googlesyndication.com
URL: https://c96ea1d41c82c81a001846353bbc8487.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c96ea1d41c82c81a001846353bbc8487.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 295
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 10 Sep 2022 05:25:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame F80D 82 KB
34 KB 60ms
60ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BAs9lBZ2F_4syQuy4aLn1IvdzEF22ItFPHdp45nfVyV9_Z_piB2xt8LXPxgXCva35rR4hCOKUEVbJDpwK9CamDe_qajgnTl6NAbSXZkTl-JKBy7MkoXvIAVDLNhuOfPaqJaAektBzUmm9AlBqQPlZ17jcK1w&dbm_d=AKAmf-A5HRP3ByJcnAr7R8a6G-UiO7bfiJ4FLbp0hTYHoUOmgRczA5nRoXTaYW8Of0MY-cffaE8VfU5pFQPelMER0jl6zgCV3D-IkNwva_TkhpFKAKGHsbvPPqBerL1ty4388TCeIGjFlEXtmiJusiEpw4o0ZgbAtW6h-TbP127DpaEhRIvzb3oOLQhseXNasBtn4KOkZHhHlFnLRxFNfxjzI1_6RVcmmEp7vw1cZEYkevdu1du_4D6R-XXDfQns6lq-93QrzPtSXEeW6AP2pIqBX_0CxEzIHxAIkcsdIDUu2RkrfjrzSl0cYUve_zqviz0Jd1NSGpmJ3sAN4bBm4FIsRfIG4dCN_xSKWPllDEY78brgv0QhL-bb5oBvjSocgjcV12Y4ENrkx2CN8683ddMpPgqPKAxlOirk1iSuonaINiFrPlUMbam6lP8fqRlNnYYLXNnZvaGbJ5Zl4uJGLgTHKuBk8tyQt_UVYssPfhRYIXeCmcYVCwrX8ILUvRCH3fRB4JsKfoSSjfybdNW9IG8QotOt5aZd_0yqpZJ4k4hz9WXUmYX4ZqmXGtbP_8HH3aWY5mUoEoIowmztsL8J0IPUHxCvhydiLUBoQDCCZwctr9zMYYQLBdOAsMFlHhXv4NbrCM8Y7StOK7LKCjC4r_SulwraeTNK3aWJKz1VSbEOGC5lefTEXi2PskTT7TsWZYt1dXDY2RggfFhhtruJ8jSGRRMUTvkMN-Gy3WUvQHSGyOeqdeMaCETGma7Lc7SSJvu32VakiTKLmpbkqH0ulSZE3nZbCfOVkQj1abWJv6UHv28knwYEnRwmgS4RdHGUzjInGeBDmaLQQaEL6uo7S-lY-vE4an9wOAqS_58643rLBzi76b41kZT_uw3SbYQxyHFseQDoeeKmw8B2o0MC96uCuHW7EGSzbz3UvYPo4AzQurjUtm7AQZslFdxDHvEzgCULnoeMrKLfazLWJC7ftmG6SGh5BKSeyL-H6Bzem4--xsznLKzIn-nImHLKvmtQURU2LBtZr9NrXQHr_-EEjJFgKw6EBRB1cv-7p4zEAYfHSCAR0G2T6HQ_2lp2kDrVqYnuJEjX6pYX4lalihFKv0o-nKdgrxLUoodceJ8vuJDBXZdUSP18v4H2ClMO_l7kfDsXG-AwrOm1STo7lB2kMJ4w1rp2AsTbPowQ1zO1MCe2jWWfGcDd5u2L7lK1e9ceUcdxqFZRt2rIYT2XokBFFJHt5g9IjjtbzShj7keWvM8-3q-jPYjPweXOx5rc-J9BEqwl9_64vsDahIpPrapcebmzA5CRyXme8OQyLFEWnZVa4DVZhqDlZe-1xTRB4aJodFEPi-uMy7DY0w78YuaaJZ-6-c4GbMtK2FKIC0jyuOoQhQXsRIsbHMyB7PZzZ4C6ooXct_w1B6P4L6t_7CqxXFrY3bu54fZFgbujvbmymdvQqCeWtmZrt2PVWZiXxV99a0Fkocs8ECMuxDvGOheHxW6ZkY0hb5bAEdjK-7VA7dTIz0m7-WFJi1PS1zAVuO8-4EjenrFOsf6RhK-QZG3-E4jnYjbZOqaMav6PC8ClIgth8pbL9YOMpVvGYLgKm9SSc0Uh0iqShPpbUXDj55pXoJeB1uwCxLVt024QIeIIaNmaM-joHvm1jETczByCPqbsG_8jT_rMLyN7u8_bFZnVugKqy_JFuB7HHNiHpkiwGpbpmiwvFor05oT3mQN6YeBgzTRsnqstXhilqTYdC2XetdMkNrlY76MPmEc7fH3QunfxNfBxUVOn6ipF4fNwSfYDEOXERhF5AIFnfSIo6RPBPxZaAmtSp58pAK0zpqRjdSPUBai7-QP66eF87cYDtWOvoDCdTT3OJE7Ibr0_jthjhCpM3d63e90fwdTX86FfVMvIbwXbBmeHh_Ceid3TQkuRd1fvUP8XaW_eG48PDlyByKeUXLP1Q2jbRRgiFYZuXuhvDkz0Q3COxW2J2gjWYim_b5vRDZXEe7k0SblwEmJNVu3IhnwASghL8OQRETKryNqgMnNYwlGNPccr_L0wokD7fif27RuHZMKnrp-mXt_lrnamnxVlUS7J8ABYbxyK0F-rwGMvnJZX_FwcafzebVR5UDC0Y0Fc-vWxN2kwsVHPgFRrRIPtNO-EecNeFU34vCoVLjd7ovRbUIp0PDUkTPaKJZ4qaBMbAQNN3y2xBSJ-091aET9J513A9JTuppn5KrIj4lPu0TUiyPQIEs1XvuwOITwwbFSYZhnCQCMtYZlxnaxEfAt3Lgnh7GPqOL0zy5_AwwplxExR1_8nsE0rGWuhe_JY6KEeWKcNHRRwOP3ohkModpJylN8ecrBQ5mhXZ1P83N0BQQbV0SJ24gff_z3Tt4hFiawq9pZF1amk4r-YQpZl39AlWuKHZmaFbH-QhM7a0xr1ivq99gFizt3dmCJ6HweOQsTyDbz1rYpoek4G8CTbHyvM9qoNRZ3HlIvjskbqTG9rmlh9EkbNcBq5g7g1Wk8QHSSHqYptiaOTuPjUiZb3hxp3VbCS10uGwMTKCiSevI3aJN1jieKVPySmvLb_Rswv6gIrH1Mq2NI8Fu8fXpwhHJ7MOf5RGrEN3ofOrOoHIMumndkjW11dq8KACsOElatlJK9afN7lk5ExrO4Db1FKnyAv9UoMNU1h5ji-bTE_bfGv2VV12F9h1IJbtfTd2TYG8tYS6pO_9FNL2M7MMDoTvbq6j7bm2LFc2VlGj4jVOWtBcUwy8uDPmTI6mUeJQ4MdaF3Y1FOuj-eMzEtFW5VUG0hzJngsxMpvmaqLTFUUKQ-BhdRV39mReo2n3JFD9eF5uzUYVIskGAW_66GfNUoRG7QYQWug8Zc1VF3Y3Vpd5cT-mepj4EO-yuNTC6G4-wPuEmoODZOPoMyZ6oWLHvTQW_6siUME7miPQwm8XJ5NXlAHQEaaCgPwq6YqZQt_HKI3b1TVqXR3ImDXT4qwOVDiR0nzZ6Fy1hibPFnCo2VFB1ybae14yOtJBez5Atkz_LXFpszC_kuF4INGXz0g-Vn3CbeANwe8O6Qf6a8Z7lkiiW_xJVZ5dbKLW71jYUSk4rWzaGoPasunU6O6DjcPYFa8vPhG-_l66ufIIuW3wPRRjMVk459eKLyEZQ1HVrCAjCvtiAn4r_Z1FRYB4W22TNUXfIR964NmVbDHCzVcDtmE5KXZ6x40yLtCPJNnxsZ_cZ8f1WWAZNYFomjdzMpwKktwzUPCVPEXFA9oAr4VfSaSWaYn2mCuTyRW-PDoAyAyjtJIuUIvPA8gq8ioggST9HD1QIZaHExut8UDRcxbLPsNjcf_TF7Q4eHio2teF8P9-KgM3wOARVP1-rqUTMVo-DfDYQ72VIZrgYRS46ZrqR9XiL4JIxndz6eX0-b-MW_qUljmL3PGWuJdzynLBHRdWZm5kq6GB2RhpYEEI8m7GB-LuEbwvqiCPFW0eVqHoxgWdixZ7ktFZGWl&cid=CAASKORoEkFWPSXG6G_MJg3DTWcb619iTenaXv_0zAEyZTeusgqI0tST_rs&rfl=1%2Chttps%253A%252F%252Fwww.unknowncheats.me%252F%240

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally/b-92ee7c4-6fe72e44.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7043d321ee1a74e0a34293a2c6bf7fb1ba1bad79767060c798a5a99bb0f6969b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c96ea1d41c82c81a001846353bbc8487.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Sep 2022 05:25:14 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34593
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 99AA 13 KB
5 KB 10ms
7ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally/op.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.unknowncheats.me/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 38670
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 09 Sep 2022 18:40:44 GMT
expires: Sat, 09 Sep 2023 18:40:44 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame DE97 783 B
534 B 20ms
18ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally/op.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b12111d1db30cfb68442bc875e68a72c540a669c067954bfecff8fa5b02b5b0d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-yAVFTLs4eFchFLHHkHdJWA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.unknowncheats.me/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-yAVFTLs4eFchFLHHkHdJWA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 10 Sep 2022 05:25:14 GMT
expires: Sat, 10 Sep 2022 05:25:14 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 1D78
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKD9-1Ou-Lkp5K9_eo6TLrQ&google_cver=1

43 B
846 B

46ms
35ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKD9-1Ou-Lkp5K9_eo6TLrQ&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGNGxxtIBMAE&v=APEucNXtVq5ERtbd1UcaulJh9VkFP0htdhQyVGnZ2qC1RRXpkRSHV69-w-JO8vjPYzot6bg35C5D3O7cg29ViLwV-Ji4C4-UEpwefYYL237hJ7s_1XiNKEP9q6slpsrRLEAvcb9pB0U1LXweb5cky9z3PnOAshGMt3Gk0bra_FKk--JxH9-_cGY
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray: 7485bded9b1f9a3b-FRA
pragma: no-cache
date: Sat, 10 Sep 2022 05:25:14 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Net7C9zckYtY5aNIodPQZPeSwOOmKzI8%2FBiM1jWJYoXoZT%2FJz9el%2Bhkz3oG8i6FRJz4sCmLVoy%2BJu6Kau9hqiPUJmjKSlhzXiq%2F%2FSpadD1PazmErEyRuKr4NgF5ILQsx07Js1lll5rxjPw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 10 Sep 2022 05:25:14 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKD9-1Ou-Lkp5K9_eo6TLrQ&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 1D78
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YxwfuoivwJnruoGfiAJuggAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKD9-1Ou-Lkp5K9_eo6TLrQ&google_cver=1

43 B
840 B

57ms
57ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKD9-1Ou-Lkp5K9_eo6TLrQ&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGNGxxtIBMAE&v=APEucNXtVq5ERtbd1UcaulJh9VkFP0htdhQyVGnZ2qC1RRXpkRSHV69-w-JO8vjPYzot6bg35C5D3O7cg29ViLwV-Ji4C4-UEpwefYYL237hJ7s_1XiNKEP9q6slpsrRLEAvcb9pB0U1LXweb5cky9z3PnOAshGMt3Gk0bra_FKk--JxH9-_cGY
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray: 7485bdeeac589a3b-FRA
pragma: no-cache
date: Sat, 10 Sep 2022 05:25:14 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2AynGvxXZ597ImiIWf5GvaN1pWGw13G4zQ7ocafwstmNd4GfvRKdalBMAwBVP2G42OLhgEuPhiOCemLD3fWSL5DQO4CzKNnvMVRyF0sZzFlDfEaK0GbVu%2FOS3ogubfGTkYADgSz%2BKdNM4A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 10 Sep 2022 05:25:14 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKD9-1Ou-Lkp5K9_eo6TLrQ&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 1D78
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEDcp5ZYl-BAHdgFtAYl4AYI&google_cver=1

43 B
1009 B

15ms
14ms

Image
image/gif

185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEDcp5ZYl-BAHdgFtAYl4AYI&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGNGxxtIBMAE&v=APEucNXtVq5ERtbd1UcaulJh9VkFP0htdhQyVGnZ2qC1RRXpkRSHV69-w-JO8vjPYzot6bg35C5D3O7cg29ViLwV-Ji4C4-UEpwefYYL237hJ7s_1XiNKEP9q6slpsrRLEAvcb9pB0U1LXweb5cky9z3PnOAshGMt3Gk0bra_FKk--JxH9-_cGY

Protocol

HTTP/1.1

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 10 Sep 2022 05:25:14 GMT
X-Proxy-Origin: 81.95.5.44; 81.95.5.44; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 049132b9-8ceb-4177-bb4d-9a7bdf6f7bcb
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 10 Sep 2022 05:25:14 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEDcp5ZYl-BAHdgFtAYl4AYI&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1D78
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzU1MzQ0ODA5NDI5OTA0OTc4

170 B
188 B

17ms
17ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzU1MzQ0ODA5NDI5OTA0OTc4

Requested by

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Sep 2022 05:25:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 10 Sep 2022 05:25:14 GMT
X-Proxy-Origin: 81.95.5.44; 81.95.5.44; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 78f49f19-b870-4a8d-b621-db598b5af684
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzU1MzQ0ODA5NDI5OTA0OTc4
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame BC73
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKD9-1Ou-Lkp5K9_eo6TLrQ&google_cver=1

43 B
884 B

40ms
29ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKD9-1Ou-Lkp5K9_eo6TLrQ&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYlfTiwAEwAQ&v=APEucNXBqTNEwgY_Quxg2EcLGxk0Hs5sASPsHxb31qoxAfjhHsKoCIDjD6M1pZ8J7Qd60a1hm7mjLW9IzmpOM2f8-eKuHGYcOjFto2Thq2SqhZ8fKRP7faSgRQ27ONV82zWD07b3SL_escIZ2k55trL-OLU6fvXzhefgGzolsBQBWPzSwfiHVIk
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray: 7485bded9b209a3b-FRA
pragma: no-cache
date: Sat, 10 Sep 2022 05:25:14 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TtKloY7Z0C1ehO6zwW8fwsb9COrE5qcF%2FIpzCIM2jWWHmhd%2Bxa%2FrZ%2BilYRiecp%2B%2FDRus%2BhBFAqLsbEbuikGANia29KOHwitnJ8qC%2BoDSqWyPuYsGw9XS5lyfJz4kwiLxMF4iuaWK1lsnXA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 10 Sep 2022 05:25:14 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKD9-1Ou-Lkp5K9_eo6TLrQ&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame BC73
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YxwfuoivwJnruoGfiAJuggAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKD9-1Ou-Lkp5K9_eo6TLrQ&google_cver=1

43 B
845 B

22ms
22ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKD9-1Ou-Lkp5K9_eo6TLrQ&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYlfTiwAEwAQ&v=APEucNXBqTNEwgY_Quxg2EcLGxk0Hs5sASPsHxb31qoxAfjhHsKoCIDjD6M1pZ8J7Qd60a1hm7mjLW9IzmpOM2f8-eKuHGYcOjFto2Thq2SqhZ8fKRP7faSgRQ27ONV82zWD07b3SL_escIZ2k55trL-OLU6fvXzhefgGzolsBQBWPzSwfiHVIk
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray: 7485bdee9c569a3b-FRA
pragma: no-cache
date: Sat, 10 Sep 2022 05:25:14 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JWC%2B8OI7f6JCnmZAzD8gFYFEVguyRjO%2FFrtj3rf44uS1AFqdsklCs%2BuLvi99xDURhsyu%2BKDZqV78Bz1zuyGEsLYxPJKBLNJ1r3CF6FcCDKbkNvfmyHQbF1PZYAiq7UchqSGhxmXbHdgYag%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 10 Sep 2022 05:25:14 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKD9-1Ou-Lkp5K9_eo6TLrQ&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame BC73
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEDcp5ZYl-BAHdgFtAYl4AYI&google_cver=1

43 B
1009 B

27ms
16ms

Image
image/gif

185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEDcp5ZYl-BAHdgFtAYl4AYI&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYlfTiwAEwAQ&v=APEucNXBqTNEwgY_Quxg2EcLGxk0Hs5sASPsHxb31qoxAfjhHsKoCIDjD6M1pZ8J7Qd60a1hm7mjLW9IzmpOM2f8-eKuHGYcOjFto2Thq2SqhZ8fKRP7faSgRQ27ONV82zWD07b3SL_escIZ2k55trL-OLU6fvXzhefgGzolsBQBWPzSwfiHVIk

Protocol

HTTP/1.1

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 10 Sep 2022 05:25:14 GMT
X-Proxy-Origin: 81.95.5.44; 81.95.5.44; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: c239c497-bde0-42cf-a3ab-13bcc816800b
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 10 Sep 2022 05:25:14 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEDcp5ZYl-BAHdgFtAYl4AYI&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BC73
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzU1MzQ0ODA5NDI5OTA0OTc4

170 B
188 B

30ms
30ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzU1MzQ0ODA5NDI5OTA0OTc4

Requested by

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Sep 2022 05:25:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 10 Sep 2022 05:25:14 GMT
X-Proxy-Origin: 81.95.5.44; 81.95.5.44; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 9555bed0-1d77-4b6e-a2bb-496308e14cfd
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzU1MzQ0ODA5NDI5OTA0OTc4
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame F920 106 KB
38 KB 30ms
7ms Script
text/javascript 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally/b-92ee7c4-6fe72e44.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c96ea1d41c82c81a001846353bbc8487.safeframe.googlesyndication.com/
Origin: https://c96ea1d41c82c81a001846353bbc8487.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 09 Sep 2022 07:50:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 77658
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 10 Sep 2022 07:50:56 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220907/r20110914/elements/html/ Frame F920 8 KB
3 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220907/r20110914/elements/html/omrhp.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally/b-92ee7c4-6fe72e44.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c96ea1d41c82c81a001846353bbc8487.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 04:50:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2079
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3181
x-xss-protection: 0
server: cafe
etag: 10699485926258732851
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 24 Sep 2022 04:50:35 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220907/r20110914/ Frame F920 30 KB
12 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220907/r20110914/abg_lite.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally/b-92ee7c4-6fe72e44.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

efa230a3973395419cb2746d720c89db14d28401636f48514642360656c172ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c96ea1d41c82c81a001846353bbc8487.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 05:05:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1181
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11782
x-xss-protection: 0
server: cafe
etag: 11425859616848618248
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 24 Sep 2022 05:05:33 GMT

GET
H3 200 html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 0CE9 170 KB
59 KB 23ms
7ms Script
text/javascript 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally/b-92ee7c4-6fe72e44.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c96ea1d41c82c81a001846353bbc8487.safeframe.googlesyndication.com/
Origin: https://c96ea1d41c82c81a001846353bbc8487.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 09 Sep 2022 16:51:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 45222
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60311
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 10 Sep 2022 16:51:32 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220907/r20110914/elements/html/ Frame 0CE9 8 KB
3 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220907/r20110914/elements/html/omrhp.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally/b-92ee7c4-6fe72e44.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c96ea1d41c82c81a001846353bbc8487.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 04:50:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2079
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3181
x-xss-protection: 0
server: cafe
etag: 10699485926258732851
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 24 Sep 2022 04:50:35 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220907/r20110914/ Frame 0CE9 30 KB
12 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220907/r20110914/abg_lite.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally/b-92ee7c4-6fe72e44.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

efa230a3973395419cb2746d720c89db14d28401636f48514642360656c172ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c96ea1d41c82c81a001846353bbc8487.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 05:05:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1181
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11782
x-xss-protection: 0
server: cafe
etag: 11425859616848618248
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 24 Sep 2022 05:05:33 GMT

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame F4B0
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJAXEMcqAIRA-eJ-ljA2aJE&google_cver=1

43 B
61 B

27ms
17ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJAXEMcqAIRA-eJ-ljA2aJE&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGNGxxtIBMAE&v=APEucNUaxDd4OrkyWuP55nlSmKE10YDUlgRKAvApWhCxL52LFy7Kk1bcQJLAmf1495dz4osWP0sqtOWUed-QI-ez28rT-4VZqSp73slpI0z-AAY0GvKooT1fWym1h0NhfDipwX7Ysy4wvL2aQcvHd9U5vFFgGShr979EWeAFsdXnoSIXhYEPUL8
Protocol: H3
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Sep 2022 05:25:14 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 10 Sep 2022 05:25:14 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJAXEMcqAIRA-eJ-ljA2aJE&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame F4B0 43 B
304 B 43ms
18ms Image
image/gif 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGNGxxtIBMAE&v=APEucNUaxDd4OrkyWuP55nlSmKE10YDUlgRKAvApWhCxL52LFy7Kk1bcQJLAmf1495dz4osWP0sqtOWUed-QI-ez28rT-4VZqSp73slpI0z-AAY0GvKooT1fWym1h0NhfDipwX7Ysy4wvL2aQcvHd9U5vFFgGShr979EWeAFsdXnoSIXhYEPUL8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Sep 2022 05:25:14 GMT
content-encoding: gzip
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
via: 1.1 google
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

um
sync.teads.tv/ Frame F4B0
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESEIdyzr_uZ45yRirVbh7585c&google_cver=1

23 B
172 B

33ms
32ms

Image
image/gif

23.35.237.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESEIdyzr_uZ45yRirVbh7585c&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGNGxxtIBMAE&v=APEucNUaxDd4OrkyWuP55nlSmKE10YDUlgRKAvApWhCxL52LFy7Kk1bcQJLAmf1495dz4osWP0sqtOWUed-QI-ez28rT-4VZqSp73slpI0z-AAY0GvKooT1fWym1h0NhfDipwX7Ysy4wvL2aQcvHd9U5vFFgGShr979EWeAFsdXnoSIXhYEPUL8
Protocol: H2
Server: 23.35.237.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-56.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.8 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Sep 2022 05:25:14 GMT
cache-control: max-age=0, no-cache, no-store
expires: Sat, 10 Sep 2022 05:25:14 GMT
server: akka-http/10.2.8
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 10 Sep 2022 05:25:14 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://sync.teads.tv/um?eid=3&uid=CAESEIdyzr_uZ45yRirVbh7585c&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame F4B0 23 B
172 B 67ms
37ms Image
image/gif 23.35.237.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGNGxxtIBMAE&v=APEucNUaxDd4OrkyWuP55nlSmKE10YDUlgRKAvApWhCxL52LFy7Kk1bcQJLAmf1495dz4osWP0sqtOWUed-QI-ez28rT-4VZqSp73slpI0z-AAY0GvKooT1fWym1h0NhfDipwX7Ysy4wvL2aQcvHd9U5vFFgGShr979EWeAFsdXnoSIXhYEPUL8
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-56.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.8 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Sep 2022 05:25:14 GMT
cache-control: max-age=0, no-cache, no-store
expires: Sat, 10 Sep 2022 05:25:14 GMT
server: akka-http/10.2.8
content-length: 23
content-type: image/gif

GET
H3 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame F80D 106 KB
37 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally/b-92ee7c4-6fe72e44.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c96ea1d41c82c81a001846353bbc8487.safeframe.googlesyndication.com/
Origin: https://c96ea1d41c82c81a001846353bbc8487.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 09 Sep 2022 07:50:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 77658
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 10 Sep 2022 07:50:56 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220907/r20110914/elements/html/ Frame F80D 8 KB
3 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220907/r20110914/elements/html/omrhp.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally/b-92ee7c4-6fe72e44.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c96ea1d41c82c81a001846353bbc8487.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 04:50:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2079
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3181
x-xss-protection: 0
server: cafe
etag: 10699485926258732851
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 24 Sep 2022 04:50:35 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220907/r20110914/ Frame F80D 30 KB
12 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220907/r20110914/abg_lite.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally/b-92ee7c4-6fe72e44.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

efa230a3973395419cb2746d720c89db14d28401636f48514642360656c172ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c96ea1d41c82c81a001846353bbc8487.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 05:05:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1181
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11782
x-xss-protection: 0
server: cafe
etag: 11425859616848618248
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 24 Sep 2022 05:05:33 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/13578198116892954939/728x90_RTB30/ Frame 5584 10 KB
3 KB 24ms
8ms Document
text/html 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/13578198116892954939/728x90_RTB30/index.html

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally/b-92ee7c4-6fe72e44.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e882b3b7f584cd5c2e75afb5d35ebfd4c07858c5edee1e0837624a7ae31ded29

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c96ea1d41c82c81a001846353bbc8487.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 77726
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 2700
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Fri, 09 Sep 2022 07:49:48 GMT
expires: Sat, 09 Sep 2023 07:49:48 GMT
last-modified: Mon, 29 Aug 2022 10:51:13 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame F920 0
622 B 118ms
58ms Ping
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv_wBkAYWkLpy1YcblK9Oc7vM3VU8MHB7a50bcWOK544BpWg8Is7LTUicpt2dwZyW-qpf0M3Dp-X1rPyNVvLKtwMWT4v43LRGrZ1chaLSpTFZWrS-2rHyR5Ldldo_xV7NZCzzRZZnS_kK-NBbqy0-3ezYSDdrivUfvBMaVoFvl7oSSuUzMC4KtPFXuYnPV105oMRoHSNE5iReKnqzfXRY_7T455B9WJxdERobrRVDDkfkYXf21p9q3jdQjlPS34ADyivyCZYm8t4MMa3lkY6QxgPs2ZQYSn81hIBLVR3riKvB_PibLxW3m47jjKAZ0MF1dJ9vBpDnfOhY92EMLbBEx0UocQcsaTgFlp7eKJqInsBBiP9VlCwYlUC6mhz_66UjtWAVAWeMRsa6PrTUxPo2P3scsD3h9suizwgtW1oh1uEplO3edWfKpYrZD4O7PfwxUn0IPDVkY6DEeBeVkQcGGkTF2pHQt8-BlxLy4rGI2nWeLEDRfJjNrY4_utc7FYF5hMCcmJ8WfZCiRt2eQPqrPoggz-YNEJvzvuFjD6ROq3GmP2LnTh95dLfhM5PgRa_IiqQuiFNSrUPhCw5RbHg3BxqaV5YIr-ZtJDq5FzBtbtUdg-LzSYLMXxag37P75-odwXpsGtaAhmWdAfOalfaBxiXDzewCMAhv7_eQ0VlzLn5O99bw7NxH3aU1BJE69rTix93-GR--nZGUBXxFmWl6i8o17rWjC-H8vwkmL1f1CohIXKtKUnT0kZjddzziVY8MIAIlpv7GZ6QoaQqIH5piV8aVsk4RVZN3vBrDvnWz6--4gend06-ER-fGuWLlE_9EyKEg8_7fXN_g28UtTAhbGegjn3ZoDfkSO0fjdF-iilf_zTxcQUim3zK6lPvpGR7iLhnsKw2aCL4ipCCf4LXVjhSJ3zMBlGvi1-VDu0XAbqONUVKbS35fNZTRL3YcemVpE9gPp7rCEwB9tzo_sFiVazLva3bcb3-KAJaXUXdXz_vpVaCtT1UuLsWRE797d8k6gQjLmSfoGQ_4gbTXnFwi62ETckCZtdqGpJCAe4-xwNOUzXqLZTnpmkUZLECxWCrcVP9l27XIC852JqHO4QPj9xjhf0wbDEdXsK7SA2VwQjyeanAwUhSTXosRh1UBKWiwhCRTl4Yo3ow8dt_-FDxPZedqmbp97Vnl66bABxhGpPBb1-jt9WJMSEhg_OVBtn1SPhtvOnchZu0iwN_Se2OWnkemdsSF8TRaP-X3FPBdyaPcmzTkZi1dJoH8rpTxqn&sai=AMfl-YTQAEyYriM0JzoaJyiQ-3EsbL3AzuE_8-oi1-81icqAx_AAJjv3gxKl595i-1Q_JjJlRJTi9RHOurtH32HLXIIl1cv2R2cjVIfco3c0kpp31Ip6P4Eu9M8KRBvIqGHoB9CU6Rx8NKHu2uQu7unvGsdMbMQuW4hxFxWxOAjXf5kxyEaDhbO6CYGhKfrb-ObRdHFq6PdfTkczpuKbuYVj8xIzJ7_L7UXsXg&sig=Cg0ArKJSzEhqbF3f8jkhEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=187&cbvp=1&cstd=182&cisv=r20220907.13141&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.unknowncheats.me
URL: https://www.unknowncheats.me/forum/downloads.php?do=file&id=38109

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c96ea1d41c82c81a001846353bbc8487.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Sat, 10 Sep 2022 05:25:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1 200
OK ai.aspx
m.exactag.com/ Frame F920 43 B
1 KB 96ms
19ms Image
image/gif 213.202.235.8
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://m.exactag.com/ai.aspx?extProvApi=sky-dv360&extProvId=300&extPu=sky-dv360&extLi=1008819312&extPm=441555153&extCr=18157601480&gdpr=&gdpr_consent=&rnd=646619035

Requested by

Host: c96ea1d41c82c81a001846353bbc8487.safeframe.googlesyndication.com
URL: https://c96ea1d41c82c81a001846353bbc8487.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

213.202.235.8 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c96ea1d41c82c81a001846353bbc8487.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
P3P: policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
cross-origin-resource-policy: cross-origin
Connection: close
X-ET-Monitoring: 1
Content-Length: 43
X-Xss-Protection: 0
Pragma: no-cache
X-ET-Code: 0
Last-Modified: Sa, 10 Sep 2022 05:25:14 GMT
Server: Microsoft-IIS/8.5
Date: Sat, 10 Sep 2022 05:25:13 GMT
Access-Control-Max-Age: 1000
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://c96ea1d41c82c81a001846353bbc8487.safeframe.googlesyndication.com
Cache-Control: private
Access-Control-Allow-Credentials: true
X-ET-Camp: 923
Access-Control-Allow-Headers: *
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200
OK

firstevent
skydeutschland.demdex.net/ Frame F920
Redirect Chain

https://skydeutschland.demdex.net/event?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=176851603&d_placement=345303420&d_campaign=28385539&d_bust=646619035&gdpr=&gdpr_cons...
https://skydeutschland.demdex.net/firstevent?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=176851603&d_placement=345303420&d_campaign=28385539&d_bust=646619035&gdpr=&gdpr...

42 B
964 B

38ms
35ms

Image
image/gif

52.19.103.22
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://skydeutschland.demdex.net/firstevent?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=176851603&d_placement=345303420&d_campaign=28385539&d_bust=646619035&gdpr=&gdpr_consent=

Requested by

Host: c96ea1d41c82c81a001846353bbc8487.safeframe.googlesyndication.com
URL: https://c96ea1d41c82c81a001846353bbc8487.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

HTTP/1.1

Server

52.19.103.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-19-103-22.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c96ea1d41c82c81a001846353bbc8487.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v039-0d3cc2fc9.edge-irl1.demdex.com 5 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: fgF88tbZR4A=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-2-v039-096107272.edge-irl1.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: lmrl2nh+QmM=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://skydeutschland.demdex.net/firstevent?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=176851603&d_placement=345303420&d_campaign=28385539&d_bust=646619035&gdpr=&gdpr_consent=
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame DE97 0
0 41ms
41ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022090601&jk=2367235302713423&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame F920 41 KB
15 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally/b-92ee7c4-6fe72e44.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c96ea1d41c82c81a001846353bbc8487.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 09 Sep 2022 07:50:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 77657
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 09 Sep 2023 07:50:57 GMT

GET
DATA 200
OK truncated
/ Frame F920 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 626098edcd558fc88cd24eb43250c892716f0031061670882bfcebaac8f985fb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 JI0Pcydj_YJwFyiv8pAtPmsHnnPx6gDBxLt0n0XpIm8.js Show response
pagead2.googlesyndication.com/bg/ Frame 99AA 36 KB
16 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/JI0Pcydj_YJwFyiv8pAtPmsHnnPx6gDBxLt0n0XpIm8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

248d0f732763fd82701728aff2902d3e6b079e73f1ea00c1c4bb749f45e9226f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 13:57:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 142035
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15957
x-xss-protection: 0
last-modified: Mon, 29 Aug 2022 10:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 08 Sep 2023 13:57:59 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 0CE9 41 KB
15 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally/b-92ee7c4-6fe72e44.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c96ea1d41c82c81a001846353bbc8487.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 09 Sep 2022 07:50:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 77657
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 09 Sep 2023 07:50:57 GMT

GET
DATA 200
OK truncated
/ Frame 0CE9 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 83ebf7f0b1e78f2ba2ca24fc449f48d8dd6b8f4fd314238861d469de5d46a5cc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/10725954732868190736/ Frame E220 15 KB
2 KB 17ms
16ms Document
text/html 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/10725954732868190736/index.html?e=69&leftOffset=0&topOffset=0&c=c9UlZxmgZx&t=1&renderingType=2&ev=01_247

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally/b-92ee7c4-6fe72e44.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

10981f8f2382369aa0e2033491f5b532e3e238719185364406e3891ee7339f4e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c96ea1d41c82c81a001846353bbc8487.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 2285
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Sat, 10 Sep 2022 05:25:14 GMT
expires: Sun, 10 Sep 2023 05:25:14 GMT
last-modified: Thu, 21 Jul 2022 06:39:27 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 0CE9 0
64 B 53ms
52ms Ping
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss4jaw2vVKsNjbDiQDaIPDm6lcdDdFtwaXbA4lX5b53kmleZWywktvEgXImuDv32DbDDfl1ItU9jnhEeCG0yxnpxT7YGYo_J8WUhy0Z3XCguacd7YKSx8g8WnCDQK0fuog1G-WkS3sklzUtpojjOFoD1ILAQgKe5Rt358MHTseknJ-yq97C3aMkJzdfR5ZNTRkUb9cLvpFy26AfB-9Mz_nD2Sk2UzizVO0ou4G9ag_gMN-eoyNr0Do7RiHDHU4CqAt7MxhZQNhNC9hrSocPQ8R1XLfjH508h5d8Z5bnWjapm5byCKaP1BZY4NdW-3H-bub14GIhkmJxaiW7-FHarjt6qdFhO1hjnuhpIRaklq4G8XN1fvHhPYVJKk3fIOu6FEpBN9bejOEFg08pF--9feURI5-s0za8G9E0eCml62O_X7vJFrltarU6yS3OgSFUQakoeMmhvivzC35qssDRujlVrlg9Wx2uSVlr2a8aGWoZ092SwGL0NPOlkPrW65dhGtswV-EnJECI6Bnmi9Pxqq8madLeMTR_DBkoHRihcO7bYToxi6uzQwN5f4vAI5PX_PhPfNXmvw1At9qcZ0yi0sWGx6sdLKFN0hx1sXq-qnWg4968Wyfpl8Fn2enHzmi3KG2GZk-q-mE5syTgUmlY19_fPisC043QiKxb6K8WTf-6ikR79lyxAtvAAhCtBfOR-MgGiW3D6aQHUNZA5pyMHOaHFugkoxJpKs549QZm3WLXhxIucZXj26K0DpozG4SzepDkXcg7JkDZB7uCaQowvlT4k8ofE9rP82adE8AfFHQMfOFjbG5tRVhMZ0k-zVpIPDa6a4i7T0vkrEBXtPNIWs_tZ3RKZJMRm3GyOus4d_mj1r9s7Vka6rQtRVWzN7s4mwOxi0O5XBu2u_esDFwie0PVR3zD68fcuYygeaSagPgRdTUQMBzB6_3aOmeRgtAKQbXOnfsr1KLcQJjYbhPE8Aha2m9NZwOym6D6hRWkjp0_lcWumqW1orX3_uO6OXRfxj4CPnpd4aEXja-Ytt30xVsCuuOC9ChVp36aroigOBvY_bqHB9mDjuMxndfctBFcngCXHPcmBL28I0o8Dkqy7lcnpFSsnj7ATYLKUZaykry5NvouZXeKJ3MJ79ZK3NbhhPurWxySiC0jyQqLWTEVagKAdjgGNPSkjegy3IeLtWzhxWKoXchnDfMo5hVu-l9iLeF0GZk6r5vc9zW0tzq01EBMkXmlRhrY6yeK42O5--6Ja-HKehXZxFY6oOA&sai=AMfl-YQ4coHrDdOrC_5atNoaD-IXJF9-DnvFGhZNKy6_5qBNKrsysNiERwGo6GB5Ves57f7tCpY4pkVPfE22_35Gu1fHBQIjW24RzT0XuDAU-4WdPKlPzDtdtggDyvigSNnCvJBrWahsbeoIWPPrmf620pC5nn82OMI9mf1ZRYC4hW90iX4nCdE0fJXNYVZuOUnbuKJqicSv3sqQhh4ORHTmYT6J_UVWOtt3eg&sig=Cg0ArKJSzANbQ4bWx2mQEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=180&cbvp=1&cstd=174&cisv=r20220907.81406&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.unknowncheats.me
URL: https://www.unknowncheats.me/forum/downloads.php?do=file&id=38109

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c96ea1d41c82c81a001846353bbc8487.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Sat, 10 Sep 2022 05:25:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame F80D 41 KB
15 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally/b-92ee7c4-6fe72e44.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c96ea1d41c82c81a001846353bbc8487.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 09 Sep 2022 07:50:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 77657
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 09 Sep 2023 07:50:57 GMT

GET
DATA 200
OK truncated
/ Frame F80D 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d60ac51e1dd2fdfafad172caf265be346e4317931a4bf598c321f35a3fff87dd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/13578198116892954939/728x90_RTB30/ Frame 5CAF 10 KB
3 KB 8ms
7ms Document
text/html 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/13578198116892954939/728x90_RTB30/index.html

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally/b-92ee7c4-6fe72e44.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e882b3b7f584cd5c2e75afb5d35ebfd4c07858c5edee1e0837624a7ae31ded29

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c96ea1d41c82c81a001846353bbc8487.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 77726
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 2700
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Fri, 09 Sep 2022 07:49:48 GMT
expires: Sat, 09 Sep 2023 07:49:48 GMT
last-modified: Mon, 29 Aug 2022 10:51:13 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame F80D 0
64 B 52ms
52ms Ping
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssA6Z9TJYWCjCmPLq4so03Gt2CXBNL7gcLEb3TaCbMIH9ck9SJ7-jqq-aMVeLRC3YhHOIGoZ6gcXpblwy40lEl_Y2PMLpPcY9x3Dg3ML7vShTZzxUkkcdINGxd5sgKmZhYdbuF7Z5JOtMELxrsHTDImnCWYcA2xnJk3vjjHe83UUmXW_zgMPRVSV44AQboOEDQZPcTjSK7grF3SQnepkYnfMBARMHRycFkWwg7L3bclN7MPFNrhVsWIj8hf-aDLV86zotVNzFLTTRibV6Ln1He-Iy1Sz6Gjz4NQ-LsbXH1rlG3t6WlvncNMOIWBnestP6VV84CN-HM2rELufsuMiTnTkZ8GXa4ziTOXKonmdgbybPfCV8Jr4w3nnyTwIJc2uJunfTBOrJlzdZVsmuBXbt_pgYXIKnEwRCgaCVq9VKrYmk9RVdYHzv79kw43wcdnlRTgVCJpwNMpAJ-mJUUHBPM-dR8q0PZQ2MaY4Cd8vqj0myK6WYgPpHyAqJZtFXRKa25uc6ZAFxaOMnriBMYhrZAGR-CtRrlixQ0D3VtsNkO300BoclHShivgOOxyWY5L369fF6TKY9vJgTD-TcFduQGC-intnwSUJ1DEreb0qpoznQYNZbkCiFaNBqs7YuaHTg9IIkF73ZiOWtgzEpICnl6iUQ27mW4cXdSZ0hgI4GG5ZgDWeGXofV6CSdC-zvfN8JAfvnNqiAaWbfVThLFmdx_5lkqqh1Y0s6DXTear8dxOyv0Kenuvoa-jUpbXaleGMvcqwGsKPc7_h_rwW3pfjtU0pBIzpjAmYmTKo2pAMPxR_tRm0haR9EE3D2uYS-Oxi8sbuKnDwy6NHCPy_0DQhpToX9_-iaxSiXDEg8slOKJEYrX7JXn_hBSdxCCbCZKStYU7AcjtXYhHdMT9BH7gidyRa_fxmMAsR9ctN51m350Ta0a8ODjRnecdkCpfIsKDVcxvtOfGNoIEPpsIqurIu_-0ADHGSjVTc8l1nTvAgZd9_lQgCYAvqm0rV69hhAMIm7ZXjbglTjDRMw8sMw_aO798ioDNAHV_X30N80BxN8ytWEcJpiDT7XnynhIj5C-XLgRyZpuhj4-veTgXWHTe90sW_8n5chyn1gxLZyL-yJxH8XHpY51y2wkVgAxAY3MREw9Fw05yKQERHSN6CMwQTOtx-JGZmJlSCHkULA4bWCHxJ1kM-OJWX4Js5O6kYL3ruQSjWtQHzHnDMudI6SvNgq53UiU4PeV0N3BBJYQ_x97dYLOwn-rfnHl-I3YJ0XWUkhmQwQ&sai=AMfl-YRiEoD1o9mZMQgvareeJ4XL4Nebc5sXqjGN3hUdHkOiwtKHI-msAC7-46UfWx7W9TvCSM-BTd9socCwIZJEzei0zfNk8Idm6kdzsEGxxG5eSR5fhx9ZsJDB3wnrOWKRaP-1gI4lv8HkDqmsAFCDysxSIU_y7dBHyRpys_r9-kOjAuWlGDCmXETXiNxtCWXCLRJM4KAeYwc8v45rMbZwuaIhxa6LFRjm-w&sig=Cg0ArKJSzJFFP_SYOZzuEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=129&cbvp=1&cstd=125&cisv=r20220907.26145&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.unknowncheats.me
URL: https://www.unknowncheats.me/forum/downloads.php?do=file&id=38109

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c96ea1d41c82c81a001846353bbc8487.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Sat, 10 Sep 2022 05:25:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1 200
OK ai.aspx
m.exactag.com/ Frame F80D 43 B
992 B 69ms
21ms Image
image/gif 213.202.235.8
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://m.exactag.com/ai.aspx?extProvApi=sky-dv360&extProvId=300&extPu=sky-dv360&extLi=1008819312&extPm=441555153&extCr=18157601480&gdpr=&gdpr_consent=&rnd=2748347528

Requested by

Host: c96ea1d41c82c81a001846353bbc8487.safeframe.googlesyndication.com
URL: https://c96ea1d41c82c81a001846353bbc8487.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

213.202.235.8 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c96ea1d41c82c81a001846353bbc8487.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
P3P: policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
cross-origin-resource-policy: cross-origin
Connection: close
X-ET-Monitoring: 1
Content-Length: 43
X-Xss-Protection: 0
Pragma: no-cache
X-ET-Code: 0
Last-Modified: Sa, 10 Sep 2022 05:25:14 GMT
Server: Microsoft-IIS/8.5
Date: Sat, 10 Sep 2022 05:25:13 GMT
Access-Control-Max-Age: 1000
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://c96ea1d41c82c81a001846353bbc8487.safeframe.googlesyndication.com
Cache-Control: private
Access-Control-Allow-Credentials: true
X-ET-Camp: 923
Access-Control-Allow-Headers: *
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200
OK

firstevent
skydeutschland.demdex.net/ Frame F80D
Redirect Chain

https://skydeutschland.demdex.net/event?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=176851603&d_placement=345303420&d_campaign=28385539&d_bust=2748347528&gdpr=&gdpr_con...
https://skydeutschland.demdex.net/firstevent?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=176851603&d_placement=345303420&d_campaign=28385539&d_bust=2748347528&gdpr=&gdp...

42 B
964 B

37ms
37ms

Image
image/gif

52.19.103.22
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: c96ea1d41c82c81a001846353bbc8487.safeframe.googlesyndication.com
URL: https://c96ea1d41c82c81a001846353bbc8487.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

HTTP/1.1

Server

52.19.103.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-19-103-22.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c96ea1d41c82c81a001846353bbc8487.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v039-08ff11a55.edge-irl1.demdex.com 7 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: EIWinJnRSQ0=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-1-v039-03982e072.edge-irl1.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: lQZ5R9CwRH0=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://skydeutschland.demdex.net/firstevent?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=176851603&d_placement=345303420&d_campaign=28385539&d_bust=2748347528&gdpr=&gdpr_consent=
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 gsap.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/3.9.1/ Frame 5584 63 KB
23 KB 32ms
13ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/3.9.1/gsap.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13578198116892954939/728x90_RTB30/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6dbe9c2e13cf06c6633ea3fcf6d7bd30452561202a205c75a035cd1d8b93368f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 05:25:14 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 11689196
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 22890
timing-allow-origin: *
last-modified: Sat, 25 Dec 2021 03:05:32 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "61c68a7c-596a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H1m%2F8qGyAJ5splCqfl1lbVFVAi2yqotDbyWb7Qghy%2FlB9um%2FkuZ696GNRLpOHF5aZHoThkfHJ97d7LTDxzcBAModAmuJEIvFDmSATQ47vvxPzaI973p9cuwYCkeHw%2BFaN3MiDsPo9eqyjyK1RPGs6hnl"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 7485bdef09e2bbd3-FRA
expires: Thu, 31 Aug 2023 05:25:14 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 3C5C 22 KB
8 KB 7ms
7ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally/b-92ee7c4-6fe72e44.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c96ea1d41c82c81a001846353bbc8487.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 77657
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 09 Sep 2022 07:50:57 GMT
expires: Sat, 09 Sep 2023 07:50:57 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame C7F6 22 KB
8 KB 7ms
7ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally/b-92ee7c4-6fe72e44.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c96ea1d41c82c81a001846353bbc8487.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 77657
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 09 Sep 2022 07:50:57 GMT
expires: Sat, 09 Sep 2023 07:50:57 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 1657637830060.css
s0.2mdn.net/sadbundle/10725954732868190736/ Frame E220 10 KB
2 KB 10ms
10ms Stylesheet
text/css 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/10725954732868190736/1657637830060.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10725954732868190736/index.html?e=69&leftOffset=0&topOffset=0&c=c9UlZxmgZx&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef0423678b64273b3ed7c54d42b196336fbf0d0114fd7b018fe3848fcc42478d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10725954732868190736/index.html?e=69&leftOffset=0&topOffset=0&c=c9UlZxmgZx&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 06:40:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 168310
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2409
x-xss-protection: 0
last-modified: Thu, 21 Jul 2022 06:39:27 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 08 Sep 2023 06:40:04 GMT

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame E220 118 KB
40 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10725954732868190736/index.html?e=69&leftOffset=0&topOffset=0&c=c9UlZxmgZx&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10725954732868190736/index.html?e=69&leftOffset=0&topOffset=0&c=c9UlZxmgZx&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 09 Sep 2022 07:51:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 77654
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 10 Sep 2022 07:51:00 GMT

GET
H3 200 1657637830060.js Show response
s0.2mdn.net/sadbundle/10725954732868190736/ Frame E220 34 KB
11 KB 12ms
12ms Script
application/x-javascript 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/10725954732868190736/1657637830060.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10725954732868190736/index.html?e=69&leftOffset=0&topOffset=0&c=c9UlZxmgZx&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a48498f5db8ae8a7624a0150932e184eb1de17b6e2407d237aba929a60102ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10725954732868190736/index.html?e=69&leftOffset=0&topOffset=0&c=c9UlZxmgZx&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 06:40:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 168310
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11484
x-xss-protection: 0
last-modified: Thu, 21 Jul 2022 06:39:27 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 08 Sep 2023 06:40:04 GMT

GET
H3 200 gsap.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/3.9.1/ Frame 5CAF 63 KB
23 KB 27ms
15ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/3.9.1/gsap.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13578198116892954939/728x90_RTB30/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6dbe9c2e13cf06c6633ea3fcf6d7bd30452561202a205c75a035cd1d8b93368f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 05:25:14 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 7375018
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 22890
timing-allow-origin: *
last-modified: Sat, 25 Dec 2021 03:05:32 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "61c68a7c-596a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mqMW%2FZFp%2FDHJSmwSsya6ro9ERYTpiYCxhHLYXhgw95Ym8QssfBFLqAFh6WlG9sMd4pEYGyffTzF07OTAxYlwjHf0Nu2p4QtsregIIMqbiPUJXYYitTpHMy9yTA4ogusZLLTp3wA13RlVnJa3Mr37Fof0"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 7485bdef49449164-FRA
expires: Thu, 31 Aug 2023 05:25:14 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 416A 22 KB
8 KB 8ms
7ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/advally/b-92ee7c4-6fe72e44.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c96ea1d41c82c81a001846353bbc8487.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 77657
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 09 Sep 2022 07:50:57 GMT
expires: Sat, 09 Sep 2023 07:50:57 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 K.jpg
s0.2mdn.net/sadbundle/13578198116892954939/728x90_RTB30/images/ Frame 5584 22 KB
22 KB 8ms
8ms Image
image/jpeg 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13578198116892954939/728x90_RTB30/images/K.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13578198116892954939/728x90_RTB30/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2aae4f410c27527c02500e382865378fbd3bb7156f70fe2ae65383cd62fcb72e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13578198116892954939/728x90_RTB30/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 09 Sep 2022 07:49:48 GMT
x-content-type-options: nosniff
age: 77726
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22891
x-xss-protection: 0
last-modified: Mon, 29 Aug 2022 10:51:13 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 09 Sep 2023 07:49:48 GMT

GET
H3 200 Glitch1.png
s0.2mdn.net/sadbundle/13578198116892954939/728x90_RTB30/images/ Frame 5584 15 KB
15 KB 11ms
9ms Image
image/png 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13578198116892954939/728x90_RTB30/images/Glitch1.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13578198116892954939/728x90_RTB30/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e93109a64ad8bd320a4a07a4af3b339d2dee9d30f10479a74b33ee9a7e59993a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13578198116892954939/728x90_RTB30/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 09 Sep 2022 07:49:48 GMT
x-content-type-options: nosniff
age: 77726
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15253
x-xss-protection: 0
last-modified: Mon, 29 Aug 2022 10:51:13 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 09 Sep 2023 07:49:48 GMT

GET
H3 200 HL.png
s0.2mdn.net/sadbundle/13578198116892954939/728x90_RTB30/images/ Frame 5584 6 KB
6 KB 14ms
12ms Image
image/png 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13578198116892954939/728x90_RTB30/images/HL.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13578198116892954939/728x90_RTB30/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e4c9fa319c28b6e082e0072585fb0ce1e0ed273902d63365fb798a2f476d872

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13578198116892954939/728x90_RTB30/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 09 Sep 2022 07:49:49 GMT
x-content-type-options: nosniff
age: 77725
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6330
x-xss-protection: 0
last-modified: Mon, 29 Aug 2022 10:51:13 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 09 Sep 2023 07:49:49 GMT

GET
H3 200 HL_Munich1.png
s0.2mdn.net/sadbundle/13578198116892954939/728x90_RTB30/images/ Frame 5584 10 KB
10 KB 12ms
10ms Image
image/png 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13578198116892954939/728x90_RTB30/images/HL_Munich1.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13578198116892954939/728x90_RTB30/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e43c7992b7541625c9c0f5bd7f46f406b5a979ae90668eb9c1f01db5911e363e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13578198116892954939/728x90_RTB30/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 09 Sep 2022 07:49:48 GMT
x-content-type-options: nosniff
age: 77726
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10544
x-xss-protection: 0
last-modified: Mon, 29 Aug 2022 10:51:13 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 09 Sep 2023 07:49:48 GMT

GET
H3 200 HL_Munich2.png
s0.2mdn.net/sadbundle/13578198116892954939/728x90_RTB30/images/ Frame 5584 11 KB
11 KB 11ms
10ms Image
image/png 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13578198116892954939/728x90_RTB30/images/HL_Munich2.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13578198116892954939/728x90_RTB30/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

011f276e353a87985f02124d4f119945d850a48190f0d32febec79a9d967e721

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13578198116892954939/728x90_RTB30/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 09 Sep 2022 07:49:48 GMT
x-content-type-options: nosniff
age: 77726
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10840
x-xss-protection: 0
last-modified: Mon, 29 Aug 2022 10:51:13 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 09 Sep 2023 07:49:48 GMT

GET
H3 200 HL_Munich3.png
s0.2mdn.net/sadbundle/13578198116892954939/728x90_RTB30/images/ Frame 5584 12 KB
12 KB 14ms
12ms Image
image/png 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13578198116892954939/728x90_RTB30/images/HL_Munich3.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13578198116892954939/728x90_RTB30/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc325f9498e5b125164b69e749089343df7d0fc37d5cf74997c0af76e0c5491b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13578198116892954939/728x90_RTB30/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 09 Sep 2022 07:49:48 GMT
x-content-type-options: nosniff
age: 77726
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12675
x-xss-protection: 0
last-modified: Mon, 29 Aug 2022 10:51:13 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 09 Sep 2023 07:49:48 GMT

GET
H3 200 Overlay.png
s0.2mdn.net/sadbundle/13578198116892954939/728x90_RTB30/images/ Frame 5584 8 KB
8 KB 14ms
13ms Image
image/png 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13578198116892954939/728x90_RTB30/images/Overlay.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13578198116892954939/728x90_RTB30/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d971a5af684aadb07a5d6de884a15be6ae8b674aa4dd1f9738b8452ab4f6ad21

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13578198116892954939/728x90_RTB30/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 09 Sep 2022 07:49:48 GMT
x-content-type-options: nosniff
age: 77726
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8014
x-xss-protection: 0
last-modified: Mon, 29 Aug 2022 10:51:13 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 09 Sep 2023 07:49:48 GMT

GET
H3 200 DynHL2.png
s0.2mdn.net/sadbundle/13578198116892954939/728x90_RTB30/images/ Frame 5584 3 KB
3 KB 15ms
14ms Image
image/png 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13578198116892954939/728x90_RTB30/images/DynHL2.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13578198116892954939/728x90_RTB30/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b6db1339b1c98d5aec21b4a60f1060e4e0a10a8b295e111af6f2d870f5e554a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13578198116892954939/728x90_RTB30/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 09 Sep 2022 08:58:28 GMT
x-content-type-options: nosniff
age: 73606
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2668
x-xss-protection: 0
last-modified: Mon, 29 Aug 2022 10:51:13 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 09 Sep 2023 08:58:28 GMT

GET
H3 200 CTA.png
s0.2mdn.net/sadbundle/13578198116892954939/728x90_RTB30/images/ Frame 5584 1 KB
1 KB 15ms
13ms Image
image/png 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13578198116892954939/728x90_RTB30/images/CTA.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13578198116892954939/728x90_RTB30/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89058cf3d1914bb7d7d5286f79d8de9a868fea9733286649be7677f5f47b234e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13578198116892954939/728x90_RTB30/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 09 Sep 2022 07:49:49 GMT
x-content-type-options: nosniff
age: 77725
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1301
x-xss-protection: 0
last-modified: Mon, 29 Aug 2022 10:51:13 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 09 Sep 2023 07:49:49 GMT

GET
H3 200 JI0Pcydj_YJwFyiv8pAtPmsHnnPx6gDBxLt0n0XpIm8.js Show response
pagead2.googlesyndication.com/bg/ Frame 3C5C 36 KB
16 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/JI0Pcydj_YJwFyiv8pAtPmsHnnPx6gDBxLt0n0XpIm8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

248d0f732763fd82701728aff2902d3e6b079e73f1ea00c1c4bb749f45e9226f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 13:57:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 142035
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15957
x-xss-protection: 0
last-modified: Mon, 29 Aug 2022 10:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 08 Sep 2023 13:57:59 GMT

GET
H3 200 JI0Pcydj_YJwFyiv8pAtPmsHnnPx6gDBxLt0n0XpIm8.js Show response
pagead2.googlesyndication.com/bg/ Frame C7F6 36 KB
16 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/JI0Pcydj_YJwFyiv8pAtPmsHnnPx6gDBxLt0n0XpIm8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

248d0f732763fd82701728aff2902d3e6b079e73f1ea00c1c4bb749f45e9226f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 13:57:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 142035
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15957
x-xss-protection: 0
last-modified: Mon, 29 Aug 2022 10:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 08 Sep 2023 13:57:59 GMT

GET
H3 200 logo.svg
s0.2mdn.net/sadbundle/10725954732868190736/ Frame E220 3 KB
1 KB 8ms
7ms Image
image/svg+xml 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10725954732868190736/logo.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10725954732868190736/1657637830060.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ac1f8c2a4ee7c0ee40acb4937d0459e1e290abfa8229c4b7fc4d7992858e1cd9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10725954732868190736/1657637830060.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 18:06:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 472715
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1365
x-xss-protection: 0
last-modified: Thu, 21 Jul 2022 06:39:27 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 04 Sep 2023 18:06:39 GMT

GET
H3 200 JI0Pcydj_YJwFyiv8pAtPmsHnnPx6gDBxLt0n0XpIm8.js Show response
pagead2.googlesyndication.com/bg/ Frame 416A 36 KB
16 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/JI0Pcydj_YJwFyiv8pAtPmsHnnPx6gDBxLt0n0XpIm8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

248d0f732763fd82701728aff2902d3e6b079e73f1ea00c1c4bb749f45e9226f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 13:57:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 142035
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15957
x-xss-protection: 0
last-modified: Mon, 29 Aug 2022 10:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 08 Sep 2023 13:57:59 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame F920 0
26 B 63ms
46ms Ping
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv_wBkAYWkLpy1YcblK9Oc7vM3VU8MHB7a50bcWOK544BpWg8Is7LTUicpt2dwZyW-qpf0M3Dp-X1rPyNVvLKtwMWT4v43LRGrZ1chaLSpTFZWrS-2rHyR5Ldldo_xV7NZCzzRZZnS_kK-NBbqy0-3ezYSDdrivUfvBMaVoFvl7oSSuUzMC4KtPFXuYnPV105oMRoHSNE5iReKnqzfXRY_7T455B9WJxdERobrRVDDkfkYXf21p9q3jdQjlPS34ADyivyCZYm8t4MMa3lkY6QxgPs2ZQYSn81hIBLVR3riKvB_PibLxW3m47jjKAZ0MF1dJ9vBpDnfOhY92EMLbBEx0UocQcsaTgFlp7eKJqInsBBiP9VlCwYlUC6mhz_66UjtWAVAWeMRsa6PrTUxPo2P3scsD3h9suizwgtW1oh1uEplO3edWfKpYrZD4O7PfwxUn0IPDVkY6DEeBeVkQcGGkTF2pHQt8-BlxLy4rGI2nWeLEDRfJjNrY4_utc7FYF5hMCcmJ8WfZCiRt2eQPqrPoggz-YNEJvzvuFjD6ROq3GmP2LnTh95dLfhM5PgRa_IiqQuiFNSrUPhCw5RbHg3BxqaV5YIr-ZtJDq5FzBtbtUdg-LzSYLMXxag37P75-odwXpsGtaAhmWdAfOalfaBxiXDzewCMAhv7_eQ0VlzLn5O99bw7NxH3aU1BJE69rTix93-GR--nZGUBXxFmWl6i8o17rWjC-H8vwkmL1f1CohIXKtKUnT0kZjddzziVY8MIAIlpv7GZ6QoaQqIH5piV8aVsk4RVZN3vBrDvnWz6--4gend06-ER-fGuWLlE_9EyKEg8_7fXN_g28UtTAhbGegjn3ZoDfkSO0fjdF-iilf_zTxcQUim3zK6lPvpGR7iLhnsKw2aCL4ipCCf4LXVjhSJ3zMBlGvi1-VDu0XAbqONUVKbS35fNZTRL3YcemVpE9gPp7rCEwB9tzo_sFiVazLva3bcb3-KAJaXUXdXz_vpVaCtT1UuLsWRE797d8k6gQjLmSfoGQ_4gbTXnFwi62ETckCZtdqGpJCAe4-xwNOUzXqLZTnpmkUZLECxWCrcVP9l27XIC852JqHO4QPj9xjhf0wbDEdXsK7SA2VwQjyeanAwUhSTXosRh1UBKWiwhCRTl4Yo3ow8dt_-FDxPZedqmbp97Vnl66bABxhGpPBb1-jt9WJMSEhg_OVBtn1SPhtvOnchZu0iwN_Se2OWnkemdsSF8TRaP-X3FPBdyaPcmzTkZi1dJoH8rpTxqn&sai=AMfl-YTQAEyYriM0JzoaJyiQ-3EsbL3AzuE_8-oi1-81icqAx_AAJjv3gxKl595i-1Q_JjJlRJTi9RHOurtH32HLXIIl1cv2R2cjVIfco3c0kpp31Ip6P4Eu9M8KRBvIqGHoB9CU6Rx8NKHu2uQu7unvGsdMbMQuW4hxFxWxOAjXf5kxyEaDhbO6CYGhKfrb-ObRdHFq6PdfTkczpuKbuYVj8xIzJ7_L7UXsXg&sig=Cg0ArKJSzEhqbF3f8jkhEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=427&vt=11&dtpt=240&dett=3&cstd=182&cisv=r20220907.13141&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.unknowncheats.me
URL: https://www.unknowncheats.me/forum/downloads.php?do=file&id=38109

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c96ea1d41c82c81a001846353bbc8487.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 10 Sep 2022 05:25:14 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 K.jpg
s0.2mdn.net/sadbundle/13578198116892954939/728x90_RTB30/images/ Frame 5CAF 22 KB
22 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13578198116892954939/728x90_RTB30/images/K.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13578198116892954939/728x90_RTB30/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2aae4f410c27527c02500e382865378fbd3bb7156f70fe2ae65383cd62fcb72e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13578198116892954939/728x90_RTB30/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 09 Sep 2022 07:49:48 GMT
x-content-type-options: nosniff
age: 77726
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22891
x-xss-protection: 0
last-modified: Mon, 29 Aug 2022 10:51:13 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 09 Sep 2023 07:49:48 GMT

GET
H3 200 Glitch1.png
s0.2mdn.net/sadbundle/13578198116892954939/728x90_RTB30/images/ Frame 5CAF 15 KB
15 KB 8ms
7ms Image
image/png 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13578198116892954939/728x90_RTB30/images/Glitch1.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13578198116892954939/728x90_RTB30/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e93109a64ad8bd320a4a07a4af3b339d2dee9d30f10479a74b33ee9a7e59993a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13578198116892954939/728x90_RTB30/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 09 Sep 2022 07:49:48 GMT
x-content-type-options: nosniff
age: 77726
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15253
x-xss-protection: 0
last-modified: Mon, 29 Aug 2022 10:51:13 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 09 Sep 2023 07:49:48 GMT

GET
H3 200 HL.png
s0.2mdn.net/sadbundle/13578198116892954939/728x90_RTB30/images/ Frame 5CAF 6 KB
6 KB 8ms
7ms Image
image/png 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13578198116892954939/728x90_RTB30/images/HL.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13578198116892954939/728x90_RTB30/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e4c9fa319c28b6e082e0072585fb0ce1e0ed273902d63365fb798a2f476d872

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13578198116892954939/728x90_RTB30/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 09 Sep 2022 07:49:49 GMT
x-content-type-options: nosniff
age: 77725
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6330
x-xss-protection: 0
last-modified: Mon, 29 Aug 2022 10:51:13 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 09 Sep 2023 07:49:49 GMT

GET
H3 200 HL_Munich1.png
s0.2mdn.net/sadbundle/13578198116892954939/728x90_RTB30/images/ Frame 5CAF 10 KB
10 KB 11ms
10ms Image
image/png 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13578198116892954939/728x90_RTB30/images/HL_Munich1.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13578198116892954939/728x90_RTB30/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e43c7992b7541625c9c0f5bd7f46f406b5a979ae90668eb9c1f01db5911e363e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13578198116892954939/728x90_RTB30/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 09 Sep 2022 07:49:48 GMT
x-content-type-options: nosniff
age: 77726
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10544
x-xss-protection: 0
last-modified: Mon, 29 Aug 2022 10:51:13 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 09 Sep 2023 07:49:48 GMT

GET
H3 200 HL_Munich2.png
s0.2mdn.net/sadbundle/13578198116892954939/728x90_RTB30/images/ Frame 5CAF 11 KB
11 KB 12ms
11ms Image
image/png 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13578198116892954939/728x90_RTB30/images/HL_Munich2.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13578198116892954939/728x90_RTB30/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

011f276e353a87985f02124d4f119945d850a48190f0d32febec79a9d967e721

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13578198116892954939/728x90_RTB30/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 09 Sep 2022 07:49:48 GMT
x-content-type-options: nosniff
age: 77726
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10840
x-xss-protection: 0
last-modified: Mon, 29 Aug 2022 10:51:13 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 09 Sep 2023 07:49:48 GMT

GET
H3 200 HL_Munich3.png
s0.2mdn.net/sadbundle/13578198116892954939/728x90_RTB30/images/ Frame 5CAF 12 KB
12 KB 12ms
11ms Image
image/png 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13578198116892954939/728x90_RTB30/images/HL_Munich3.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13578198116892954939/728x90_RTB30/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc325f9498e5b125164b69e749089343df7d0fc37d5cf74997c0af76e0c5491b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13578198116892954939/728x90_RTB30/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 09 Sep 2022 07:49:48 GMT
x-content-type-options: nosniff
age: 77726
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12675
x-xss-protection: 0
last-modified: Mon, 29 Aug 2022 10:51:13 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 09 Sep 2023 07:49:48 GMT

GET
H3 200 Overlay.png
s0.2mdn.net/sadbundle/13578198116892954939/728x90_RTB30/images/ Frame 5CAF 8 KB
8 KB 13ms
12ms Image
image/png 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13578198116892954939/728x90_RTB30/images/Overlay.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13578198116892954939/728x90_RTB30/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d971a5af684aadb07a5d6de884a15be6ae8b674aa4dd1f9738b8452ab4f6ad21

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13578198116892954939/728x90_RTB30/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 09 Sep 2022 07:49:48 GMT
x-content-type-options: nosniff
age: 77726
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8014
x-xss-protection: 0
last-modified: Mon, 29 Aug 2022 10:51:13 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 09 Sep 2023 07:49:48 GMT

GET
H3 200 DynHL2.png
s0.2mdn.net/sadbundle/13578198116892954939/728x90_RTB30/images/ Frame 5CAF 3 KB
3 KB 13ms
13ms Image
image/png 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13578198116892954939/728x90_RTB30/images/DynHL2.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13578198116892954939/728x90_RTB30/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b6db1339b1c98d5aec21b4a60f1060e4e0a10a8b295e111af6f2d870f5e554a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13578198116892954939/728x90_RTB30/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 09 Sep 2022 08:58:28 GMT
x-content-type-options: nosniff
age: 73606
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2668
x-xss-protection: 0
last-modified: Mon, 29 Aug 2022 10:51:13 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 09 Sep 2023 08:58:28 GMT

GET
H3 200 CTA.png
s0.2mdn.net/sadbundle/13578198116892954939/728x90_RTB30/images/ Frame 5CAF 1 KB
1 KB 14ms
13ms Image
image/png 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/13578198116892954939/728x90_RTB30/images/CTA.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13578198116892954939/728x90_RTB30/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89058cf3d1914bb7d7d5286f79d8de9a868fea9733286649be7677f5f47b234e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/13578198116892954939/728x90_RTB30/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 09 Sep 2022 07:49:49 GMT
x-content-type-options: nosniff
age: 77725
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1301
x-xss-protection: 0
last-modified: Mon, 29 Aug 2022 10:51:13 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 09 Sep 2023 07:49:49 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 99AA 0
10 B 9ms
8ms Image
text/plain 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?HN0DfA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 05:25:14 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 0CE9 0
26 B 47ms
45ms Ping
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss4jaw2vVKsNjbDiQDaIPDm6lcdDdFtwaXbA4lX5b53kmleZWywktvEgXImuDv32DbDDfl1ItU9jnhEeCG0yxnpxT7YGYo_J8WUhy0Z3XCguacd7YKSx8g8WnCDQK0fuog1G-WkS3sklzUtpojjOFoD1ILAQgKe5Rt358MHTseknJ-yq97C3aMkJzdfR5ZNTRkUb9cLvpFy26AfB-9Mz_nD2Sk2UzizVO0ou4G9ag_gMN-eoyNr0Do7RiHDHU4CqAt7MxhZQNhNC9hrSocPQ8R1XLfjH508h5d8Z5bnWjapm5byCKaP1BZY4NdW-3H-bub14GIhkmJxaiW7-FHarjt6qdFhO1hjnuhpIRaklq4G8XN1fvHhPYVJKk3fIOu6FEpBN9bejOEFg08pF--9feURI5-s0za8G9E0eCml62O_X7vJFrltarU6yS3OgSFUQakoeMmhvivzC35qssDRujlVrlg9Wx2uSVlr2a8aGWoZ092SwGL0NPOlkPrW65dhGtswV-EnJECI6Bnmi9Pxqq8madLeMTR_DBkoHRihcO7bYToxi6uzQwN5f4vAI5PX_PhPfNXmvw1At9qcZ0yi0sWGx6sdLKFN0hx1sXq-qnWg4968Wyfpl8Fn2enHzmi3KG2GZk-q-mE5syTgUmlY19_fPisC043QiKxb6K8WTf-6ikR79lyxAtvAAhCtBfOR-MgGiW3D6aQHUNZA5pyMHOaHFugkoxJpKs549QZm3WLXhxIucZXj26K0DpozG4SzepDkXcg7JkDZB7uCaQowvlT4k8ofE9rP82adE8AfFHQMfOFjbG5tRVhMZ0k-zVpIPDa6a4i7T0vkrEBXtPNIWs_tZ3RKZJMRm3GyOus4d_mj1r9s7Vka6rQtRVWzN7s4mwOxi0O5XBu2u_esDFwie0PVR3zD68fcuYygeaSagPgRdTUQMBzB6_3aOmeRgtAKQbXOnfsr1KLcQJjYbhPE8Aha2m9NZwOym6D6hRWkjp0_lcWumqW1orX3_uO6OXRfxj4CPnpd4aEXja-Ytt30xVsCuuOC9ChVp36aroigOBvY_bqHB9mDjuMxndfctBFcngCXHPcmBL28I0o8Dkqy7lcnpFSsnj7ATYLKUZaykry5NvouZXeKJ3MJ79ZK3NbhhPurWxySiC0jyQqLWTEVagKAdjgGNPSkjegy3IeLtWzhxWKoXchnDfMo5hVu-l9iLeF0GZk6r5vc9zW0tzq01EBMkXmlRhrY6yeK42O5--6Ja-HKehXZxFY6oOA&sai=AMfl-YQ4coHrDdOrC_5atNoaD-IXJF9-DnvFGhZNKy6_5qBNKrsysNiERwGo6GB5Ves57f7tCpY4pkVPfE22_35Gu1fHBQIjW24RzT0XuDAU-4WdPKlPzDtdtggDyvigSNnCvJBrWahsbeoIWPPrmf620pC5nn82OMI9mf1ZRYC4hW90iX4nCdE0fJXNYVZuOUnbuKJqicSv3sqQhh4ORHTmYT6J_UVWOtt3eg&sig=Cg0ArKJSzANbQ4bWx2mQEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=365&vt=11&dtpt=185&dett=3&cstd=174&cisv=r20220907.81406&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.unknowncheats.me
URL: https://www.unknowncheats.me/forum/downloads.php?do=file&id=38109

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c96ea1d41c82c81a001846353bbc8487.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 10 Sep 2022 05:25:14 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame F80D 0
26 B 45ms
45ms Ping
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssA6Z9TJYWCjCmPLq4so03Gt2CXBNL7gcLEb3TaCbMIH9ck9SJ7-jqq-aMVeLRC3YhHOIGoZ6gcXpblwy40lEl_Y2PMLpPcY9x3Dg3ML7vShTZzxUkkcdINGxd5sgKmZhYdbuF7Z5JOtMELxrsHTDImnCWYcA2xnJk3vjjHe83UUmXW_zgMPRVSV44AQboOEDQZPcTjSK7grF3SQnepkYnfMBARMHRycFkWwg7L3bclN7MPFNrhVsWIj8hf-aDLV86zotVNzFLTTRibV6Ln1He-Iy1Sz6Gjz4NQ-LsbXH1rlG3t6WlvncNMOIWBnestP6VV84CN-HM2rELufsuMiTnTkZ8GXa4ziTOXKonmdgbybPfCV8Jr4w3nnyTwIJc2uJunfTBOrJlzdZVsmuBXbt_pgYXIKnEwRCgaCVq9VKrYmk9RVdYHzv79kw43wcdnlRTgVCJpwNMpAJ-mJUUHBPM-dR8q0PZQ2MaY4Cd8vqj0myK6WYgPpHyAqJZtFXRKa25uc6ZAFxaOMnriBMYhrZAGR-CtRrlixQ0D3VtsNkO300BoclHShivgOOxyWY5L369fF6TKY9vJgTD-TcFduQGC-intnwSUJ1DEreb0qpoznQYNZbkCiFaNBqs7YuaHTg9IIkF73ZiOWtgzEpICnl6iUQ27mW4cXdSZ0hgI4GG5ZgDWeGXofV6CSdC-zvfN8JAfvnNqiAaWbfVThLFmdx_5lkqqh1Y0s6DXTear8dxOyv0Kenuvoa-jUpbXaleGMvcqwGsKPc7_h_rwW3pfjtU0pBIzpjAmYmTKo2pAMPxR_tRm0haR9EE3D2uYS-Oxi8sbuKnDwy6NHCPy_0DQhpToX9_-iaxSiXDEg8slOKJEYrX7JXn_hBSdxCCbCZKStYU7AcjtXYhHdMT9BH7gidyRa_fxmMAsR9ctN51m350Ta0a8ODjRnecdkCpfIsKDVcxvtOfGNoIEPpsIqurIu_-0ADHGSjVTc8l1nTvAgZd9_lQgCYAvqm0rV69hhAMIm7ZXjbglTjDRMw8sMw_aO798ioDNAHV_X30N80BxN8ytWEcJpiDT7XnynhIj5C-XLgRyZpuhj4-veTgXWHTe90sW_8n5chyn1gxLZyL-yJxH8XHpY51y2wkVgAxAY3MREw9Fw05yKQERHSN6CMwQTOtx-JGZmJlSCHkULA4bWCHxJ1kM-OJWX4Js5O6kYL3ruQSjWtQHzHnDMudI6SvNgq53UiU4PeV0N3BBJYQ_x97dYLOwn-rfnHl-I3YJ0XWUkhmQwQ&sai=AMfl-YRiEoD1o9mZMQgvareeJ4XL4Nebc5sXqjGN3hUdHkOiwtKHI-msAC7-46UfWx7W9TvCSM-BTd9socCwIZJEzei0zfNk8Idm6kdzsEGxxG5eSR5fhx9ZsJDB3wnrOWKRaP-1gI4lv8HkDqmsAFCDysxSIU_y7dBHyRpys_r9-kOjAuWlGDCmXETXiNxtCWXCLRJM4KAeYwc8v45rMbZwuaIhxa6LFRjm-w&sig=Cg0ArKJSzJFFP_SYOZzuEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=325&vt=11&dtpt=196&dett=3&cstd=125&cisv=r20220907.26145&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.unknowncheats.me
URL: https://www.unknowncheats.me/forum/downloads.php?do=file&id=38109

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c96ea1d41c82c81a001846353bbc8487.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 10 Sep 2022 05:25:14 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 webfont.js Show response
ajax.googleapis.com/ajax/libs/webfont/1/ Frame E220 13 KB
5 KB 25ms
8ms Script
text/javascript 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10725954732868190736/1657637830060.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 12:11:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 494020
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5437
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 04 Sep 2023 12:11:34 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame E220 7 KB
5 KB 65ms
49ms XHR
application/json 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9896cdfdfda3c17dad2b589e4a9f4d7c5887f8232222ca4c4f4317cd46311254

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 10 Sep 2022 05:25:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5576
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame E220 17 KB
6 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 05:25:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 10 Sep 2022 05:25:15 GMT

GET
H3 200 congstarfont.woff2
s0.2mdn.net/creatives/assets/4234010/ Frame E220 98 KB
98 KB 9ms
8ms Font
font/woff2 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4234010/congstarfont.woff2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10725954732868190736/1657637830060.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d019867c120344469403527c7d958861b81d0fc873813c97ee135f707d74122

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/10725954732868190736/1657637830060.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 05:14:48 GMT
x-content-type-options: nosniff
age: 627
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100772
x-xss-protection: 0
last-modified: Thu, 05 Aug 2021 09:13:07 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 10 Sep 2022 05:29:48 GMT

GET
H3 200 86bef0b5-fa75-4ca3-8394-cb7b5a474a45-3.woff
s0.2mdn.net/creatives/assets/1881029/ Frame E220 57 KB
57 KB 9ms
9ms Font
font/woff 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/1881029/86bef0b5-fa75-4ca3-8394-cb7b5a474a45-3.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10725954732868190736/1657637830060.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

853a8c7e34be5549a44fc541e13876f5c2838123142f527dab2265950feaeefb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/10725954732868190736/1657637830060.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 05:15:14 GMT
x-content-type-options: nosniff
age: 601
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 58447
x-xss-protection: 0
last-modified: Wed, 15 Feb 2017 10:23:50 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 10 Sep 2022 05:30:14 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C7F6 0
20 B 44ms
44ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Ba3Cwuh8cY_zdBpCV7_UPxO6csAgAAAAAOAHgBAI&bg=!ODulO3_NAAZTikH4c4o7ACkAdvg8Wlh3jqotUgUeARNkeLw03NGeBJW555fYJN9KYObD0-PqRhwv0AIAAADMUgAAAAJoAQeZAxOS4kMFZaH_swBB3-P-_J4aF1ZcWDyt3jw5pexGWaf4SxFftRID74cATihRGLXtw9UhiMS03BTgXF7PlwVT6laELta58f573eKbVSg2sIgBbMcAtKqLpVVNlw2EBnlsw749202jhmqU2CwQsaSjzjohiAAaQhI1s_GlI4TKd8rr8QvD48Yo03YA-C1dIiOmb-eId24shydXmWULvkEgjmdTvIBAOAbI2gv_ZxVsUzgzqjaARAIY0j8DRYVAkwQ39wqrqE-5mBcyH0G8R28ijq8hvk-b7i-WOUocw-_uje6BnLlvJIKKionRvqYk-SSYjR2gfQoPnr-0t1cjrEATTq2j_7ZiRlms1tbUS64xG1IKAoaMYwsGIk9x0Uue8KXsRRRxV64_azB4JQ3EZi1Ea8pR3OIowf3DgPncUzFRjWwKbWLKMuEMlsuKErul4hP8EEGKwnrm8hxw_JKlJnSGiWUfLEXKrH9ZhQlDHIU09yNAfKU7KvO-kQCTllArLd47mLHJ9DSKx78HH3RqflTbMaZwf3s6MvC00EFQGx4lnflZzcHl0-ggO-qu_-mk99vZ5J2s1Ma2dYms5M_Lu7AoqrzxS3BTlEOnQ1UpMiJGiQh49XU0D7FWmXaVXG9hKQOgIWkg67JneUv7Kft2jSTgY_D00-s17XTm1IrZc8cA4J7RMiZqkXOQI6Gz9EqOeJ6to7tByB8fedOOJaWhNI3oqPdT9R5Izarp3U3SNqbqYuC506wvUgmip1la8g17MjQD4SFdJncbiOarFHP24JVcNQw72LqnwrNu4vVbNEk6CWtSdcDMSHN39BMFG6V6xffYrpap0zUkDeKgqQEoR3r4b3tBIU0K6wBl88AkvhChLi3TSZdRI5n4RB1N994AC5dYyPcKsKrhgAjo0iOeC7imHewcgvr4Nezpt-aWQMWOvTff0nv4e0CMFMDTn4xKQ5ZSEpIiRVNbmZNGlRr1UNyxm5vQ6G3zV5DOF7r3XTgAnJNB9r05McwD_SgIr4ZeEheRYvjn5Xw72kNnTlEYhKHoZzuL5KR8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Sep 2022 05:25:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 lv_1450x2355_2209-anf-l5ab0ad63-2fec-47ec-915a-9314a54ef652.png
s0.2mdn.net/4528404/ Frame E220 96 KB
96 KB 9ms
9ms Image
image/png 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528404/lv_1450x2355_2209-anf-l5ab0ad63-2fec-47ec-915a-9314a54ef652.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c6067f128772b9d71f329ce6cc3ac2fe681715b14b84abff7bc0b3a11a05a01a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/10725954732868190736/index.html?e=69&leftOffset=0&topOffset=0&c=c9UlZxmgZx&t=1&renderingType=2&ev=01_247
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 09 Sep 2022 07:00:05 GMT
x-content-type-options: nosniff
age: 80710
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 98036
x-xss-protection: 0
last-modified: Thu, 25 Aug 2022 11:39:06 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 10 Sep 2022 07:00:05 GMT

GET
H3 200 lstoerer-gbplus-2zeilig-2e91d4246-1605-4a87-9859-d3ceefaf6787.png
s0.2mdn.net/4528404/ Frame E220 29 KB
29 KB 8ms
8ms Image
image/png 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528404/lstoerer-gbplus-2zeilig-2e91d4246-1605-4a87-9859-d3ceefaf6787.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

43eee97b916f7cae9cac6a504204f9b845ccb1c760f882bebd36fd6138948fca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/10725954732868190736/index.html?e=69&leftOffset=0&topOffset=0&c=c9UlZxmgZx&t=1&renderingType=2&ev=01_247
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 09 Sep 2022 07:07:15 GMT
x-content-type-options: nosniff
age: 80280
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29864
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 13:03:06 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 10 Sep 2022 07:07:15 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3C5C 0
20 B 45ms
45ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B-M9luR8cY-e5NN679u8PsPiu6AYAAAAAOAHgBAI&bg=!zc6lzorNAAZTikH4c4o7ACkAdvg8Wtze-amMN0wEuKpe56652rS_c5laX9tqn1-yBBo_moPPrPl4OgIAAADzUgAAAAJoAQeZA0JWaDOzm715U4vrc2zz3KLPday3FHSBZmQIbLc675XNduCD2-MDTI-mCcWOyeHcWwlYInrs4byf4305T9n6vWM0P7ZSM11Jfi3ejm9mnBTvcMlT6OpjFjOUAG98znwomOWyK1KrAb1m6AfKkRYgjKndzOx43Pst0XOx7Ac6N-LTwrrtR8xaNo1m3reAOFesWwDQhMXz963f-JcBNdMxaUZVYi1A218tZ-0bd4hLREkmMk1Hv8tRenlaJ4KpR-t6XoGqJZgk7_KRiV7phO0EZEPKvXfPUKiRPh6CNhRLR4FES-VIjqqz-DyA4SOvGfQh4wxlOGMoytdoGuM-htzwH4OFpWz7FBcA2a6y-NJCBxp6SMXIx0w0TzdEniR8vCnW6elSVzE_xoLn56FlHULCIOBpFM9tsszVhnP6mhbr0D0nZnd6O0g65LTYkItGPdX9FcbemmF90jGoeA-0chQRuvxzqgPNf2zjP0_OCm1FK4z2g-eP3ftbmvxbm_ietRBjJMLPqficbUjwZ_KBlpTAbkcciu_6DkgMgpbyjhltl-F3LQueMENhD-xMHyNRBeajkWNi9Gqu1E_HWwihlFamvnfcYsNpcUyIH18n3o5-CaAe5y259UidjfCAFXA5BaebJG3c-rR6JRR5dJkUo2w6V5BaDemfb2Ig_Q5RKe2Hz8Cyiwy2lhIXwdCKpTKyvLcAaL08thHkr_y-TVfiCAv9O69vZbEEYkrM4BJ3sPuatzhm9c4HVJnXppCemKFHRUwbBiXZgyRYLQ3cbbiW8XQHLoEmjFRG5p2vZV3VNvL-OuHTjdgPMxDYeWZBq43961_hIb_aIqLlPnrY43VRsliQfuzTbobeGqfGKmiVP2F-M53FeaQy8VAI0FOsKmBlbsCoBCAsPXyeO2YZZJsNl9CsAw21r3Cag-2x3LbiOH57S0zEADcAOVD1hKZM2zGThvj-lfmNMKrG-lmtpguu-fcovshwhxB8vl19iVI6GLMKNIyulLr6oZo0c7BkYR9MHGe5qHrnB7vx0mACAA_HMR2nuSqeFihC6wPVtK96ULxrt8D2lDM-g3dktCsKNuTSzFZcjeATHvBsL796aPK5Zq2fOpOYDmQ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Sep 2022 05:25:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 JI0Pcydj_YJwFyiv8pAtPmsHnnPx6gDBxLt0n0XpIm8.js Show response
pagead2.googlesyndication.com/bg/ Frame D275 36 KB
16 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/JI0Pcydj_YJwFyiv8pAtPmsHnnPx6gDBxLt0n0XpIm8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

248d0f732763fd82701728aff2902d3e6b079e73f1ea00c1c4bb749f45e9226f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 13:57:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 142036
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15957
x-xss-protection: 0
last-modified: Mon, 29 Aug 2022 10:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 08 Sep 2023 13:57:59 GMT

GET
H3 200 lv_1450x2355_2209-anf-l5ab0ad63-2fec-47ec-915a-9314a54ef652.png
s0.2mdn.net/4528404/ Frame E220 96 KB
96 KB 7ms
7ms Image
image/png 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528404/lv_1450x2355_2209-anf-l5ab0ad63-2fec-47ec-915a-9314a54ef652.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c6067f128772b9d71f329ce6cc3ac2fe681715b14b84abff7bc0b3a11a05a01a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10725954732868190736/index.html?e=69&leftOffset=0&topOffset=0&c=c9UlZxmgZx&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 09 Sep 2022 07:00:05 GMT
x-content-type-options: nosniff
age: 80710
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 98036
x-xss-protection: 0
last-modified: Thu, 25 Aug 2022 11:39:06 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 10 Sep 2022 07:00:05 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 416A 0
20 B 46ms
45ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BucHMuh8cY5bfEtqy3gOCiovYAwAAAAA4AeAEAg&bg=!ExClEFTNAAZTikH4c4o7ACkAdvg8WgUuXy8mP3FZn3y_WTgGxdqjIn6CVcN4wsfUqkIgEh8Hpne5RgIAAAEJUgAAAAJoAQeZAyK1tlVmUidJBQw4Oqa1OCH_TVrW-Eybav8OqVTbFNpyQXDjYztV2CgJWdlrWtkrxxkj8H4n1r3hSYps2FkRmdzyi8kDDJBriNOHTT2CDY9x-Fabj-ewMoRlUr2bhMzxq0zXZ2U7uydOQaXPSjJMtyXrWVfAOtna2hcr-SWneUkxfEqQPlz4-D2BXF658-K0yPwfsLbLAC95WSA6zTppOVJQrt-7fRIiZFN8ZTqFAHzXAZ0EGv9FPekaia0wLfUYvC1jcrcWBPTYBpgZ8jlo4khVz578GirGn3VzSBHLV4JOkLlgXfKGMDD_bhHB5iigS6lZEnsD2LOmsgHjKeGkUyxqZfkz-_wvobvweIwwmvX9aA-_7rPvx8V-s2ceBZpcN5-sD-K-gk7A2ud4uQ0YKFbse7E3Z7n7ZB0GHW7K_2KzGzA39IIoBNSvtD0XWwnnIcC5F9SgxP4rN_IP1gNjYjPuM06ukIvLDe7DVftTx1iL3uGZOwVdWUQrhQCfLgt4AS19Exy_TTcJMcQGSCv85qs-GPGjxiobMnQvxPKRV0sxFzrJI0-3h7GifH7nK0aqaX5FIARxtlqN8-e-rsE0aX8AcMcIuF14YNyvFOHRST8JEUNSjVW1h-zRtvKhU6WtqbFuraMQpFtODc_xbOzymgAANLAaqNetRXUA6BM2Gz6bmQbOIhRCKJ7sZwQodZa8oKlBfmJhQRtVJVPCB9f4yflhny0RNgruPoUKBnHBpVtN1083nWGDqU3Ajyzm8ytrdmVtyAmmemKvRpdcY0IsDokxn8JRouoQHo_JKhn4MibHDsk2MWfMsodrMnOIWBD5rZl-M9AI6ZQamFzwdNGrlJynelZ-tcoPsvv0kVHvOa7H_NW3jHLuu62zvaMlGegb2GjQ2b1WhJCmNPFitTl74N3LbDInFYJCR7z9bqT6QpFJPmyMsQ_QEMPq_EdHMyKUYSU0DAOh8g3sna86ftloPg9KSSQq7Y4T2-_GqJ6cLOxe2h9KPIeLect1-CPT7aGOHYsIc1KKquVYqENHBQPtCiwbyqudwItUxTOFA9H66yhDSDax

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Sep 2022 05:25:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 43ms
43ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022090601&jk=2367235302713423&bg=!T0ylTAjNAAZTikH4c4o7ACkAdvg8Wj0OAaHsmqFIvCichS3hIr0ZxeEQ_unn8YANuS039xB_Em2KOAIAAADOUgAAAANoAQeZAtvbucG5RSYGiXWbQCvWlNJLblcUEv8A6vOuIMfHeIZn_wns-CrqgLoxAC9jnOx-GDgW69GTekgxrZqkDp5gfytCGOETE-bhKKzN5VeH8jG_4hn4bzlkZr0tTvivfhx5Aw5tDISn5MEvgr0Mc_Hr8wIZdcsMb1UNQOrFI0KibIbZBpRmO_C2P78WSJ3_B_xnC1MtNzkGrcIhx10cFcnL51aOHxnwGK8_32t8bZm9ggVYRjXOT4HrgldEnfypl4OJUQybGbVH1OBJQlD3EXMxqOMC7jH8QarJouMP7CVzgyUn3CW-xBeiKGZwNJHgsuykBiy2f096y9crscKkM9Wok_8zaJS-kCAutKnX_9Mz4m31uLZLpSuo8AOeLYQKHV6YMlny2vJOm-iKwomUYC-yzSVz0gNShbtSM_wJDtibadqAGTi_PMjhy_599BUbzwkzFNBoRQTDxTB0PV-siFkV-1xhurs8Wnndyl4sR6Skb8kLnL1IfDqmsDaz-MxpjjtOq7CxzUK9S_xfWs-i1_TBIq2YOjfw1yoXV2de0gy5A6KF91qH-9Edkr8uh0I7cg5Gd0ddrIbNH2wQvx-TT0ausjkZBUevDPzrfGZwoTPkACK86Wv9E6QJnHBbolPbVO5ZMJ88_UdjqjGvt2O2jwIvcORGv_ZhyQMRaYcS4n2LFY3JX4xjVCKqVOT0uHBbdE1ugtKm5Co-VZqKAtZHm-uHT1TEwxZE7azOybs4p2CIG26Ih3HKFqCse0cr1e0gVRKhz2rURBK2J36a3ubOIFlPLBf8iiym08GXY3J9XX8tPX73cwfGf9WGf8qe5v1ABtI3BxQYFqcwsHg1XKlbtIECI_zVIofPHjc-iz53s6fdneiesbGavNW1PHwJHe4SpxmICldHBLa7etR8W7_U0rnaQbYdIV2uHU4SBuFAyI7L49MqM_O56aRAYXNM0eES75j2Czu36YK2xq9v3fdP9g
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.unknowncheats.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F920 42 B
64 B 47ms
47ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuHQSCY6Z3N0gAwEjnPltGP0Z0zeO0PQxAiCK6cGsS5582EKPrK5WkDfhtHWQ6zbS70uAWm9eyd19oEus_hih3M64E6UnFX2R986L8n9awZ69-VB3NB7ka1MhlW7bCEtOjfq2hKPrY&sai=AMfl-YTtSN0UUnkSYHHfR5c_6ykppXZ5Qe06FRRbFHdqSM5Ug8dmPCKbl99g0z4sRcLJzmC8BsrzF0K3T_wTWpk7MZgqEq385MpIvSa-49BhPGJceHotI2CZhM5r03inc_-E&sig=Cg0ArKJSzABRdpPOYEVMEAE&cid=CAASKORoYxAfSDNk7Ec1vCfOtQpTmKZ0NCLmQk1Yr5bs7o_d-DeeGtninVQ&id=lidar2&mcvt=1027&p=20,867,128,1595&mtos=0,1027,1027,1027,1027&tos=0,1027,0,0,0&v=20220907&bin=7&avms=nio&bs=0,0&mc=0.83&if=1&vu=1&app=0&itpl=20&adk=125477129&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1662787513548&rpt=1069&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c96ea1d41c82c81a001846353bbc8487.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Sep 2022 05:25:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 0CE9 42 B
64 B 46ms
46ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuMsiVV5LYKbchw0EYv_bu98Dt4aJL2wGbgbeR_IzDrZRAPHL8thK3SfL_yGCa5ojHVw-ED4Kqz0OwECBR-oi1VdsseRHAzbladRWzOyk1idZgdU8ANV7yG5DtXvBM_DhhBlAQBj8w&sai=AMfl-YSvTUwqXQRdyx8kwra3vTic2UP7cqM-6snsaT8K6npziN34FyCN-Sv0rMQJlIwT3WQ6253MLaXDr522DfLk6uNcej6rtN9SinQYhTaJJzg4g13Mo_F1W7arzTVsReYV&sig=Cg0ArKJSzN7mVK2-sUAlEAE&cid=CAASKORop0XaACDIVKs3nDIWFz2fixpl5hr5Ay7LVHKj3dsSKka7rh3XOLw&id=lidar2&mcvt=1030&p=996,225,1036,266&mtos=1030,1030,1030,1030,1030&tos=1030,0,0,0,0&v=20220907&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=987977118&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1662787513565&rpt=1074&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c96ea1d41c82c81a001846353bbc8487.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Sep 2022 05:25:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F80D 42 B
64 B 45ms
45ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssugTgwO1oou7C7ZQod4c8EyicoH6ObzsF8Rc2YtzNuBpYKE4qFkH5wpthF-uYMEAYFqr4gcJZJLn_yDDBY7YUGJ1hx09FU7dTbB8RgUtDZdu0JplkAsc9AD9mgx-PFjF_hz5Kgq2Q&sai=AMfl-YRM1A5A3A3-8zUxLFYeyvEvLDz6RQ1lQzu_SUwrHI5GSkWk9RkBM-hdPsp2r637i0M1xfMg-1WKJ6NjrFGEmzJ39oTt2iCVrJub9ol26j9VJPO3PcixsuYtWyRxemp-&sig=Cg0ArKJSzLbuoSAABt3oEAE&cid=CAASKORoEkFWPSXG6G_MJg3DTWcb619iTenaXv_0zAEyZTeusgqI0tST_rs&id=lidar2&mcvt=1025&p=770,592,860,1320&mtos=1025,1025,1025,1025,1025&tos=1025,0,0,0,0&v=20220907&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2042815370&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1662787513582&rpt=1103&isd=0&lsd=0&met=ce&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c96ea1d41c82c81a001846353bbc8487.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Sep 2022 05:25:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 32ms
15ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-WW5GLB1G9F&gtm=2oe970&_p=1527073726&cid=1902994991.1662787513&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=2&sid=1662787512&sct=1&seg=0&dl=https%3A%2F%2Fwww.unknowncheats.me%2Fforum%2Fdownloads.php%3Fdo%3Dfile%26id%3D38109&dt=UnKnoWnCheaTs%20-%20Multiplayer%20Game%20Hacking%20and%20Cheats%20-%20v%200.228&en=scroll&epn.percent_scrolled=90&_et=8
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WW5GLB1G9F&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.unknowncheats.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Sep 2022 05:25:17 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.unknowncheats.me
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 lstoerer-gbplus-2zeilig-2e91d4246-1605-4a87-9859-d3ceefaf6787.png
s0.2mdn.net/4528404/ Frame E220 29 KB
29 KB 7ms
7ms Image
image/png 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528404/lstoerer-gbplus-2zeilig-2e91d4246-1605-4a87-9859-d3ceefaf6787.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

43eee97b916f7cae9cac6a504204f9b845ccb1c760f882bebd36fd6138948fca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10725954732868190736/index.html?e=69&leftOffset=0&topOffset=0&c=c9UlZxmgZx&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 09 Sep 2022 07:07:15 GMT
x-content-type-options: nosniff
age: 80283
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29864
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 13:03:06 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 10 Sep 2022 07:07:15 GMT

GET
H2 200 dc_oe=ChMI_KL2mL6J-gIVkMq7CB1ENweGEAAYACCQvfdKQhMI-Pi1mL6J-gIVoJ79Bx3Y8gm-;stragg=1;&timestamp=1662787518262;str=Show%20Slide%200;strtype=1
ade.googlesyndication.com/ddm/activity/ Frame 0CE9 42 B
494 B 197ms
44ms Image
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI_KL2mL6J-gIVkMq7CB1ENweGEAAYACCQvfdKQhMI-Pi1mL6J-gIVoJ79Bx3Y8gm-;stragg=1;&timestamp=1662787518262;str=Show%20Slide%200;strtype=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c96ea1d41c82c81a001846353bbc8487.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Sep 2022 05:25:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

206 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

22 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.unknowncheats.me/forum/	1970-01-20 14:38:43	Name: bblastvisit Value: 1662787512
www.unknowncheats.me/forum/	1970-01-20 14:38:43	Name: bblastactivity Value: 0
.unknowncheats.me/	1970-01-20 05:54:33	Name: _gid Value: GA1.2.1968797278.1662787513
.unknowncheats.me/	1970-01-20 05:53:07	Name: _gat_gtag_UA_9795118_5 Value: 1
.unknowncheats.me/	1970-01-20 15:29:07	Name: _ga_WW5GLB1G9F Value: GS1.1.1662787512.1.0.1662787512.0.0.0
.unknowncheats.me/	1970-01-20 15:29:07	Name: _ga Value: GA1.2.1902994991.1662787513
.unknowncheats.me/	1970-01-20 05:53:07	Name: _gat_advallyTracker0 Value: 1
www.unknowncheats.me/	1970-01-20 06:36:19	Name: _pbjs_userid_consent_data Value: 3524755945110770
.unknowncheats.me/	1970-01-20 05:53:09	Name: __cf_bm Value: LJH72l_A4rwJrV4BQWeoIgEtzTkul4WkQ.ABSfNdQDk-1662787513-0-AZsKW0Z5VbwkozplowM0jWeMnjVW5otcnQAqz4pkWO1Ih5lVmS1eX47XSLo0NICXwmoI1TWdpOBk1hWsEK4Dk+As2710YgDnzBOmbuDFqxLsq0kD/CsnKavsZVXEU3UpuA==
.unknowncheats.me/	1970-01-20 15:14:43	Name: __gads Value: ID=f616e6ab112ceafc-225fbcc11bce0026:T=1662787513:S=ALNI_MYw-6zKl1JW0HPOxTYAsffrt4XEsA
.doubleclick.net/	1970-01-20 15:14:43	Name: IDE Value: AHWqTUmXHWisX5IbzhAjycQ_dgqiv17qvd9iAow46BCebBZSxFiWhIx08QvSVuNsFsA
.casalemedia.com/	1970-01-20 14:38:43	Name: CMID Value: YxwfuoivwJnruoGfiAJuggAA
.casalemedia.com/	1970-01-20 08:02:43	Name: CMPS Value: 5140
.casalemedia.com/	1970-01-20 08:02:43	Name: CMPRO Value: 5140
.adnxs.com/	1970-01-20 08:02:43	Name: uuid2 Value: 755344809429904978
.adnxs.com/	1970-01-20 08:02:43	Name: anj Value: dTM7k!M41.D>6NRF']wIg2In6mm0sR!]tbPl1M>e)ZlrFUfJ+tGXxo7Ij1vE@-lZYMVvkBH_o$Rjv<EZskN9.meO3If)y3KL9D3I?-%1n3_<
m.exactag.com/	1970-01-20 08:02:43	Name: exactag_new_gk Value: d57e2b5284ed4c9bb63a71b8c97e0ed0%7c09.11.2022+05%3a25%3a14
m.exactag.com/	1970-01-20 10:12:19	Name: exactag_new_uk Value: f4bbb57f6e204ebdb0bdd0411d07c043%7c
m.exactag.com/	1969-12-31 23:59:59	Name: session_session Value: 9b0ae9eb439b4e7895ded3b6
.casalemedia.com/	1970-01-20 08:02:43	Name: CMTS Value: 1151
.demdex.net/	1970-01-20 10:12:19	Name: demdex Value: 32857328772215789742522514988321084728
.skydeutschland.demdex.net/	1970-01-20 10:12:19	Name: skydeutschland Value: 32857328772215789742522514988321084728

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ade.googlesyndication.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
c.amazon-adsystem.com
c96ea1d41c82c81a001846353bbc8487.safeframe.googlesyndication.com
cdn.adligature.com
cdn.id5-sync.com
cdn.viglink.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
dsum-sec.casalemedia.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
id5-sync.com
lb.eu-1-id5-sync.com
m.exactag.com
pagead2.googlesyndication.com
pixel.adsafeprotected.com
pro.ip-api.com
region1.google-analytics.com
s0.2mdn.net
securepubads.g.doubleclick.net
skydeutschland.demdex.net
static.adsafeprotected.com
stats.g.doubleclick.net
sync.teads.tv
tagan.adlightning.com
tpc.googlesyndication.com
us-u.openx.net
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.unknowncheats.me
104.18.18.126
108.138.4.10
141.95.98.69
142.250.185.130
142.250.185.98
142.250.186.66
162.19.138.117
18.202.123.230
18.66.147.50
185.89.210.212
2001:4860:4802:32::36
213.202.235.8
23.35.237.56
2600:9000:223f:f800:8:48e:53c0:93a1
2606:4700:10::ac43:266a
2606:4700:20::681a:dfb
2606:4700::6810:a10d
2606:4700::6811:190e
2a00:1450:4001:803::2008
2a00:1450:4001:809::2002
2a00:1450:4001:80b::2001
2a00:1450:4001:80b::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2002
2a00:1450:4001:810::2006
2a00:1450:4001:811::2002
2a00:1450:4001:827::200a
2a00:1450:4001:82b::2004
2a00:1450:4001:830::2001
2a00:1450:4001:830::2002
2a00:1450:400c:c00::9c
2a06:98c1:3121::3
35.244.159.8
51.77.64.70
52.19.103.22
011f276e353a87985f02124d4f119945d850a48190f0d32febec79a9d967e721
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d337d49eb4b17b33203922587439006159115bfc95708424fc18175a6cb2ae2
10981f8f2382369aa0e2033491f5b532e3e238719185364406e3891ee7339f4e
125f6de14c750fb35215c4ca49651563bad0b395af17a15a7da0ed532db24c7e
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
183f9a7c5ffb8321d9ba11e68c274f4060d0c9efc87275402a94c41ba5f59a04
1a7c50c9e79b96b7dada2619f651493cbbbd3f2a4a7f67f1e07dbfccab64b9e1
1b6db38d6efcac0437b7eb841161dd6f5cfa113d6d3962271601ad2313fe7a16
1d019867c120344469403527c7d958861b81d0fc873813c97ee135f707d74122
1fe879a8c447cec343ca5bb31772ba802bab0da4b82e0f00434bbc47b0f775ef
1ff696ac63133a691e51ad6088b48b5cea9f7d47e770e89e05e8c2a4b2011f40
210415b78a14ae0ea35a1128937bcbf750649cafaa4d26dd4b20abf9125f76c6
218fdbf4bd6797db4267dff86452c06b5938c8750f3bc26333736d03a63f7899
22751a98f97cc17346b7ced826f337ca6c7c99112f86316ca26c5f2258b6fda8
248d0f732763fd82701728aff2902d3e6b079e73f1ea00c1c4bb749f45e9226f
255c05faea25c9b0aae0bf6039ee72987159009d2c2fec984ee4c9f9a0964943
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
29613220adae0f4ec529fb7ff252d75145c96e7566461642579f4f491eb3ee4f
2aae4f410c27527c02500e382865378fbd3bb7156f70fe2ae65383cd62fcb72e
30bf0a4666d1d3b78111dd607b466bfbbd06eb7eba869d9fe50f04cfcc104e61
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3494aa511521699cb90ce58b95524b7632254270e6dfec8e58a8c0c13105d568
37bdde71eda05551adae1974b43916d2fc58ca04bc1b8325aab65e2668152b66
3a4188c3c29f92b11b547ebf10d80c8ed9a3db7be8e2fd2835d9377c2c5f9fa7
40a72ff7f1dd333f42733db6da235b86f461544b2acc8d948262aed68319fe9a
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
43eee97b916f7cae9cac6a504204f9b845ccb1c760f882bebd36fd6138948fca
44bcbe7df51c5d121237399d1e2c80d6599ca37bc0ca62bdf263418bbccebcb6
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
501bb607d8da868754e65c42b551b6e901a463ad707d8125a47f8b4c1c17e266
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50f77fa9d32c1323f7e50da8d807f556cdddaea2161de6cf84a0c8b4c1dd6f79
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57b53e5480adae13adc097a86f283b9bd76e8cee1ae5fcac898453018559ac65
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
5b6db1339b1c98d5aec21b4a60f1060e4e0a10a8b295e111af6f2d870f5e554a
5d59ed52c51b0badfc13e95ac916e50649bf71d6b1757fda2d2a0843f869f26e
5daec86e296b73a5efc0d38d2ba51810c6be5e1d9f2344ea43d087285f145bbc
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
626098edcd558fc88cd24eb43250c892716f0031061670882bfcebaac8f985fb
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6dbe9c2e13cf06c6633ea3fcf6d7bd30452561202a205c75a035cd1d8b93368f
6e4ed9f4271f22c3bb4405155731f16c131e71d4c752060017496c0bbd2d5c85
7043d321ee1a74e0a34293a2c6bf7fb1ba1bad79767060c798a5a99bb0f6969b
73073ed7160406dcfbe826dcabd7ec807cf2aa72afe0303424f518767120cf2e
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
7a48498f5db8ae8a7624a0150932e184eb1de17b6e2407d237aba929a60102ff
7d5f9f6239da37de095976ec70063415783c0cd27b80123c29d77f3811a39733
7dd295e8bad964edf9f03a9ca51f9ea53f0f8c9630ef30fc0a00b532fcccb2a9
7f53cd5bc59f5238abacda44b318fc949159b0988351d407c0b3f286966e7731
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
8171a9ba93396b21620ab0b268e56035cef7dc572a3d77300de3b539104dc24d
83ebf7f0b1e78f2ba2ca24fc449f48d8dd6b8f4fd314238861d469de5d46a5cc
845b4623bab575a3308ed69b25c29ff17f62aa418a7f309672052d5388302a2a
853a8c7e34be5549a44fc541e13876f5c2838123142f527dab2265950feaeefb
87aaed4f3916cf62500d91addfbee22555632283e0202262fcada2474d32bf1d
89058cf3d1914bb7d7d5286f79d8de9a868fea9733286649be7677f5f47b234e
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8d502b243768081a6be115640575cf13d65d403c40ccb83a6b576bd3411d7311
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
9896cdfdfda3c17dad2b589e4a9f4d7c5887f8232222ca4c4f4317cd46311254
9aebf5f9493bf804a640a36497b5b28da385f28a8c45751c5838ee1f7c0624e1
9d2475aaa70c3d241c85f61b88a1c6d0b758710433c350a455f63b0c5fd3e29a
9e4c9fa319c28b6e082e0072585fb0ce1e0ed273902d63365fb798a2f476d872
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0297b3ea37cda46af5a08ed89b1563987e6f6a233286e1a373668776134841c
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a790865503f382061ada25a1455e527a41ee12e12c227e9f328cd750db5f8366
a8185b3d295a4f2f10b24390f8b03bb594fcd55e3fd28155d26be26e0067f641
ac1f8c2a4ee7c0ee40acb4937d0459e1e290abfa8229c4b7fc4d7992858e1cd9
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b12111d1db30cfb68442bc875e68a72c540a669c067954bfecff8fa5b02b5b0d
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b274b33bfff219d321071de0b11e81c361b48532d38a9bfa2c5f9fa6c5a45f34
b3b8bbf477cc5f4448f15bcec10afbded3707219ccb6244448b85e0854c0de11
bf582157bbcf94a71f11d871eb8ce1d392d16023bab93914eec2d6c7eadb903c
c2989ffa1d43e198942b6b750b81c31a6fb185d87c743c293a607297c68e976e
c436c070b4846bddc3edcd9b1a64b2847af21d3725bf4e9e297c978db85259b6
c6067f128772b9d71f329ce6cc3ac2fe681715b14b84abff7bc0b3a11a05a01a
c7494c2d9f986202f2787a1d59e2efe56a0215048ee7f1e362196f1caff435b0
c76be96ebfe8065f9d9bbf58b776f1f94e356da3065cd21780a9a8a94de8b58e
cc325f9498e5b125164b69e749089343df7d0fc37d5cf74997c0af76e0c5491b
ce2fcedb8e9559c36759ed08297739454ae14353379d363384ef9b70be101b66
ce67b0786f14c7c1861eebd94f6557072e99e50ab95176a2f23d7444c4dc2741
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d466a4b2b852286223f23f149a78587be16f7b24eb507fa9268bcccd6d60bc0d
d60ac51e1dd2fdfafad172caf265be346e4317931a4bf598c321f35a3fff87dd
d971a5af684aadb07a5d6de884a15be6ae8b674aa4dd1f9738b8452ab4f6ad21
e0033715ccc8dd908987ecda5a544489f0704396de686e26be88ddfdaa2a9294
e15c4d4645646d56934e639cd1e1750ac098b435fbc3b7839173e8c5d5aee62b
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e368951bc5918b3d9fbc8205bfdf0d8be8b79da09b457bb113307063f3b1bc89
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e43c7992b7541625c9c0f5bd7f46f406b5a979ae90668eb9c1f01db5911e363e
e658790158fe348fcc8d328c7c8bd06aa42ce2cda12823e771cf04d21185ef88
e85815908064ec7977f13468af609ac980317a21b5b519cfa107948cf76b8ce9
e882b3b7f584cd5c2e75afb5d35ebfd4c07858c5edee1e0837624a7ae31ded29
e93109a64ad8bd320a4a07a4af3b339d2dee9d30f10479a74b33ee9a7e59993a
eeaf7add3eac1012ec3ee5fc79379c7feb1ec7f20a86322c5393a434670a531a
ef0423678b64273b3ed7c54d42b196336fbf0d0114fd7b018fe3848fcc42478d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efa230a3973395419cb2746d720c89db14d28401636f48514642360656c172ce
f2af2ccfb0f7f6add44a04c4f53ced657e2e1ea4c584a2b9d965228730ff7515
fa9999fc7002f0cbf3c17e4f493982047db8918c5bfd1a7169eeb7e3b4a455d6
fad40d5a22112d71b39845206a3c24384a5fd2aba357ef8d7e9b107419b23609
fef68fef77694597945cb94ee1809714617af5341e0759626547a4385807f9b8
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
ff8ab39af19317c451ca38036367565d7716697378a7689b8e12d0ebaf2e24da

www.unknowncheats.me Open in urlscan Pro 2606:4700:20::681a:dfb Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

193 Requests

93 %HTTPS

58 %IPv6

25 Domains

36 Subdomains

36 IPs

6 Countries

2821 kBTransfer

5807 kBSize

22 Cookies

2 Outgoing links

Redirected requests

193 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.unknowncheats.me Open in urlscan Pro
2606:4700:20::681a:dfb Public Scan

Screenshot
Live screenshot

Full Image

193
Requests

93 %
HTTPS

58 %
IPv6

25
Domains

36
Subdomains

36
IPs

6
Countries

2821 kB
Transfer

5807 kB
Size

22
Cookies

193 HTTP transactions
3 data transactions