minecraft.nagoya Open in urlscan Pro
2606:4700:3036::ac43:bd6d Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://minecraft.nagoya/
Effective URL:
https://minecraft.nagoya/
Submission Tags: phish.gg anti.fish automated Search All
Submission: On May 02 via api (May 2nd 2023, 5:35:18 am UTC) from DE — Scanned from DE

Summary HTTP 148 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 26 IPs in 10 countries across 26 domains to perform 148 HTTP transactions. The main IP is 2606:4700:3036::ac43:bd6d, located in United States and belongs to CLOUDFLARENET, US. The main domain is minecraft.nagoya.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 2nd 2023. Valid for: a year.

This is the only time minecraft.nagoya was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 4	2606:4700:303... 2606:4700:3036::ac43:bd6d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
27	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
17	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
2	199.232.148.157 199.232.148.157	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:400c:c07::9a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
1	104.244.42.200 104.244.42.200	13414 (TWITTER) (TWITTER)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
37	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
1 4	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
3 17	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
5 7	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
3 4	185.89.211.116 185.89.211.116	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2a02:fa8:8806... 2a02:fa8:8806:12::1400	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1 1	185.29.134.244 185.29.134.244	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1 1	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
2 2	2a05:d018:d29... 2a05:d018:d29:3601:aa7c:1c33:de1d:a4ba	16509 (AMAZON-02) (AMAZON-02)
1	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
3 3	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	2a00:1450:400... 2a00:1450:4001:82f::2006	15169 (GOOGLE) (GOOGLE)
2	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
2 2	54.93.45.240 54.93.45.240	16509 (AMAZON-02) (AMAZON-02)
1 2	2606:4700::68... 2606:4700::6812:18ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	85.114.159.118 85.114.159.118	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2 2	213.155.156.167 213.155.156.167	1299 (TWELVE99 ...) (TWELVE99 Arelion)
2 2	37.157.3.20 37.157.3.20	198622 (ADFORM) (ADFORM)
148	26

4 2606:4700:3036::ac43:bd6d (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

minecraft.nagoya	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 199.232.148.157 (Amsterdam, Netherlands)

ASN54113 (FASTLY, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c07::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.200 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

37 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 172.217.18.2 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 185.80.39.216 (Canada) 5 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.89.211.116 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:12::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.134.244 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.0.66 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d018:d29:3601:aa7c:1c33:de1d:a4ba (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.64.190.78 (United Kingdom) 3 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.93.45.240 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-93-45-240.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:18ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.118 (Bad Durrheim, Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.167 (Sweden) 2 redirects

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.3.20 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
64	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 129 tpc.googlesyndication.com — Cisco Umbrella Rank: 177	608 KB
36	doubleclick.net 3 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 67 stats.g.doubleclick.net — Cisco Umbrella Rank: 166 cm.g.doubleclick.net — Cisco Umbrella Rank: 313 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 394	232 KB
10	gstatic.com www.gstatic.com fonts.gstatic.com	140 KB
7	casalemedia.com 5 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 876 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 679	6 KB
7	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 238	343 KB
7	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 130 www.google.com — Cisco Umbrella Rank: 16	1 KB
7	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 607 fonts.googleapis.com — Cisco Umbrella Rank: 119	34 KB
4	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 319	4 KB
4	minecraft.nagoya 1 redirects minecraft.nagoya	46 KB
3	pubmatic.com 3 redirects image6.pubmatic.com — Cisco Umbrella Rank: 1037	2 KB
3	google.de adservice.google.de — Cisco Umbrella Rank: 5261	818 B
3	twitter.com platform.twitter.com — Cisco Umbrella Rank: 1159 syndication.twitter.com — Cisco Umbrella Rank: 1451	131 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 91 region1.google-analytics.com — Cisco Umbrella Rank: 1718	21 KB
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 908	1 KB
2	de17a.com 2 redirects d5p.de17a.com — Cisco Umbrella Rank: 6958	653 B
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 1248 s.tribalfusion.com — Cisco Umbrella Rank: 2774	1 KB
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 1332	2 KB
2	yahoo.com 2 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 689	1 KB
1	adition.com 1 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 2062	587 B
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 373	61 KB
1	openx.net rtb.openx.net — Cisco Umbrella Rank: 1886	351 B
1	travelaudience.com 1 redirects ads.travelaudience.com — Cisco Umbrella Rank: 7904	551 B
1	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 744	875 B
1	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 4805	104 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1132	612 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 114	72 KB
148	26

	Domain	Requested by
37	tpc.googlesyndication.com	googleads.g.doubleclick.net tpc.googlesyndication.com pagead2.googlesyndication.com
27	pagead2.googlesyndication.com	minecraft.nagoya pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com
17	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net minecraft.nagoya
16	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net minecraft.nagoya
8	www.gstatic.com	googleads.g.doubleclick.net
7	www.googletagservices.com	googleads.g.doubleclick.net
6	fonts.googleapis.com	googleads.g.doubleclick.net
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
4	ib.adnxs.com	3 redirects googleads.g.doubleclick.net
4	www.google.com	1 redirects googleads.g.doubleclick.net tpc.googlesyndication.com
4	minecraft.nagoya	1 redirects minecraft.nagoya
3	image6.pubmatic.com	3 redirects
3	adservice.google.com	pagead2.googlesyndication.com
3	adservice.google.de	pagead2.googlesyndication.com
2	c1.adform.net	2 redirects
2	d5p.de17a.com	2 redirects
2	pm.w55c.net	2 redirects
2	googleads4.g.doubleclick.net	googleads.g.doubleclick.net
2	ssum-sec.casalemedia.com	2 redirects
2	pr-bh.ybp.yahoo.com	2 redirects
2	fonts.gstatic.com	fonts.googleapis.com
2	platform.twitter.com	minecraft.nagoya platform.twitter.com
2	www.google-analytics.com	minecraft.nagoya www.google-analytics.com
1	dsp.adfarm1.adition.com	1 redirects
1	s.tribalfusion.com
1	a.tribalfusion.com	1 redirects
1	s0.2mdn.net	googleads.g.doubleclick.net
1	rtb.openx.net	googleads.g.doubleclick.net
1	ads.travelaudience.com	1 redirects
1	sync.mathtag.com	1 redirects
1	dclk-match.dotomi.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	region1.google-analytics.com	www.googletagmanager.com
1	syndication.twitter.com	platform.twitter.com
1	www.googletagmanager.com	www.google-analytics.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	ajax.googleapis.com	minecraft.nagoya
148	37

This site contains links to these domains. Also see Links.

Domain
twitter.com
www.facebook.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-02` - `2024-05-01`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
platform.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-21` - `2023-08-21`	a year	crt.sh
syndication.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-05` - `2024-02-05`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2022-08-09` - `2023-09-10`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh

This page contains 25 frames:

Primary Page: https://minecraft.nagoya/
Frame ID: 35315E0062CEEB5B6BA59A74189D09CB
Requests: 23 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230426/r20190131/zrt_lookup.html
Frame ID: 7E76840A6054D87BBDA50F9128137340
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fminecraft.nagoya
Frame ID: 9502DDF39C915C497A97A1D27D62B446
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6667105062117622&output=html&adk=1812271804&adf=3025194257&lmt=1683005713&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_l%7C212x945_r&format=0x0&url=https%3A%2F%2Fminecraft.nagoya%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683005712959&bpp=604&bdt=173&idt=870&shv=r20230426&mjsv=m202304260101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3146917329212&frm=20&pv=2&ga_vid=1412944886.1683005714&ga_sid=1683005714&ga_hid=617088275&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44773810%2C44759837%2C44759875%2C31073973%2C44788442%2C44789761%2C44790154&oid=2&pvsid=283296863923680&tmod=582782916&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=886
Frame ID: 790507C0A7C161C9EBB7F9DE4248DDC5
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6667105062117622&output=html&h=200&slotname=4471336796&adk=537440905&adf=854766408&pi=t.ma~as.4471336796&w=1110&fwrn=4&lmt=1683005713&rafmt=11&format=1110x200&url=https%3A%2F%2Fminecraft.nagoya%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683005713563&bpp=13&bdt=777&idt=285&shv=r20230426&mjsv=m202304260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3146917329212&frm=20&pv=1&ga_vid=1412944886.1683005714&ga_sid=1683005714&ga_hid=617088275&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=541&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44773810%2C44759837%2C44759875%2C31073973%2C44788442%2C44789761%2C44790154&oid=2&pvsid=283296863923680&tmod=582782916&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=vYdYhsyMX2&p=https%3A//minecraft.nagoya&dtd=289
Frame ID: 14683D5E00A758BD6E2FCA4EFE92C3E8
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6667105062117622&output=html&h=280&adk=3898524957&adf=2723329071&pi=t.aa~a.4118584550~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1683005714&rafmt=1&to=qs&pwprc=9570826514&format=1110x280&url=https%3A%2F%2Fminecraft.nagoya%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683005714555&bpp=1&bdt=1769&idt=-M&shv=r20230426&mjsv=m202304260101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D154d9255d3c89d67-227c4f41b6dd0061%3AT%3D1683005713%3ART%3D1683005713%3AS%3DALNI_MZvsZ2WKGHBjjuP__yWjPzGgmBKEg&gpic=UID%3D00000bf3cd2149b3%3AT%3D1683005713%3ART%3D1683005713%3AS%3DALNI_MYmxOVbpcCEq-lthveDompEJESYpA&prev_fmts=0x0%2C1110x200&nras=2&correlator=3146917329212&frm=20&pv=1&ga_vid=1412944886.1683005714&ga_sid=1683005714&ga_hid=617088275&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1384&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44773810%2C44759837%2C44759875%2C31073973%2C44788442%2C44789761%2C44790154&oid=2&psts=ABHeCvg_rXXaSNqtS_5Jwz-BaRNGes2UPiKyLmZcBlGPVXPTdUn08pRYX_TNnTCEBgG0Piowk6XXMWG6p8FIXzctjLiDNQ&pvsid=283296863923680&tmod=582782916&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=eF2AM45bcn&p=https%3A//minecraft.nagoya&dtd=8
Frame ID: 244AF7C8AE4D59A7DF86D84BAF134F7E
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6667105062117622&output=html&h=90&adk=377016393&adf=2556572655&pi=t.aa~a.4118573133~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1683005714&rafmt=1&to=qs&pwprc=9570826514&format=1110x90&url=https%3A%2F%2Fminecraft.nagoya%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683005714555&bpp=1&bdt=1769&idt=1&shv=r20230426&mjsv=m202304260101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D154d9255d3c89d67-227c4f41b6dd0061%3AT%3D1683005713%3ART%3D1683005713%3AS%3DALNI_MZvsZ2WKGHBjjuP__yWjPzGgmBKEg&gpic=UID%3D00000bf3cd2149b3%3AT%3D1683005713%3ART%3D1683005713%3AS%3DALNI_MYmxOVbpcCEq-lthveDompEJESYpA&prev_fmts=0x0%2C1110x200%2C1110x280&nras=3&correlator=3146917329212&frm=20&pv=1&ga_vid=1412944886.1683005714&ga_sid=1683005714&ga_hid=617088275&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1890&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44773810%2C44759837%2C44759875%2C31073973%2C44788442%2C44789761%2C44790154&oid=2&psts=ABHeCvg_rXXaSNqtS_5Jwz-BaRNGes2UPiKyLmZcBlGPVXPTdUn08pRYX_TNnTCEBgG0Piowk6XXMWG6p8FIXzctjLiDNQ&pvsid=283296863923680&tmod=582782916&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=n7lofGT3aU&p=https%3A//minecraft.nagoya&dtd=13
Frame ID: 8427508964110E5CF6ED7695B40E8A87
Requests: 19 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/sRhYKH_5dmvPrul9dgGb794WXhJ3dcjrskH3Px1HIuI.js
Frame ID: 7B17EF783D3223C492B733D3DF9290B1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1
Frame ID: DAA046EFBBD0B2C9E3DB9AEFAAC3900D
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1
Frame ID: 7CEC7776B736F5DF795E082779512A2C
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1
Frame ID: 6BF3DC510ADBBAAF1603458B982DAE57
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1
Frame ID: 60A7C961900A5185D87000543CAE20A6
Requests: 13 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400&text=%E9%96%89%E3%81%98%E3%82%8B
Frame ID: BF1DBB14A7813BA7EA60132B25E6CA8A
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 37FE98819D14AFD430D27DEEDDCD8935
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/sRhYKH_5dmvPrul9dgGb794WXhJ3dcjrskH3Px1HIuI.js
Frame ID: 587C5F7279D1B1A3AA18D6079AB15E03
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/sRhYKH_5dmvPrul9dgGb794WXhJ3dcjrskH3Px1HIuI.js
Frame ID: 7E7B6570AE0B376C3B532D30BEEE0C94
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/sRhYKH_5dmvPrul9dgGb794WXhJ3dcjrskH3Px1HIuI.js
Frame ID: C4D171E16C6AFA1E75AF210D06C93350
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/sRhYKH_5dmvPrul9dgGb794WXhJ3dcjrskH3Px1HIuI.js
Frame ID: D5B225D123538F6F8BE5D61EB59684EA
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNTh_a4CELX1oJkEGIDc4ecBMAE&v=APEucNWlc8mJDmaWRjULJ7rJpXBixKHVJMARzkEJiU1t_OvEugNXx_MphbOG-jSGvWnGR8u62bldtnbTLo51xFJO5V32StK_BpwVYQ1g1ABCZ-L8tfj1nr-xjfl_3ntJgQ4QRQm8DEZ5v32UlUXJx_5alQuLV5yD9bks8KSA74fd40wxOjDJxng
Frame ID: 4E0C43192F53EE17502B6B594D57D62B
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: F5AEF750058C4A83613DE4211B9250A2
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/sRhYKH_5dmvPrul9dgGb794WXhJ3dcjrskH3Px1HIuI.js
Frame ID: CE356C15CC2EC9E20BCE25BD88491B09
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: E4A28279D5879BB9DFFA063EDBDDED12
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 1717CC0C895AEB906F56989A3B116A52
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 196F842017F18FBC5C01F15B8D2D951A
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 9D64F81FE48054F9A6D0C218CC142EFC
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Minecraft.Nagoya

Page URL History Show full URLs

http://minecraft.nagoya/ HTTP 301
https://minecraft.nagoya/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

148
Requests

89 %
HTTPS

58 %
IPv6

26
Domains

37
Subdomains

26
IPs

10
Countries

1693 kB
Transfer

4851 kB
Size

26
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://twitter.com/share
Title: Twitterでツイート

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer.php?u=http://minecraft.nagoya/query/
Title: Facebookでシェア

Search URL Search Domain Scan URL

URL: https://twitter.com/syokkendesuyo
Title: Twitter

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://minecraft.nagoya/ HTTP 301
https://minecraft.nagoya/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 84

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 106

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM6PIFiu20Py9XYNLepkqfM&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM6PIFiu20Py9XYNLepkqfM&google_cver=1&C=1

Request Chain 107

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZFChE6mNTdNneTThFBV.AgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM6PIFiu20Py9XYNLepkqfM&google_cver=1&google_hm=2

Request Chain 108

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEBLRUnKKv4b9aVgmB_IYuPE&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEBLRUnKKv4b9aVgmB_IYuPE%26google_cver%3D1

Request Chain 109

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjM3MTIwNTI3NDgzMTY0Nzg4OA%3D%3D

Request Chain 117

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEA2NISKCr0OehxxzXJmlgBk&google_cver=1&google_push=ATf1kGMvcV7jmGxIBKHbkdQOX6jkeYmLdn4K7v20wALQGLhBRrb20Y_dOnuHKaKKAPvcvyM_hc7Bxm2gwPMVbrsGMnIHjgtieqC0jg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGMvcV7jmGxIBKHbkdQOX6jkeYmLdn4K7v20wALQGLhBRrb20Y_dOnuHKaKKAPvcvyM_hc7Bxm2gwPMVbrsGMnIHjgtieqC0jg

Request Chain 118

https://ads.travelaudience.com/google_pixel?google_gid=CAESEE2fugvQ227Kn3klGEpGBdg&google_cver=1&google_push=ATf1kGN7cJsQYtGZuPTaok1cxxi3En4V4EzMIFsAQla2x4UHQ7G2xmJ8a2eJBZOHIudEojHCl5bBoBbvhOZqnkh7ee4EjUo2PMeV HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=lifrINI0R_iMbHA3Kg9hQg2&google_push=ATf1kGN7cJsQYtGZuPTaok1cxxi3En4V4EzMIFsAQla2x4UHQ7G2xmJ8a2eJBZOHIudEojHCl5bBoBbvhOZqnkh7ee4EjUo2PMeV

Request Chain 119

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESELHeAcDnrg-Ap3YgmGV581M&google_cver=1&google_push=ATf1kGO8VFJrJGwwkt-r_1ZT6ShYK3CjeGR2YHQYPtw1KQpoot7mc0lhQUIDCz3CUrTRJsyuQ50vjomAjloVDd4Q9PTBjsn0Brijvw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGO8VFJrJGwwkt-r_1ZT6ShYK3CjeGR2YHQYPtw1KQpoot7mc0lhQUIDCz3CUrTRJsyuQ50vjomAjloVDd4Q9PTBjsn0Brijvw&google_hm=eS1CWEllaHY5RTJwRzhyVUNKRldQa2lpd09kcEZZOWUxeH5B

Request Chain 121

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESELM-m4TYg1RWGu9SSIUBcF8&google_cver=1&google_push=ATf1kGNFaJHIli_B3gDl2BRIucQT6XBCmazPn-VF2LtywwuSsSfuXV0QYI1rMthNTo7k5XOWQiqr9NwAHI2Gz0fXvI4Wt3cNDW_FSA HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESELM-m4TYg1RWGu9SSIUBcF8&google_cver=1&google_push=ATf1kGNFaJHIli_B3gDl2BRIucQT6XBCmazPn-VF2LtywwuSsSfuXV0QYI1rMthNTo7k5XOWQiqr9NwAHI2Gz0fXvI4Wt3cNDW_FSA&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=8KUjo9MoQ0SxMyblL3kN1w%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ATf1kGNFaJHIli_B3gDl2BRIucQT6XBCmazPn-VF2LtywwuSsSfuXV0QYI1rMthNTo7k5XOWQiqr9NwAHI2Gz0fXvI4Wt3cNDW_FSA

Request Chain 122

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEIWna8-EwgLCTZLpY8G0Sws&google_cver=1&google_push=ATf1kGOHR7Nu9j-xFtiY8UbqLoTfMGzIjupkiIY8ofh71gtW0cGxGQwx_Gd9XjQ0kMj9IiGnqO7EA_sXg1qRYCkPu4Vq1AVHLTFo HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEIWna8-EwgLCTZLpY8G0Sws&google_push=ATf1kGOHR7Nu9j-xFtiY8UbqLoTfMGzIjupkiIY8ofh71gtW0cGxGQwx_Gd9XjQ0kMj9IiGnqO7EA_sXg1qRYCkPu4Vq1AVHLTFo&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEIWna8-EwgLCTZLpY8G0Sws&google_hm=ZFChE6mNTdNneTThFBV-AgAADLEAAAAB&google_nid=index&google_push=ATf1kGOHR7Nu9j-xFtiY8UbqLoTfMGzIjupkiIY8ofh71gtW0cGxGQwx_Gd9XjQ0kMj9IiGnqO7EA_sXg1qRYCkPu4Vq1AVHLTFo

Request Chain 135

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEG8I-lShkf8f1PwOMLWRgro&google_cver=1&google_push=ATf1kGN1wxkKbRTzoflGBOrhx4Zbcu9issiO41yVDbALkPfmhs4n7jTXf0ALyo7SjfpQW0UAkHCQ7cZlyEgCmEQBM-SvOhc7M6H3tA HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEG8I-lShkf8f1PwOMLWRgro&google_cver=1&google_push=ATf1kGN1wxkKbRTzoflGBOrhx4Zbcu9issiO41yVDbALkPfmhs4n7jTXf0ALyo7SjfpQW0UAkHCQ7cZlyEgCmEQBM-SvOhc7M6H3tA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=clhaMnZPbkIxUFRJRnQ1&google_gid=CAESEG8I-lShkf8f1PwOMLWRgro&google_cver=1&google_push=ATf1kGN1wxkKbRTzoflGBOrhx4Zbcu9issiO41yVDbALkPfmhs4n7jTXf0ALyo7SjfpQW0UAkHCQ7cZlyEgCmEQBM-SvOhc7M6H3tA

Request Chain 136

https://a.tribalfusion.com/i.match?p=b6&u=CAESEPZVjsWMErnjeT1eKNmKppY&google_cver=1&google_push=ATf1kGO0kEFOkQWG-uOzoRpUOePSrqQdS5HCv5c5oc3tB7MYbiK91v3Cjr9Q8xFu8xZ16p1SyRtAR9SnELhEMRzfpaCNlpFfBY5rEfI&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGO0kEFOkQWG-uOzoRpUOePSrqQdS5HCv5c5oc3tB7MYbiK91v3Cjr9Q8xFu8xZ16p1SyRtAR9SnELhEMRzfpaCNlpFfBY5rEfI%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEPZVjsWMErnjeT1eKNmKppY&google_cver=1&google_push=ATf1kGO0kEFOkQWG-uOzoRpUOePSrqQdS5HCv5c5oc3tB7MYbiK91v3Cjr9Q8xFu8xZ16p1SyRtAR9SnELhEMRzfpaCNlpFfBY5rEfI&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGO0kEFOkQWG-uOzoRpUOePSrqQdS5HCv5c5oc3tB7MYbiK91v3Cjr9Q8xFu8xZ16p1SyRtAR9SnELhEMRzfpaCNlpFfBY5rEfI%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 137

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEO9ldJWOdyFM_7aXaDO9a38&google_cver=1&google_push=ATf1kGOhIcwKU9J0giJhKiRiXfnfNfmkEe0JtE5eCzeZHgvuImNkedh5QWNWXqiSPlRpRdgcdWXRRWAAv33qi1IonQGsBZ03b8eBj5I HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIyODQ1NDUwNDkyMDk3MTQxMQ%3D%3D&google_push=ATf1kGOhIcwKU9J0giJhKiRiXfnfNfmkEe0JtE5eCzeZHgvuImNkedh5QWNWXqiSPlRpRdgcdWXRRWAAv33qi1IonQGsBZ03b8eBj5I

Request Chain 138

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESELHeAcDnrg-Ap3YgmGV581M&google_cver=1&google_push=ATf1kGOuP6rGbJT7v-76_ax0u2nvprDpHgM1eso7PI4hNDh_JdAsYEff0dpl45DoS19d3RPE5ClQq6R95GDBPBnkqKV90P71RHXOxnM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGOuP6rGbJT7v-76_ax0u2nvprDpHgM1eso7PI4hNDh_JdAsYEff0dpl45DoS19d3RPE5ClQq6R95GDBPBnkqKV90P71RHXOxnM&google_hm=eS1CWEllaHY5RTJwRzhyVUNKRldQa2lpd09kcEZZOWUxeH5B

Request Chain 139

https://d5p.de17a.com/cookies/google?google_gid=CAESEF74fXQx2lAIv6dKjaw_tDY&google_cver=1&google_push=ATf1kGNf23DT1hsa41r9q0KBqDDHvkwidjio03R1ofI5FOKgKzsN_V7Eq2kqW1JdNV8VkWXLf8s8Q54owp73qTi_YKfcYMn7-jLMsmM HTTP 302
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEF74fXQx2lAIv6dKjaw_tDY&google_cver=1&google_push=ATf1kGNf23DT1hsa41r9q0KBqDDHvkwidjio03R1ofI5FOKgKzsN_V7Eq2kqW1JdNV8VkWXLf8s8Q54owp73qTi_YKfcYMn7-jLMsmM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ATf1kGNf23DT1hsa41r9q0KBqDDHvkwidjio03R1ofI5FOKgKzsN_V7Eq2kqW1JdNV8VkWXLf8s8Q54owp73qTi_YKfcYMn7-jLMsmM

Request Chain 140

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEHbtkvei_FKEIlfWGyNkS_E&google_cver=1&google_push=ATf1kGNPZplWuubpwBEO5YZe92qNwET-NWW5TNNnbPBQM0KbaP9kaM7ecuqg4shH7buPo3JPQQrc28RNDe-Egv-E_mWNlhCKfTYbNw HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEHbtkvei_FKEIlfWGyNkS_E&google_cver=1&google_push=ATf1kGNPZplWuubpwBEO5YZe92qNwET-NWW5TNNnbPBQM0KbaP9kaM7ecuqg4shH7buPo3JPQQrc28RNDe-Egv-E_mWNlhCKfTYbNw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTk1ODUwOTE0MTczNDE0NTY2Nw&google_push=ATf1kGNPZplWuubpwBEO5YZe92qNwET-NWW5TNNnbPBQM0KbaP9kaM7ecuqg4shH7buPo3JPQQrc28RNDe-Egv-E_mWNlhCKfTYbNw

Request Chain 141

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESELM-m4TYg1RWGu9SSIUBcF8&google_cver=1&google_push=ATf1kGNxrQ-ilYuvwJ1aZfe9U88usk8m9pCd1PMOG6n5gu95_mcyLxg9Z-KCSv4B4sWyglUoKzUeQRYK_ktLn9H2ff1ibWcinmlgeXs HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=nDawW8KdTt-LY963v9n6Hw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ATf1kGNxrQ-ilYuvwJ1aZfe9U88usk8m9pCd1PMOG6n5gu95_mcyLxg9Z-KCSv4B4sWyglUoKzUeQRYK_ktLn9H2ff1ibWcinmlgeXs

148 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
minecraft.nagoya/
Redirect Chain

http://minecraft.nagoya/
https://minecraft.nagoya/

7 KB
3 KB

553ms
509ms

Document
text/html

2606:4700:3036::ac43:bd6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://minecraft.nagoya/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:bd6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: 88a95882581fbaf9d0d9e44f5707f6dd1bf350eaddd791b463fcec00017d69f1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7c0de645cd9c3623-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 02 May 2023 05:35:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ml4pDtQjbkqGsOuuQ5DBkX7Pvevxa3vesrCZk0lwhuv95Smv6WxDtaEFI9Ehbx9nNFTr3J0PhyayRsf%2BcCHEbe7XOEhisH8vgV8HoHCDOQMEfORaPAejYXafqWv%2BIFF0feKAgixurqMHCZuuYcOf"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/7.4.33
x-turbo-charged-by: LiteSpeed

Redirect headers

CF-RAY: 7c0de64549972bc1-FRA
Cache-Control: max-age=3600
Connection: keep-alive
Date: Tue, 02 May 2023 05:35:12 GMT
Expires: Tue, 02 May 2023 06:35:12 GMT
Location: https://minecraft.nagoya/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ROYbkl7AyGrOFqB10QM1wk4HF2dZIpPLOowKQgahQy995%2FXjDMYPwRe%2BBaNjM71g2LmSlCFLhXSXwBLp1ofToEVIuI4Zm8GvElZylMModXyenF1o9wLWBq7O5uaYHlfPu9GBRf90UaJpTW%2FEwFKd"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 136 KB
47 KB 128ms
76ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: minecraft.nagoya
URL: https://minecraft.nagoya/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c433b337c1f2767f0de7736f2bf84d9d5068ea2a0eb6f1a638f7b9c35eaf0a5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://minecraft.nagoya/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 05:35:12 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47273
x-xss-protection: 0
server: cafe
etag: 9715043916670036947
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 02 May 2023 05:35:12 GMT

GET
H2 200 bootstrap.css
minecraft.nagoya/css/ 189 KB
26 KB 754ms
753ms Stylesheet
text/css 2606:4700:3036::ac43:bd6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://minecraft.nagoya/css/bootstrap.css
Requested by: Host: minecraft.nagoya
URL: https://minecraft.nagoya/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:bd6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a1f6a852ea922e4e8b7b1699f790cd73ee3ff02b6d65c2bf1abf392c8f88b582

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://minecraft.nagoya/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 05:35:13 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 02 Aug 2018 11:57:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"2f4c1-5b62f1b4-e353c99ffae6730d;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fYdBhptMQ9DP1x6RkQfT301T10uF9p4Tau4hR5Hu32TXIeQtz7rYQ9G%2BnFUo8izcAwWdDvo%2F2vFJdWTqIsrmCvwdC0MfKkhBOWHkOwXAsgs90wlOQy9HFG155qdJkiAp8ZxiacM3AQ%2F5D5eiKPcR"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7c0de648f8943623-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 09 May 2023 05:35:13 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.1.1/ 82 KB
30 KB 75ms
22ms Script
text/javascript 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js

Requested by

Host: minecraft.nagoya
URL: https://minecraft.nagoya/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://minecraft.nagoya/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 07:34:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 79230
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29671
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 30 Apr 2024 07:34:42 GMT

GET
H2 200 bootstrap.min.js Show response
minecraft.nagoya/js/ 57 KB
16 KB 724ms
723ms Script
application/x-javascript 2606:4700:3036::ac43:bd6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://minecraft.nagoya/js/bootstrap.min.js
Requested by: Host: minecraft.nagoya
URL: https://minecraft.nagoya/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:bd6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://minecraft.nagoya/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 05:35:13 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"e2d8-1dc09d84-1ccae3f2ab65a54c;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QDiKbDR7knpEWPDAuPRWM%2FToYvj9TTeUV4jDQ5c3g%2BhlnF%2BVc3%2B8YLkUk73lhQV5BC1Sa8ve1zHsz%2Bf8zowi8I8T5KOUpaf3tK0G%2BAjmrcRUhe83AzG9X19ov7NHcs706nMyG8dAfdfKzSWK66GD"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7c0de648f8963623-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 09 May 2023 05:35:13 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304260101/ 354 KB
119 KB 107ms
106ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304260101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6667105062117622&plah=minecraft.nagoya

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eceba5c1b7d5a48dc8ec0773f2d84b3ce2fdf725933eda1fbea17126e2c6ef90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://minecraft.nagoya/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 05:35:13 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 121996
x-xss-protection: 0
server: cafe
etag: 11492783817161306711
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 02 May 2023 05:35:13 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230426/r20190131/ Frame 7E76 10 KB
5 KB 69ms
20ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230426/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://minecraft.nagoya/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 82048
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 01 May 2023 06:47:45 GMT
etag: 2378337311435320485
expires: Mon, 15 May 2023 06:47:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 51 KB
21 KB 69ms
20ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: minecraft.nagoya
URL: https://minecraft.nagoya/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://minecraft.nagoya/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 02 May 2023 05:05:04 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 1809
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Tue, 02 May 2023 07:05:04 GMT

GET
H2 200 widgets.js Show response
platform.twitter.com/ 91 KB
27 KB 100ms
26ms Script
application/javascript 199.232.148.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: minecraft.nagoya
URL: https://minecraft.nagoya/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.148.157 Amsterdam, Netherlands, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 392c9fa9cd1273a2a89d1a83a69cd1f63f21d1d55e7be21e1d8f51f25145668b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://minecraft.nagoya/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 05:35:13 GMT
content-encoding: gzip
x-amz-server-side-encryption: AES256
x-cache: MISS, HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-length: 27630
x-served-by: cache-iad-kiad7000096-IAD, cache-ams12741-AMS
last-modified: Tue, 24 Jan 2023 21:41:51 GMT
etag: "9e99725b7a4cd730a934afba2a438bb5+gzip"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=1800
accept-ranges: bytes
tw-cdn: FT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 16 B
222 B 27ms
27ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j100&a=617088275&t=pageview&_s=1&dl=https%3A%2F%2Fminecraft.nagoya%2F&ul=en-us&de=UTF-8&dt=Minecraft.Nagoya&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=614486004&gjid=1711939788&cid=1412944886.1683005714&tid=UA-33884010-4&_gid=2037168531.1683005714&_r=1&_slc=1&z=139755686

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

14a49d3789d9242d33d48bf8b536a6cc9b5a17eb21dcf90b289ed5015a8c339c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://minecraft.nagoya/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 02 May 2023 05:35:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://minecraft.nagoya
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
346 B 89ms
29ms XHR
text/plain 2a00:1450:400c:c07::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-33884010-4&cid=1412944886.1683005714&jid=614486004&gjid=1711939788&_gid=2037168531.1683005714&_u=IEBAAEAAAAAAACAAI~&z=587575747

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://minecraft.nagoya/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 02 May 2023 05:35:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://minecraft.nagoya
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 201 KB
72 KB 85ms
37ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-65P2VB0SET&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6a160163eba6007a47cdecdab07ec5d3d2ec6e793774d44a1e36708755a28260

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://minecraft.nagoya/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 05:35:13 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 73540
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 02 May 2023 05:35:13 GMT

GET
H2 200 widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html Show response
platform.twitter.com/widgets/ Frame 9502 320 KB
103 KB 27ms
26ms Document
text/html 199.232.148.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fminecraft.nagoya
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.148.157 Amsterdam, Netherlands, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf

Request headers

Referer: https://minecraft.nagoya/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: public, max-age=315360000
content-encoding: gzip
content-length: 105435
content-type: text/html; charset=utf-8
date: Tue, 02 May 2023 05:35:13 GMT
etag: "95e1b50b0c179aefb47b5b211bb347b5+gzip"
last-modified: Tue, 24 Jan 2023 21:41:13 GMT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
tw-cdn: FT
vary: Accept-Encoding
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-served-by: cache-iad-kjyo7100105-IAD, cache-ams12741-AMS

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 9502 799 B
641 B 186ms
122ms Fetch
application/json 104.244.42.200
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=6dedefbfefd2dcd9ca6dda50e4bb86010fce03ad

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fminecraft.nagoya

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.200 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

647019f8c96503afffc80d4a4c6f140ba772320ff4814695ceb455761dfb25bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-response-time: 102
date: Tue, 02 May 2023 05:35:13 GMT
content-encoding: gzip
strict-transport-security: max-age=631138519
last-modified: Tue, 02 May 2023 05:35:13 GMT
server: tsa_o
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
x-transaction-id: f7736b65c9f21009
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
perf: 7626143928
x-connection-hash: e1567779352d34830aea9fef7e2a56271320c0dfca2864e568f411fc4a735b08
content-length: 321

POST
H2 204 collect
region1.google-analytics.com/g/ 0
254 B 78ms
28ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-65P2VB0SET&gtm=45je34q0&_p=617088275&cid=1412944886.1683005714&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EBA&_s=1&sid=1683005713&sct=1&seg=0&dl=https%3A%2F%2Fminecraft.nagoya%2F&dt=Minecraft.Nagoya&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-65P2VB0SET&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://minecraft.nagoya/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 May 2023 05:35:13 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://minecraft.nagoya
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 399 B
612 B 82ms
27ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=minecraft.nagoya&callback=_gfp_s_&client=ca-pub-6667105062117622

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304260101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6667105062117622&plah=minecraft.nagoya

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

794c39fc5a469edc267bd06213a221854a3c741de8221e185f141dc432619adf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://minecraft.nagoya/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 05:35:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 261
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 94ms
30ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=minecraft.nagoya

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://minecraft.nagoya/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 05:35:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 81ms
30ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=minecraft.nagoya

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://minecraft.nagoya/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 05:35:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7905 504 KB
95 KB 639ms
638ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6667105062117622&output=html&adk=1812271804&adf=3025194257&lmt=1683005713&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_l%7C212x945_r&format=0x0&url=https%3A%2F%2Fminecraft.nagoya%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683005712959&bpp=604&bdt=173&idt=870&shv=r20230426&mjsv=m202304260101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3146917329212&frm=20&pv=2&ga_vid=1412944886.1683005714&ga_sid=1683005714&ga_hid=617088275&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44773810%2C44759837%2C44759875%2C31073973%2C44788442%2C44789761%2C44790154&oid=2&pvsid=283296863923680&tmod=582782916&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=886

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84f2a35a6292cf7ad1e43ec9603349fe37590bf693d11d1a76af48e52c3ee8b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://minecraft.nagoya/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 97351
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 02 May 2023 05:35:14 GMT
expires: Tue, 02 May 2023 05:35:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1468 108 KB
35 KB 533ms
533ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6667105062117622&output=html&h=200&slotname=4471336796&adk=537440905&adf=854766408&pi=t.ma~as.4471336796&w=1110&fwrn=4&lmt=1683005713&rafmt=11&format=1110x200&url=https%3A%2F%2Fminecraft.nagoya%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683005713563&bpp=13&bdt=777&idt=285&shv=r20230426&mjsv=m202304260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3146917329212&frm=20&pv=1&ga_vid=1412944886.1683005714&ga_sid=1683005714&ga_hid=617088275&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=541&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44773810%2C44759837%2C44759875%2C31073973%2C44788442%2C44789761%2C44790154&oid=2&pvsid=283296863923680&tmod=582782916&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=vYdYhsyMX2&p=https%3A//minecraft.nagoya&dtd=289

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7c69bfc0b19c4f2d1eb6451e4f2847ce1455baa9463fda89a0dff54625c62f36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://minecraft.nagoya/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 35656
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 02 May 2023 05:35:14 GMT
expires: Tue, 02 May 2023 05:35:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame 1468 9 KB
1 KB 79ms
30ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6667105062117622&output=html&h=200&slotname=4471336796&adk=537440905&adf=854766408&pi=t.ma~as.4471336796&w=1110&fwrn=4&lmt=1683005713&rafmt=11&format=1110x200&url=https%3A%2F%2Fminecraft.nagoya%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683005713563&bpp=13&bdt=777&idt=285&shv=r20230426&mjsv=m202304260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3146917329212&frm=20&pv=1&ga_vid=1412944886.1683005714&ga_sid=1683005714&ga_hid=617088275&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=541&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44773810%2C44759837%2C44759875%2C31073973%2C44788442%2C44789761%2C44790154&oid=2&pvsid=283296863923680&tmod=582782916&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=vYdYhsyMX2&p=https%3A//minecraft.nagoya&dtd=289

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

400fabe35a47597142482001174f415493a18dc7e1d35f2f66385013b7dd1e02

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 02 May 2023 05:35:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 02 May 2023 04:18:05 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 02 May 2023 05:35:14 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/ Frame 1468 2 KB
846 B 83ms
27ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 20:09:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33969
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 15 May 2023 20:09:05 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 1468 0
0 68ms
67ms Fetch
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=COf2fEaFQZLLANoe0ywXVpZ9Y4cX4zm7xpYuKuQjAjbcBEAEgtuO-RGCV6o6CnAegAcixqc0DyAEJqAMByAPLBKoEzgFP0DGWDvbrYNVBlmv6uTroEHHoCttLekeB-_nffr_3i-fL0vL1_CvXM7l76TUEMqpiwLNwXXjdTAiCoCcsgTWVcJvkfqbP0as-CciTfKpq960ofU31aHEMvv4fzyI6dmVC-0SSVvb9NR1R7eZTwArzGUBNm6qJGRZPNGN9h5_tEXInNIfS4HPkj8Hu6__HsFHVLRs70SR0aY-3FYrIeDijPZHz1ozV8EdrByoirEY55Bw318fdwRqsnbBUkAKOy-uvdIXjYTO6cY5lxpp-3MAEz_uxgvQBkgUECAQYAZIFBAgFGASgBi6AB-Tq4jWoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBDIlh7SCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTDIgUFtAVAYAXAbIXHAoaCAASFHB1Yi02NjY3MTA1MDYyMTE3NjIyGAA&sigh=WKtX35C2QK4&uach_m=[UACH]&cid=CAQSGwBygQiDjFpXjIbBseZajYI_2Bv4Dbl5g3sbUBgB&template_id=5000

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6667105062117622&output=html&h=200&slotname=4471336796&adk=537440905&adf=854766408&pi=t.ma~as.4471336796&w=1110&fwrn=4&lmt=1683005713&rafmt=11&format=1110x200&url=https%3A%2F%2Fminecraft.nagoya%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683005713563&bpp=13&bdt=777&idt=285&shv=r20230426&mjsv=m202304260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3146917329212&frm=20&pv=1&ga_vid=1412944886.1683005714&ga_sid=1683005714&ga_hid=617088275&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=541&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44773810%2C44759837%2C44759875%2C31073973%2C44788442%2C44789761%2C44790154&oid=2&pvsid=283296863923680&tmod=582782916&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=vYdYhsyMX2&p=https%3A//minecraft.nagoya&dtd=289
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 02 May 2023 05:35:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 02 May 2023 05:35:14 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230426/r20110914/ Frame 1468 22 KB
9 KB 71ms
21ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ec81013fada9e239bb9d91316ba5cdfffaf0f7a1ea4220ae81c271db75b71a5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 10:51:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67409
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8751
x-xss-protection: 0
server: cafe
etag: 8024400250147624166
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 15 May 2023 10:51:45 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/ Frame 1468 3 KB
1 KB 76ms
27ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 16:46:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46142
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 15 May 2023 16:46:12 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/ Frame 1468 19 KB
8 KB 72ms
24ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c7fc4a99ab664906d545b36b310a40b58d9e41986fcd9318ac8f6f90e41d61b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 02:01:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12845
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7966
x-xss-protection: 0
server: cafe
etag: 10783182253924109600
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 16 May 2023 02:01:09 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1468 160 KB
49 KB 97ms
29ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dcef0a2eb37a3d8e32ddf11f664b3375a06980cf33792aa7bfb798b15cb646d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 05:35:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50021
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1682940967289926"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 02 May 2023 05:35:14 GMT

GET
H2 200 dc885651c24f3a38cf2b2dda4c5c7197.js Show response
www.gstatic.com/mysidia/ Frame 1468 32 KB
14 KB 87ms
22ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/dc885651c24f3a38cf2b2dda4c5c7197.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

14c77f954be37da1e7fba8efd1279e7ece7e384d33b8375d6e6a1ce013daaf47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 00:42:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17549
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13586
x-xss-protection: 0
last-modified: Thu, 27 Apr 2023 20:09:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 31 Jul 2023 00:42:45 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/6528039975527766319/ Frame 1468 9 KB
10 KB 85ms
37ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6528039975527766319/14763004658117789537?w=400&h=209

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

51b9a80bb5b987880dbde1d15bc552bb7ef1881b7d6a25b18bda20341b12e2cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 07:01:17 GMT
x-content-type-options: nosniff
age: 81237
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9591
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 15:56:27 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 30 Apr 2024 07:01:17 GMT

GET
DATA 200
OK truncated
/ Frame 1468 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 1468 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9e5e995f0936d63304195ab72af99edee3c10d218a5d57719b13c94780631127

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 1468 208 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c7d17a3e6528beb63aff730be45579dea592f4e960ece6d0b6c1daa1ddef1340

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304260101/ 148 KB
50 KB 69ms
68ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304260101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ee5932bea2ae4239b9f2f5193f46427d7ada7db0bf299b1646a1c20e9008a2c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://minecraft.nagoya/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 05:35:14 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51494
x-xss-protection: 0
server: cafe
etag: 4900799611035833453
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 02 May 2023 05:35:14 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 32ms
31ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=minecraft.nagoya

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://minecraft.nagoya/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 05:35:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 31ms
30ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=minecraft.nagoya

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://minecraft.nagoya/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 05:35:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 244A 104 KB
36 KB 806ms
806ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6667105062117622&output=html&h=280&adk=3898524957&adf=2723329071&pi=t.aa~a.4118584550~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1683005714&rafmt=1&to=qs&pwprc=9570826514&format=1110x280&url=https%3A%2F%2Fminecraft.nagoya%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683005714555&bpp=1&bdt=1769&idt=-M&shv=r20230426&mjsv=m202304260101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D154d9255d3c89d67-227c4f41b6dd0061%3AT%3D1683005713%3ART%3D1683005713%3AS%3DALNI_MZvsZ2WKGHBjjuP__yWjPzGgmBKEg&gpic=UID%3D00000bf3cd2149b3%3AT%3D1683005713%3ART%3D1683005713%3AS%3DALNI_MYmxOVbpcCEq-lthveDompEJESYpA&prev_fmts=0x0%2C1110x200&nras=2&correlator=3146917329212&frm=20&pv=1&ga_vid=1412944886.1683005714&ga_sid=1683005714&ga_hid=617088275&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1384&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44773810%2C44759837%2C44759875%2C31073973%2C44788442%2C44789761%2C44790154&oid=2&psts=ABHeCvg_rXXaSNqtS_5Jwz-BaRNGes2UPiKyLmZcBlGPVXPTdUn08pRYX_TNnTCEBgG0Piowk6XXMWG6p8FIXzctjLiDNQ&pvsid=283296863923680&tmod=582782916&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=eF2AM45bcn&p=https%3A//minecraft.nagoya&dtd=8

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3b2f6d7b6819c616dc6530caa4a987a9f7f37f7fef279dae62124b75c26a8240

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://minecraft.nagoya/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 36637
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 02 May 2023 05:35:15 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8427 18 KB
9 KB 764ms
764ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6667105062117622&output=html&h=90&adk=377016393&adf=2556572655&pi=t.aa~a.4118573133~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1683005714&rafmt=1&to=qs&pwprc=9570826514&format=1110x90&url=https%3A%2F%2Fminecraft.nagoya%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683005714555&bpp=1&bdt=1769&idt=1&shv=r20230426&mjsv=m202304260101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D154d9255d3c89d67-227c4f41b6dd0061%3AT%3D1683005713%3ART%3D1683005713%3AS%3DALNI_MZvsZ2WKGHBjjuP__yWjPzGgmBKEg&gpic=UID%3D00000bf3cd2149b3%3AT%3D1683005713%3ART%3D1683005713%3AS%3DALNI_MYmxOVbpcCEq-lthveDompEJESYpA&prev_fmts=0x0%2C1110x200%2C1110x280&nras=3&correlator=3146917329212&frm=20&pv=1&ga_vid=1412944886.1683005714&ga_sid=1683005714&ga_hid=617088275&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1890&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44773810%2C44759837%2C44759875%2C31073973%2C44788442%2C44789761%2C44790154&oid=2&psts=ABHeCvg_rXXaSNqtS_5Jwz-BaRNGes2UPiKyLmZcBlGPVXPTdUn08pRYX_TNnTCEBgG0Piowk6XXMWG6p8FIXzctjLiDNQ&pvsid=283296863923680&tmod=582782916&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=n7lofGT3aU&p=https%3A//minecraft.nagoya&dtd=13

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d7c03a67df15cb013a2b10103e5a694d2f5620cd05c0195c2205c4b078e90624

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://minecraft.nagoya/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 8701
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 02 May 2023 05:35:15 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v46/ Frame 1468 29 KB
30 KB 81ms
22ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v46/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45a61a04904fc2115c440a349a65dc93d2965b0b24dc5a8172bd8b792bdbf103

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 22:26:30 GMT
x-content-type-options: nosniff
age: 198524
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29728
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 16:59:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Apr 2024 22:26:30 GMT

GET
H3 200 sRhYKH_5dmvPrul9dgGb794WXhJ3dcjrskH3Px1HIuI.js Show response
pagead2.googlesyndication.com/bg/ Frame 7B17 36 KB
14 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/sRhYKH_5dmvPrul9dgGb794WXhJ3dcjrskH3Px1HIuI.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b11858287ff9766bcfaee97d76019befde165e127775c8ebb241f73f1d4722e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 06:55:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81567
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14021
x-xss-protection: 0
last-modified: Tue, 25 Apr 2023 09:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 30 Apr 2024 06:55:47 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 35ms
35ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=minecraft.nagoya

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://minecraft.nagoya/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 05:35:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 35ms
34ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=minecraft.nagoya

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://minecraft.nagoya/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 05:35:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/ Frame DAA0 10 KB
4 KB 22ms
21ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://minecraft.nagoya/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 82045
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 01 May 2023 06:47:49 GMT
etag: 2378337311435320485
expires: Mon, 15 May 2023 06:47:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/ Frame 7CEC 10 KB
4 KB 25ms
24ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://minecraft.nagoya/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 82045
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 01 May 2023 06:47:49 GMT
etag: 2378337311435320485
expires: Mon, 15 May 2023 06:47:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/ Frame 6BF3 10 KB
4 KB 23ms
22ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://minecraft.nagoya/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 82045
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 01 May 2023 06:47:49 GMT
etag: 2378337311435320485
expires: Mon, 15 May 2023 06:47:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/ Frame 60A7 10 KB
4 KB 25ms
24ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://minecraft.nagoya/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 82045
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 01 May 2023 06:47:49 GMT
etag: 2378337311435320485
expires: Mon, 15 May 2023 06:47:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame DAA0 5 KB
732 B 31ms
30ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

831997ce334905a4fc3c7f0673c30bd34701f9810d87b19335aea228804ae38a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 02 May 2023 05:35:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 02 May 2023 03:50:09 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 02 May 2023 05:35:14 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame DAA0 205 B
294 B 24ms
22ms Image
image/png 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 04:31:53 GMT
x-content-type-options: nosniff
age: 3801
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 01 May 2024 04:31:53 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame DAA0 604 B
919 B 23ms
22ms Image
image/png 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 02:25:22 GMT
x-content-type-options: nosniff
age: 11392
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 01 May 2024 02:25:22 GMT

GET
H2 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230426/r20110914/elements/html/ Frame DAA0 12 KB
5 KB 25ms
23ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8beabe16b2d22cfd6e99cf22b11e1cc4c8e09a2d1d48c3ada8602eb387e7713

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 13:59:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56151
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5511
x-xss-protection: 0
server: cafe
etag: 9409473563932297666
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 15 May 2023 13:59:23 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230426/r20110914/elements/html/ Frame DAA0 19 KB
8 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0761599a569a3a6c03de9e05afc2cf135fb6581abb26c89b3615f46988b31fad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 20:31:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32597
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8031
x-xss-protection: 0
server: cafe
etag: 4566461469134147509
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 15 May 2023 20:31:57 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/ Frame 7CEC 2 KB
799 B 20ms
20ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 20:09:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33969
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 15 May 2023 20:09:05 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230426/r20110914/ Frame 7CEC 22 KB
9 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ec81013fada9e239bb9d91316ba5cdfffaf0f7a1ea4220ae81c271db75b71a5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 10:51:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67409
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8751
x-xss-protection: 0
server: cafe
etag: 8024400250147624166
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 15 May 2023 10:51:45 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/ Frame 7CEC 3 KB
1 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 16:46:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46142
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 15 May 2023 16:46:12 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/ Frame 7CEC 19 KB
8 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c7fc4a99ab664906d545b36b310a40b58d9e41986fcd9318ac8f6f90e41d61b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 02:01:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12845
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7966
x-xss-protection: 0
server: cafe
etag: 10783182253924109600
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 16 May 2023 02:01:09 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7CEC 160 KB
49 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dcef0a2eb37a3d8e32ddf11f664b3375a06980cf33792aa7bfb798b15cb646d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 05:35:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50021
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1682940967289926"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 02 May 2023 05:35:14 GMT

GET
H2 200 dc885651c24f3a38cf2b2dda4c5c7197.js Show response
www.gstatic.com/mysidia/ Frame 7CEC 32 KB
13 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/dc885651c24f3a38cf2b2dda4c5c7197.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

14c77f954be37da1e7fba8efd1279e7ece7e384d33b8375d6e6a1ce013daaf47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 00:42:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17549
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13586
x-xss-protection: 0
last-modified: Thu, 27 Apr 2023 20:09:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 31 Jul 2023 00:42:45 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/ Frame 6BF3 2 KB
799 B 20ms
19ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 20:09:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33969
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 15 May 2023 20:09:05 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230426/r20110914/ Frame 6BF3 22 KB
9 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ec81013fada9e239bb9d91316ba5cdfffaf0f7a1ea4220ae81c271db75b71a5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 10:51:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67409
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8751
x-xss-protection: 0
server: cafe
etag: 8024400250147624166
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 15 May 2023 10:51:45 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/ Frame 6BF3 3 KB
1 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 16:46:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46142
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 15 May 2023 16:46:12 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/ Frame 6BF3 19 KB
8 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c7fc4a99ab664906d545b36b310a40b58d9e41986fcd9318ac8f6f90e41d61b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 02:01:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12845
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7966
x-xss-protection: 0
server: cafe
etag: 10783182253924109600
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 16 May 2023 02:01:09 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6BF3 160 KB
49 KB 57ms
57ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dcef0a2eb37a3d8e32ddf11f664b3375a06980cf33792aa7bfb798b15cb646d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 05:35:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50021
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1682940967289926"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 02 May 2023 05:35:14 GMT

GET
H2 200 dc885651c24f3a38cf2b2dda4c5c7197.js Show response
www.gstatic.com/mysidia/ Frame 6BF3 32 KB
13 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/dc885651c24f3a38cf2b2dda4c5c7197.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

14c77f954be37da1e7fba8efd1279e7ece7e384d33b8375d6e6a1ce013daaf47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 00:42:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17549
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13586
x-xss-protection: 0
last-modified: Thu, 27 Apr 2023 20:09:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 31 Jul 2023 00:42:45 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 60A7 4 KB
718 B 33ms
30ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

12a3831e778d8969aad8052ad463f9ecc63745c97c994c4e8b15c04e46f49b39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 02 May 2023 05:35:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 02 May 2023 04:32:17 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 02 May 2023 05:35:14 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/ Frame 60A7 2 KB
799 B 21ms
21ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 20:09:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33969
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 15 May 2023 20:09:05 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 60A7 0
0 68ms
68ms Fetch
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CUD7HEaFQZPWlNpuAxdwPgO-gwAzhxfjObsa9rZShCMq6jPG-ARABILbjvkRglQKgAcixqc0DyAEJqAMByAPLBKoEzgFP0JBT0aDCVS5DZRINy8Sp1flQK5uqdnoshkhC5PvvhIsBMv12IQ4DwqwT1FiZ1ZOgtSCGhzz2VqnVVY0xCsZTZPzG9uhVUGTTwXhW8qLoVOA3XrRkljQjKBc_wG_Wl7RiSloYhTOch9dB4r2THNmstYDkKco00BPJaXfyj7Mn5v_z9-QWNGFkJpFFfZU8TQjbPv9HlRc4al_R9q-NkndbLEShazlKZ9zRIZhM3C1IxLUHyYO4DgVs_HKZGXx1IGYSvbNWz4Wh2tJcs-ZPIsAE2KSrsecBkgUECAQYAZIFBAgFGASgBi6AB-Tq4jWoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBC08QbSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAbgT5APYEwyIFBbQFQGAFwGyFxwKGggAEhRwdWItNjY2NzEwNTA2MjExNzYyMhgA&sigh=CY6mJtqcy4I&uach_m=[UACH]&cid=CAQSGwBygQiDylXc0alZ7uS5o2GGBJwmoWxyjKS81BgB&template_id=484

Requested by

Host: minecraft.nagoya
URL: https://minecraft.nagoya/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 02 May 2023 05:35:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230426/r20110914/ Frame 60A7 22 KB
9 KB 24ms
19ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ec81013fada9e239bb9d91316ba5cdfffaf0f7a1ea4220ae81c271db75b71a5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 10:51:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67409
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8751
x-xss-protection: 0
server: cafe
etag: 8024400250147624166
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 15 May 2023 10:51:45 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/ Frame 60A7 3 KB
1 KB 28ms
23ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 16:46:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46142
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 15 May 2023 16:46:12 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/ Frame 60A7 19 KB
8 KB 26ms
22ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c7fc4a99ab664906d545b36b310a40b58d9e41986fcd9318ac8f6f90e41d61b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 02:01:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12845
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7966
x-xss-protection: 0
server: cafe
etag: 10783182253924109600
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 16 May 2023 02:01:09 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 60A7 160 KB
49 KB 35ms
31ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dcef0a2eb37a3d8e32ddf11f664b3375a06980cf33792aa7bfb798b15cb646d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 05:35:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50021
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1682940967289926"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 02 May 2023 05:35:14 GMT

GET
H2 200 dc885651c24f3a38cf2b2dda4c5c7197.js Show response
www.gstatic.com/mysidia/ Frame 60A7 32 KB
13 KB 25ms
21ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/dc885651c24f3a38cf2b2dda4c5c7197.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

14c77f954be37da1e7fba8efd1279e7ece7e384d33b8375d6e6a1ce013daaf47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 00:42:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17549
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13586
x-xss-protection: 0
last-modified: Thu, 27 Apr 2023 20:09:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 31 Jul 2023 00:42:45 GMT

GET
H2 200 6592766407814317453
tpc.googlesyndication.com/simgad/13275614622470783077/ Frame 60A7 13 KB
13 KB 28ms
24ms Image
image/jpeg 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13275614622470783077/6592766407814317453

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

257a2c7508baa19693d8fa2a393c81afe3039547ef42f1f2a1ac574df28df1e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 15:38:48 GMT
x-content-type-options: nosniff
age: 50186
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12867
x-xss-protection: 0
last-modified: Wed, 06 Nov 2019 09:46:29 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 30 Apr 2024 15:38:48 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/4115433537657581692/ Frame 60A7 2 KB
2 KB 27ms
24ms Image
image/jpeg 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4115433537657581692/14763004658117789537?w=100&h=100

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aba72ebe76783eb13a713b86a7b1176777103ac6c67d9cd02562351cee04ecf7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 07:00:28 GMT
x-content-type-options: nosniff
age: 81286
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2164
x-xss-protection: 0
last-modified: Fri, 11 Nov 2022 08:48:38 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 30 Apr 2024 07:00:28 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame BF1D 249 B
267 B 34ms
34ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400&text=%E9%96%89%E3%81%98%E3%82%8B

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3a4f88e910ae8c02a8ea28994983972195bab4636486d751b1820ae8880969f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 02 May 2023 05:35:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/bcfae741e379a885f2ab2cf83ebe6d32
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 02 May 2023 05:35:14 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 02 May 2023 05:35:14 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame BF1D 9 KB
921 B 32ms
32ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

400fabe35a47597142482001174f415493a18dc7e1d35f2f66385013b7dd1e02

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 02 May 2023 05:35:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 02 May 2023 04:22:29 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 02 May 2023 05:35:14 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/ Frame BF1D 2 KB
765 B 21ms
21ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 20:09:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33969
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 15 May 2023 20:09:05 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230426/r20110914/ Frame BF1D 22 KB
9 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ec81013fada9e239bb9d91316ba5cdfffaf0f7a1ea4220ae81c271db75b71a5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 10:51:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67409
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8751
x-xss-protection: 0
server: cafe
etag: 8024400250147624166
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 15 May 2023 10:51:45 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/ Frame BF1D 3 KB
1 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 16:46:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46142
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 15 May 2023 16:46:12 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/ Frame BF1D 19 KB
8 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c7fc4a99ab664906d545b36b310a40b58d9e41986fcd9318ac8f6f90e41d61b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 02:01:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12845
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7966
x-xss-protection: 0
server: cafe
etag: 10783182253924109600
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 16 May 2023 02:01:09 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame BF1D 160 KB
49 KB 30ms
29ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dcef0a2eb37a3d8e32ddf11f664b3375a06980cf33792aa7bfb798b15cb646d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 05:35:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50021
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1682940967289926"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 02 May 2023 05:35:14 GMT

GET
H3 200 dc885651c24f3a38cf2b2dda4c5c7197.js Show response
www.gstatic.com/mysidia/ Frame BF1D 32 KB
13 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/dc885651c24f3a38cf2b2dda4c5c7197.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

14c77f954be37da1e7fba8efd1279e7ece7e384d33b8375d6e6a1ce013daaf47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 00:42:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17549
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13586
x-xss-protection: 0
last-modified: Thu, 27 Apr 2023 20:09:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 31 Jul 2023 00:42:45 GMT

GET
DATA 200
OK truncated
/ Frame 60A7 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0cf67aadd9bc4754c19b371b62c5283306af75fe84f2c3b674b3fea5ea63d8b8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 37FE 143 B
166 B 22ms
21ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1542
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 02 May 2023 05:09:32 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sRhYKH_5dmvPrul9dgGb794WXhJ3dcjrskH3Px1HIuI.js Show response
pagead2.googlesyndication.com/bg/ Frame 587C 36 KB
14 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/sRhYKH_5dmvPrul9dgGb794WXhJ3dcjrskH3Px1HIuI.js

Requested by

Host: minecraft.nagoya
URL: https://minecraft.nagoya/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b11858287ff9766bcfaee97d76019befde165e127775c8ebb241f73f1d4722e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 06:55:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81568
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14021
x-xss-protection: 0
last-modified: Tue, 25 Apr 2023 09:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 30 Apr 2024 06:55:47 GMT

GET
H3 200 sRhYKH_5dmvPrul9dgGb794WXhJ3dcjrskH3Px1HIuI.js Show response
pagead2.googlesyndication.com/bg/ Frame 7E7B 36 KB
14 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/sRhYKH_5dmvPrul9dgGb794WXhJ3dcjrskH3Px1HIuI.js

Requested by

Host: minecraft.nagoya
URL: https://minecraft.nagoya/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b11858287ff9766bcfaee97d76019befde165e127775c8ebb241f73f1d4722e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 06:55:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81568
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14021
x-xss-protection: 0
last-modified: Tue, 25 Apr 2023 09:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 30 Apr 2024 06:55:47 GMT

GET
H3 200 sRhYKH_5dmvPrul9dgGb794WXhJ3dcjrskH3Px1HIuI.js Show response
pagead2.googlesyndication.com/bg/ Frame C4D1 36 KB
14 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/sRhYKH_5dmvPrul9dgGb794WXhJ3dcjrskH3Px1HIuI.js

Requested by

Host: minecraft.nagoya
URL: https://minecraft.nagoya/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b11858287ff9766bcfaee97d76019befde165e127775c8ebb241f73f1d4722e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 06:55:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81568
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14021
x-xss-protection: 0
last-modified: Tue, 25 Apr 2023 09:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 30 Apr 2024 06:55:47 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 37FE
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

35ms
35ms

Document
text/html

2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230426/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 02 May 2023 05:35:15 GMT
expires: Tue, 02 May 2023 05:35:15 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 02 May 2023 05:35:15 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sRhYKH_5dmvPrul9dgGb794WXhJ3dcjrskH3Px1HIuI.js Show response
pagead2.googlesyndication.com/bg/ Frame D5B2 36 KB
14 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/sRhYKH_5dmvPrul9dgGb794WXhJ3dcjrskH3Px1HIuI.js

Requested by

Host: minecraft.nagoya
URL: https://minecraft.nagoya/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b11858287ff9766bcfaee97d76019befde165e127775c8ebb241f73f1d4722e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 06:55:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81568
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14021
x-xss-protection: 0
last-modified: Tue, 25 Apr 2023 09:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 30 Apr 2024 06:55:47 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8427 42 B
63 B 55ms
55ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AVOp9442zVMEnYX6sGiMw8pQo9dVOLmXCZSH2V0vnmzpan2t8xKZZwxywlKnGfKlSoB_GCoFYe_NdJFv1kXYeb4rg6O9IUxVDdAORozkdHJd9xpuo

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6667105062117622&output=html&h=90&adk=377016393&adf=2556572655&pi=t.aa~a.4118573133~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1683005714&rafmt=1&to=qs&pwprc=9570826514&format=1110x90&url=https%3A%2F%2Fminecraft.nagoya%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683005714555&bpp=1&bdt=1769&idt=1&shv=r20230426&mjsv=m202304260101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D154d9255d3c89d67-227c4f41b6dd0061%3AT%3D1683005713%3ART%3D1683005713%3AS%3DALNI_MZvsZ2WKGHBjjuP__yWjPzGgmBKEg&gpic=UID%3D00000bf3cd2149b3%3AT%3D1683005713%3ART%3D1683005713%3AS%3DALNI_MYmxOVbpcCEq-lthveDompEJESYpA&prev_fmts=0x0%2C1110x200%2C1110x280&nras=3&correlator=3146917329212&frm=20&pv=1&ga_vid=1412944886.1683005714&ga_sid=1683005714&ga_hid=617088275&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1890&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44773810%2C44759837%2C44759875%2C31073973%2C44788442%2C44789761%2C44790154&oid=2&psts=ABHeCvg_rXXaSNqtS_5Jwz-BaRNGes2UPiKyLmZcBlGPVXPTdUn08pRYX_TNnTCEBgG0Piowk6XXMWG6p8FIXzctjLiDNQ&pvsid=283296863923680&tmod=582782916&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=n7lofGT3aU&p=https%3A//minecraft.nagoya&dtd=13

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 May 2023 05:35:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8427 0
20 B 56ms
56ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=16827013859277562168&x=1&ct=76

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 May 2023 05:35:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 8427 78 KB
27 KB 68ms
68ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

46b3e081067e631f9a1049fbfa37844da854f741b7f9a45900dc02a19a4ef143

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 05:35:15 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28043
x-xss-protection: 0
server: cafe
etag: 15270303690107644053
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Tue, 02 May 2023 05:35:15 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/ Frame 8427 3 KB
1 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 16:46:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46143
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 15 May 2023 16:46:12 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/ Frame 8427 19 KB
8 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c7fc4a99ab664906d545b36b310a40b58d9e41986fcd9318ac8f6f90e41d61b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 02:01:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12846
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7966
x-xss-protection: 0
server: cafe
etag: 10783182253924109600
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 16 May 2023 02:01:09 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 8427 0
0 29ms
28ms Image
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTPHXQZDTdwnZjf3zHitFrdSoZcK4fWKJLKXWluNotrXn2GaRDHoYtpGl68tOBVddJYcno5wBQeEpDg5unUKUTba2McxA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6667105062117622&output=html&h=90&adk=377016393&adf=2556572655&pi=t.aa~a.4118573133~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1683005714&rafmt=1&to=qs&pwprc=9570826514&format=1110x90&url=https%3A%2F%2Fminecraft.nagoya%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683005714555&bpp=1&bdt=1769&idt=1&shv=r20230426&mjsv=m202304260101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D154d9255d3c89d67-227c4f41b6dd0061%3AT%3D1683005713%3ART%3D1683005713%3AS%3DALNI_MZvsZ2WKGHBjjuP__yWjPzGgmBKEg&gpic=UID%3D00000bf3cd2149b3%3AT%3D1683005713%3ART%3D1683005713%3AS%3DALNI_MYmxOVbpcCEq-lthveDompEJESYpA&prev_fmts=0x0%2C1110x200%2C1110x280&nras=3&correlator=3146917329212&frm=20&pv=1&ga_vid=1412944886.1683005714&ga_sid=1683005714&ga_hid=617088275&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1890&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44773810%2C44759837%2C44759875%2C31073973%2C44788442%2C44789761%2C44790154&oid=2&psts=ABHeCvg_rXXaSNqtS_5Jwz-BaRNGes2UPiKyLmZcBlGPVXPTdUn08pRYX_TNnTCEBgG0Piowk6XXMWG6p8FIXzctjLiDNQ&pvsid=283296863923680&tmod=582782916&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=n7lofGT3aU&p=https%3A//minecraft.nagoya&dtd=13
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8427 160 KB
49 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dcef0a2eb37a3d8e32ddf11f664b3375a06980cf33792aa7bfb798b15cb646d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 05:35:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50021
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1682940967289926"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 02 May 2023 05:35:15 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 4E0C 624 B
245 B 65ms
64ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNTh_a4CELX1oJkEGIDc4ecBMAE&v=APEucNWlc8mJDmaWRjULJ7rJpXBixKHVJMARzkEJiU1t_OvEugNXx_MphbOG-jSGvWnGR8u62bldtnbTLo51xFJO5V32StK_BpwVYQ1g1ABCZ-L8tfj1nr-xjfl_3ntJgQ4QRQm8DEZ5v32UlUXJx_5alQuLV5yD9bks8KSA74fd40wxOjDJxng

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6667105062117622&output=html&h=90&adk=377016393&adf=2556572655&pi=t.aa~a.4118573133~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1683005714&rafmt=1&to=qs&pwprc=9570826514&format=1110x90&url=https%3A%2F%2Fminecraft.nagoya%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683005714555&bpp=1&bdt=1769&idt=1&shv=r20230426&mjsv=m202304260101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D154d9255d3c89d67-227c4f41b6dd0061%3AT%3D1683005713%3ART%3D1683005713%3AS%3DALNI_MZvsZ2WKGHBjjuP__yWjPzGgmBKEg&gpic=UID%3D00000bf3cd2149b3%3AT%3D1683005713%3ART%3D1683005713%3AS%3DALNI_MYmxOVbpcCEq-lthveDompEJESYpA&prev_fmts=0x0%2C1110x200%2C1110x280&nras=3&correlator=3146917329212&frm=20&pv=1&ga_vid=1412944886.1683005714&ga_sid=1683005714&ga_hid=617088275&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1890&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44773810%2C44759837%2C44759875%2C31073973%2C44788442%2C44789761%2C44790154&oid=2&psts=ABHeCvg_rXXaSNqtS_5Jwz-BaRNGes2UPiKyLmZcBlGPVXPTdUn08pRYX_TNnTCEBgG0Piowk6XXMWG6p8FIXzctjLiDNQ&pvsid=283296863923680&tmod=582782916&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=n7lofGT3aU&p=https%3A//minecraft.nagoya&dtd=13
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 02 May 2023 05:35:15 GMT
expires: Tue, 02 May 2023 05:35:15 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css
fonts.googleapis.com/ Frame 244A 9 KB
921 B 32ms
31ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6667105062117622&output=html&h=280&adk=3898524957&adf=2723329071&pi=t.aa~a.4118584550~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1683005714&rafmt=1&to=qs&pwprc=9570826514&format=1110x280&url=https%3A%2F%2Fminecraft.nagoya%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683005714555&bpp=1&bdt=1769&idt=-M&shv=r20230426&mjsv=m202304260101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D154d9255d3c89d67-227c4f41b6dd0061%3AT%3D1683005713%3ART%3D1683005713%3AS%3DALNI_MZvsZ2WKGHBjjuP__yWjPzGgmBKEg&gpic=UID%3D00000bf3cd2149b3%3AT%3D1683005713%3ART%3D1683005713%3AS%3DALNI_MYmxOVbpcCEq-lthveDompEJESYpA&prev_fmts=0x0%2C1110x200&nras=2&correlator=3146917329212&frm=20&pv=1&ga_vid=1412944886.1683005714&ga_sid=1683005714&ga_hid=617088275&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1384&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44773810%2C44759837%2C44759875%2C31073973%2C44788442%2C44789761%2C44790154&oid=2&psts=ABHeCvg_rXXaSNqtS_5Jwz-BaRNGes2UPiKyLmZcBlGPVXPTdUn08pRYX_TNnTCEBgG0Piowk6XXMWG6p8FIXzctjLiDNQ&pvsid=283296863923680&tmod=582782916&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=eF2AM45bcn&p=https%3A//minecraft.nagoya&dtd=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

400fabe35a47597142482001174f415493a18dc7e1d35f2f66385013b7dd1e02

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 02 May 2023 05:35:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 02 May 2023 04:17:52 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 02 May 2023 05:35:15 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/ Frame 244A 2 KB
765 B 22ms
21ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 20:09:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33970
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 15 May 2023 20:09:05 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 244A 0
0 67ms
66ms Fetch
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CSZfPEqFQZK-UJLq8kdUP-bK2sAz2683bYJ7bl4qqEcCNtwEQASC2475EYJXqjoKcB6ABz_yA2QHIAQmpArhJv7UzZ7I-qAMByAPLBKoEywFP0NqzwAkZw7YcTg5s-giw3meSembbntx4LLeBW7HK4eIwmxncoDyAthGEJk-ifiyehXxsGulqoA1SVUJOKVkyikWwRC741k2NG8S9hdPbQamtq7W36BaIhb6mC8vrYB-Gbb3VtU9rFNOcGwB3pAFLphgcWwmRxQxHoBnW_CKklEdGYxhGDs1ILvyEZBUTeklnV4Hiz6FliQPWH66_lQo-a9wABh1IWzW4IC401zEEJdqKqeIWBFdS8j1Kx84NfdNTOcE-C67EzP8GhsAEhKq-jdADkgUECAQYAZIFBAgFGASgBi6AB5mD_6YCqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQvMcF0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEwLQFQGYFgGAFwGyFxwKGggAEhRwdWItNjY2NzEwNTA2MjExNzYyMhgA&sigh=kPk5pbb2kQM&uach_m=[UACH]&cid=CAQSOwBygQiD2YiVjOqPCw2Q3nrbGo2R9uxPso21Hu9Pjy23RyybZqSjJzp_VZKQrZpG_JFsI3GYbLu8_yDjGAE&template_id=5000

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6667105062117622&output=html&h=280&adk=3898524957&adf=2723329071&pi=t.aa~a.4118584550~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1683005714&rafmt=1&to=qs&pwprc=9570826514&format=1110x280&url=https%3A%2F%2Fminecraft.nagoya%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683005714555&bpp=1&bdt=1769&idt=-M&shv=r20230426&mjsv=m202304260101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D154d9255d3c89d67-227c4f41b6dd0061%3AT%3D1683005713%3ART%3D1683005713%3AS%3DALNI_MZvsZ2WKGHBjjuP__yWjPzGgmBKEg&gpic=UID%3D00000bf3cd2149b3%3AT%3D1683005713%3ART%3D1683005713%3AS%3DALNI_MYmxOVbpcCEq-lthveDompEJESYpA&prev_fmts=0x0%2C1110x200&nras=2&correlator=3146917329212&frm=20&pv=1&ga_vid=1412944886.1683005714&ga_sid=1683005714&ga_hid=617088275&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1384&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44773810%2C44759837%2C44759875%2C31073973%2C44788442%2C44789761%2C44790154&oid=2&psts=ABHeCvg_rXXaSNqtS_5Jwz-BaRNGes2UPiKyLmZcBlGPVXPTdUn08pRYX_TNnTCEBgG0Piowk6XXMWG6p8FIXzctjLiDNQ&pvsid=283296863923680&tmod=582782916&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=eF2AM45bcn&p=https%3A//minecraft.nagoya&dtd=8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 02 May 2023 05:35:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/9709174070550266014/ Frame 244A 35 KB
35 KB 24ms
23ms Image
image/jpeg 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9709174070550266014/14763004658117789537?w=600&h=314

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

35c30723a8e9b61d4b0f728eef929b8134697201c8e72c2c65a74978c005c6f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 00:19:11 GMT
x-content-type-options: nosniff
age: 18964
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35870
x-xss-protection: 0
last-modified: Thu, 09 Mar 2023 11:09:08 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 01 May 2024 00:19:11 GMT

GET
DATA 200
OK truncated
/ Frame 244A 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 244A 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9fe1e1a729d0d8a1042ea6f19b0ce23f84f2d5f77115ab9bf30fafe424451d27

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230426/r20110914/ Frame 244A 22 KB
9 KB 26ms
22ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ec81013fada9e239bb9d91316ba5cdfffaf0f7a1ea4220ae81c271db75b71a5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 10:51:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67410
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8751
x-xss-protection: 0
server: cafe
etag: 8024400250147624166
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 15 May 2023 10:51:45 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/ Frame 244A 3 KB
1 KB 36ms
31ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 16:46:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46143
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 15 May 2023 16:46:12 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/ Frame 244A 19 KB
8 KB 29ms
24ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c7fc4a99ab664906d545b36b310a40b58d9e41986fcd9318ac8f6f90e41d61b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 02:01:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12846
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7966
x-xss-protection: 0
server: cafe
etag: 10783182253924109600
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 16 May 2023 02:01:09 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 244A 0
0 33ms
28ms Image
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaR0MFcn2RBn37vRWWL7eu19JqNSewQnjv0f5JVXYtzuqtX5Q_omwDmBJPuHUCUthvCFj2iDvK2GfL0zV59mTLARypHbug
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6667105062117622&output=html&h=280&adk=3898524957&adf=2723329071&pi=t.aa~a.4118584550~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1683005714&rafmt=1&to=qs&pwprc=9570826514&format=1110x280&url=https%3A%2F%2Fminecraft.nagoya%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683005714555&bpp=1&bdt=1769&idt=-M&shv=r20230426&mjsv=m202304260101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D154d9255d3c89d67-227c4f41b6dd0061%3AT%3D1683005713%3ART%3D1683005713%3AS%3DALNI_MZvsZ2WKGHBjjuP__yWjPzGgmBKEg&gpic=UID%3D00000bf3cd2149b3%3AT%3D1683005713%3ART%3D1683005713%3AS%3DALNI_MYmxOVbpcCEq-lthveDompEJESYpA&prev_fmts=0x0%2C1110x200&nras=2&correlator=3146917329212&frm=20&pv=1&ga_vid=1412944886.1683005714&ga_sid=1683005714&ga_hid=617088275&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1384&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44773810%2C44759837%2C44759875%2C31073973%2C44788442%2C44789761%2C44790154&oid=2&psts=ABHeCvg_rXXaSNqtS_5Jwz-BaRNGes2UPiKyLmZcBlGPVXPTdUn08pRYX_TNnTCEBgG0Piowk6XXMWG6p8FIXzctjLiDNQ&pvsid=283296863923680&tmod=582782916&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=eF2AM45bcn&p=https%3A//minecraft.nagoya&dtd=8
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 244A 160 KB
49 KB 34ms
29ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dcef0a2eb37a3d8e32ddf11f664b3375a06980cf33792aa7bfb798b15cb646d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 05:35:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50021
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1682940967289926"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 02 May 2023 05:35:15 GMT

GET
H3 200 dc885651c24f3a38cf2b2dda4c5c7197.js Show response
www.gstatic.com/mysidia/ Frame 244A 32 KB
13 KB 26ms
21ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/dc885651c24f3a38cf2b2dda4c5c7197.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

14c77f954be37da1e7fba8efd1279e7ece7e384d33b8375d6e6a1ce013daaf47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 00:42:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17550
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13586
x-xss-protection: 0
last-modified: Thu, 27 Apr 2023 20:09:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 31 Jul 2023 00:42:45 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 4E0C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM6PIFiu20Py9XYNLepkqfM&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM6PIFiu20Py9XYNLepkqfM&google_cver=1&C=1

43 B
766 B

25ms
21ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM6PIFiu20Py9XYNLepkqfM&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNTh_a4CELX1oJkEGIDc4ecBMAE&v=APEucNWlc8mJDmaWRjULJ7rJpXBixKHVJMARzkEJiU1t_OvEugNXx_MphbOG-jSGvWnGR8u62bldtnbTLo51xFJO5V32StK_BpwVYQ1g1ABCZ-L8tfj1nr-xjfl_3ntJgQ4QRQm8DEZ5v32UlUXJx_5alQuLV5yD9bks8KSA74fd40wxOjDJxng
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 02 May 2023 05:35:15 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Tue, 02 May 2023 05:35:15 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=45&external_user_id=CAESEM6PIFiu20Py9XYNLepkqfM&google_cver=1&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 4E0C
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZFChE6mNTdNneTThFBV.AgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM6PIFiu20Py9XYNLepkqfM&google_cver=1&google_hm=2

43 B
766 B

22ms
22ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM6PIFiu20Py9XYNLepkqfM&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNTh_a4CELX1oJkEGIDc4ecBMAE&v=APEucNWlc8mJDmaWRjULJ7rJpXBixKHVJMARzkEJiU1t_OvEugNXx_MphbOG-jSGvWnGR8u62bldtnbTLo51xFJO5V32StK_BpwVYQ1g1ABCZ-L8tfj1nr-xjfl_3ntJgQ4QRQm8DEZ5v32UlUXJx_5alQuLV5yD9bks8KSA74fd40wxOjDJxng
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 02 May 2023 05:35:15 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=496
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Tue, 02 May 2023 05:35:15 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM6PIFiu20Py9XYNLepkqfM&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

bounce
ib.adnxs.com/ Frame 4E0C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEBLRUnKKv4b9aVgmB_IYuPE&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEBLRUnKKv4b9aVgmB_IYuPE%26google_cver%3D1

43 B
1 KB

31ms
31ms

Image
image/gif

185.89.211.116
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEBLRUnKKv4b9aVgmB_IYuPE%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNTh_a4CELX1oJkEGIDc4ecBMAE&v=APEucNWlc8mJDmaWRjULJ7rJpXBixKHVJMARzkEJiU1t_OvEugNXx_MphbOG-jSGvWnGR8u62bldtnbTLo51xFJO5V32StK_BpwVYQ1g1ABCZ-L8tfj1nr-xjfl_3ntJgQ4QRQm8DEZ5v32UlUXJx_5alQuLV5yD9bks8KSA74fd40wxOjDJxng

Protocol

HTTP/1.1

Server

185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 02 May 2023 05:35:15 GMT
AN-X-Request-Uuid: 56bd366e-e255-4c47-8a13-cc93dc6a96f0
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 217.114.218.19; 217.114.218.19; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 02 May 2023 05:35:15 GMT
AN-X-Request-Uuid: 3bb1f57a-f9ad-4e1d-b9c7-bd805b680341
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEBLRUnKKv4b9aVgmB_IYuPE%26google_cver%3D1
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 217.114.218.19; 217.114.218.19; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4E0C
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjM3MTIwNTI3NDgzMTY0Nzg4OA%3D%3D

170 B
188 B

33ms
32ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjM3MTIwNTI3NDgzMTY0Nzg4OA%3D%3D

Requested by

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 May 2023 05:35:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Tue, 02 May 2023 05:35:15 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 217.114.218.19; 217.114.218.19; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 3c4aa226-194c-4340-883f-360c7c50b5b9
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjM3MTIwNTI3NDgzMTY0Nzg4OA%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8427 0
20 B 55ms
55ms Ping
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=2273981098475&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 May 2023 05:35:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8427 0
20 B 55ms
54ms Ping
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=2273981098475&version=m202301230201&ct=76&x=1&cor=16827013859277562000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 May 2023 05:35:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 8427 66 KB
31 KB 59ms
59ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AlMiDZIJFSWWJAvUdpz9v6dSLn340ZjNAzNNPFnTVvmCAOBUYmctPM7SSBjx1YgwVeQ-X3HCXBB1CgtOHwOy0pY3P9Gg&cry=1&dbm_d=AKAmf-D_LImBbV-pvcimsMla9dGhtbT-_fvLSrB-6qLVO3im0k0adLZg7WRAxBDVvxTqF0ywHCXxoGwimv0H8fnt9F5fGxLEHEUB_LqPrMFEqGGyzLSI0dsfAAbGqogWHHRhX4fIXlZLEQihQEgXLdFhbfHP_A4Vrss6Tjxm9PjREiIAdbdleJuOQUi6B-OI0fOvm13W9Hccsugw6l4C3ske95Hm80UOE_y6zeKI-3iOs5AV_kGIM7Mso_Qt25N0dtxlwLTXWys5M05VGMOcEk55vuW9EHeRBrRL38npJ1axF686vtmc3PoKfQW_-c0VTguFCIKeXbRegZaN95IhlzNHr-vrFeziqiTxjbZeHQUMRqjZjXUM9Z2ekF2Sp4wTJledXjXkoIIYrmhERY8-_O9t2PTas4ReqbQFxCr3MrPovp3A5ydTVHCAVthagFtrVOBYL_nuuNaHLCPhWxhPy0ft4RKJZS_islCWzgIs9sThfiXSpTZJZLo7U0xsmMBM8NF-d2hpPlgRkEAdWr0JJtHOR9XV76Sdrvgh4OnftAJV0Q9TpYNDkRMYBj7_I5HvAutSOSAAIQYtMHCa7TJxxCpFWuoYrh5ss__IHXsKGwdFq3MspWzG3KU6kt8HrE5HWhU6EJ5SY0m5fpELpo-DUDiIAp5VhJ_rED9FJ87E8N6WivHFUsFPQ5TKFLxNKA7n_v0G346UuKrxRZwm-RaKHVB5XdMC-P10sKSVfbVY4l6NSt5tp7zDd04tnsaaI5wvJWgpoSGZAQCN3AVw18VwmJRWt0OJIKJJZLz99WGRzhZTztJx7CNgoPkE2es5bbgx_8rmRaH9Vq6HGzyFAHOWUxS6RT3_KpiMpRWhVHxFamTBBWo2x3Dw0eKluJTgBoNVxHsnkjmyp8mJVLBIxai1Gy-KYp1rgJkJFnaYfB_YT1EWXhlD5cyD0olWNe9eaLU1Tdpugx8lfC824Q9vsgwOnW8SOuMBelCYn_WrZWCxJtm_a-3dyhMIXR_FmG3u-8m518mnJKweyBfTsaHWgbA4CaXuHXyXj1M9cFNznVr8LKshotEIGq8c-HtGWD4ghPUsYqQaejaLSflU0mXa0ws9cRxXBiWT-4F6MvR0XyrgmYHe4EYa5qg9SPzv8kwmQwB0vJPmnA_joM9biwE22iuEfbzjuwdvsFLoxVjEUxC75xNaUswaoRWylHB4NnHCOphq8EIKrEDSnPgT5yVwXTWu6gM9ZDqCrL4ucdfBjbdggQICmpKTqNxY8w_QX5_rIaedAncYfKFr9Arv_v3gJ9uVccKd9x7h4vhPvwmawXt0lRGb9M1zKTo2exvz0EPq4X8s1ZiaPNujaWdFDVS3iG2KSrcKKwi563tjIoTFZvYml9hZa0VaqeVKo7Jp4RUml77ItqNF3Hp5ATaNM9oUoHJNURz9BTHFjtCaQGvPRlO07cDfZ-kX_8GoT7w1ANoEjJihphKxjujfWvx7CUX4jXRV4OFlQc92qKvcnOJK4mxyVO6LKc8gxCIvWsaJdGpJsXs5PzyIA0gs8fUapPb5PkXpluolFgkZrCi_qdWuUh_4ueaIsJjVAMRHAalWsZIT26bpnDHIWEFVpEE1oMHA7D_SXWsPl91XaX4iMIkP_fYkW2BkLeUoGEyUjEtZdyuiCO4GK2-4p5cTF6K1V60hlUuMrG0cudZNEXSuKWJWPpEQUc_lh_sp1R8EtzkkeTZR1MtQyYxKSvM-3ndl_fN6k3ZsMmZ6LZs71kOk2IxzS1aTI3fa4wM3vAD-dS48nx9kiuUJtfgLh-doueH17QWvOvfnFjA_SoR6PGbn8v4fIpioYv6-pcQ3fM9L5IFm2_jPBdKxG7B2m1lBoCEAQucuS8WdsF7cihSlgCvsII_jeHjQLGAVhCUwczdxaJpqGESVY9_K-G13oEGH3q_99E57ar1cSiZLHpVTTilvtWq-hVX0Xv08xiAiI9sSLuC96lpP9LKB5vkYXsNFpVUOo6PfXeWaQUCavGjR-r7w63k7oqtyIx_m16w6xw15AYXXxnqoDYqfAoYaCRjNSeH0Y5P1KxGwuOqMCyWpWluQpmK0hArEeNIJqO2KTz7AZXvfEiNksUzIeJGophntRPuTqyEmHs-pXP4KS-SwLJfriOEptlKwn6bRZaSfnu9zsx2oAsy8O6ubrMpXRVYefr-gueAVkpQMxDTkuzqGZg2zDlyc7nXgWtpKDxBC9GLIxn8gzZJRiezw3fFCkTH46K3NbMLjoxTy2rcHwlF1hTTohraHu3-mvOSZCCWo_9bjOgjEnysvSsF6QZ969KYrjCIv5pIq4tUHJfFiT4Kp1N98DQwNimGIA5D0T9K3aU9zb6yWBXcPK_tfsue-HqWdxc6ZaFsf2dP09KIqafxt89tAkolBnxLDN9I3CmSbZ6PNSHEBKmETxSCG_zy3jYd0h1cgHCvjGaS58zgNzjw4GS_YikR3uY4_dlF1EraAfvvRtp60QzO35y4xAsYQ73KgN8VzeehgNuKXGoQ266iCBpvVUAenrXl9XmZsIrwwdWBkKrsxbsLnLzCUy47aXhdimbL21hFUHw-bwHjDCUa9bMLB3yL1tjkIZwlpKPhDugxHRLIOjktgyT4H_VpTnd12TAy7sHjEwt0owHUKIvGb_r8WFtJnvWF0m0RTBIGf4eAXavA8jAe2cVsNwpbiCXquKnLDLBkHBH1nHVYFJ_DdQ7qQ208FHwEGR9c2o3B80s0G1DE9iCjrFKNSOvZrF1NdQ0vDK1zyR8MFDuUj00fDUOyKuERVB5ZagYvFTkUFGBZXR2rrwdWUUbRh-3NSXcyqtTxo6RMV1QL-LpppomuAT3P0XZlbr4dhqZFVPSZiUBjZt6GwSK42c-kLVHlx8pu_iNEEtFanDFx8dbejwvtJu6tthOU7pq0H4mTLDJ-yR5JoiA68fp2cHMnAkNxKaoP-5ONrvL7s74cZnWCeEKt-t4ALQXAr2ONtKV-wvdcQnUCBE9ippGdZ2USeBnxF7yLaK6TQKh4iS_csL5rnGO0zpIyVuutw3K1osXfzMbeotOSP-BqlUo0AAMj967c4TGQhk_rMvbVAMH_b7P9VdMuma-44tgUuEAaOvMZzppANKExey8UawkIyBXCsR92m15Oh6463-QsqlfrJVo1VleHPEV5gp38ndWM48JekujoBuoJ9JKunb4CleH8fKXN7m3_ofUZHTP_-RT1g3sC_m5afTsNqi5Xo1T0xkRkKIdnFRGxop8LnFBRX-UFpN-IecabgFqMCmUVV_xZaUQ0cSkr7_I8vUkbSM-znGZWO8l8CFDTKflMGnI_S60InunmTIiiEqh92&cid=CAQSOwBygQiDfgaRmks1jyRTOKcGdnJNyiKw_j1ya15xpzRV4iEHPqRHR8ysBEa5P4FLFYH_cAePD-qS4-0XGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fminecraft.nagoya%2F&ds=l&xdt=1&iif=1&cor=16827013859277562000&adk=3047537735&idt=78&cac=0&dtd=6

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ab646913981bd4d59bf0d361024dd254cd33c256b65d45817b91aa1b8ff98e8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6667105062117622&output=html&h=90&adk=377016393&adf=2556572655&pi=t.aa~a.4118573133~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1683005714&rafmt=1&to=qs&pwprc=9570826514&format=1110x90&url=https%3A%2F%2Fminecraft.nagoya%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683005714555&bpp=1&bdt=1769&idt=1&shv=r20230426&mjsv=m202304260101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D154d9255d3c89d67-227c4f41b6dd0061%3AT%3D1683005713%3ART%3D1683005713%3AS%3DALNI_MZvsZ2WKGHBjjuP__yWjPzGgmBKEg&gpic=UID%3D00000bf3cd2149b3%3AT%3D1683005713%3ART%3D1683005713%3AS%3DALNI_MYmxOVbpcCEq-lthveDompEJESYpA&prev_fmts=0x0%2C1110x200%2C1110x280&nras=3&correlator=3146917329212&frm=20&pv=1&ga_vid=1412944886.1683005714&ga_sid=1683005714&ga_hid=617088275&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1890&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44773810%2C44759837%2C44759875%2C31073973%2C44788442%2C44789761%2C44790154&oid=2&psts=ABHeCvg_rXXaSNqtS_5Jwz-BaRNGes2UPiKyLmZcBlGPVXPTdUn08pRYX_TNnTCEBgG0Piowk6XXMWG6p8FIXzctjLiDNQ&pvsid=283296863923680&tmod=582782916&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=n7lofGT3aU&p=https%3A//minecraft.nagoya&dtd=13
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 May 2023 05:35:15 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31293
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame F5AE 1 KB
643 B 26ms
21ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 82045
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 01 May 2023 06:47:50 GMT
etag: 48472445140208031
expires: Tue, 02 May 2023 06:47:50 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 244A 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d0b883956435119f647b57e5d2e7df987fa6c51c1a487c25bf0107d256cab3fa

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v46/ Frame 244A 29 KB
29 KB 22ms
21ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v46/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45a61a04904fc2115c440a349a65dc93d2965b0b24dc5a8172bd8b792bdbf103

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 22:26:30 GMT
x-content-type-options: nosniff
age: 198525
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29728
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 16:59:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Apr 2024 22:26:30 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame F5AE 0
104 B 221ms
84ms Image
text/plain 2a02:fa8:8806:12::1400
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEIl8njwyO7zbLkT_dbrMl6o&google_cver=1&google_push=ATf1kGOCA5TN84o5PV43WOwKFJWOHybngh3goAnsECC7wDPcc2crkPbsQAYpTGpI9g3l4DJ8sI3f6pOs4VbwL5hOg7F0YIqMsF7lYQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6667105062117622&output=html&h=280&adk=3898524957&adf=2723329071&pi=t.aa~a.4118584550~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1683005714&rafmt=1&to=qs&pwprc=9570826514&format=1110x280&url=https%3A%2F%2Fminecraft.nagoya%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683005714555&bpp=1&bdt=1769&idt=-M&shv=r20230426&mjsv=m202304260101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D154d9255d3c89d67-227c4f41b6dd0061%3AT%3D1683005713%3ART%3D1683005713%3AS%3DALNI_MZvsZ2WKGHBjjuP__yWjPzGgmBKEg&gpic=UID%3D00000bf3cd2149b3%3AT%3D1683005713%3ART%3D1683005713%3AS%3DALNI_MYmxOVbpcCEq-lthveDompEJESYpA&prev_fmts=0x0%2C1110x200&nras=2&correlator=3146917329212&frm=20&pv=1&ga_vid=1412944886.1683005714&ga_sid=1683005714&ga_hid=617088275&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1384&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44773810%2C44759837%2C44759875%2C31073973%2C44788442%2C44789761%2C44790154&oid=2&psts=ABHeCvg_rXXaSNqtS_5Jwz-BaRNGes2UPiKyLmZcBlGPVXPTdUn08pRYX_TNnTCEBgG0Piowk6XXMWG6p8FIXzctjLiDNQ&pvsid=283296863923680&tmod=582782916&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=eF2AM45bcn&p=https%3A//minecraft.nagoya&dtd=8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:12::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 May 2023 05:35:15 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F5AE
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEA2NISKCr0OehxxzXJmlgBk&google_cver=1&google_push=ATf1kGMvcV7jmGxIBKHbkdQOX6jkeYmLdn4K7v20wALQGLhBRrb20Y_dOnuHKaKKAPvcvyM_hc7Bxm2gwPMVbrsG...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGMvcV7jmGxIBKHbkdQOX6jkeYmLdn4K7v20wALQGLhBRrb20Y_dOnuHKaKKAPvcvyM_hc7Bxm2gwPMVbrsGMnIHjgtieqC0jg

170 B
188 B

34ms
33ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGMvcV7jmGxIBKHbkdQOX6jkeYmLdn4K7v20wALQGLhBRrb20Y_dOnuHKaKKAPvcvyM_hc7Bxm2gwPMVbrsGMnIHjgtieqC0jg

Requested by

Host: minecraft.nagoya
URL: https://minecraft.nagoya/

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 May 2023 05:35:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Tue, 02 May 2023 05:35:15 GMT
Server: MT3 830 785530e master cdg-pixel-x30 config_version:"unknown"
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGMvcV7jmGxIBKHbkdQOX6jkeYmLdn4K7v20wALQGLhBRrb20Y_dOnuHKaKKAPvcvyM_hc7Bxm2gwPMVbrsGMnIHjgtieqC0jg
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Tue, 02 May 2023 05:35:14 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F5AE
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEE2fugvQ227Kn3klGEpGBdg&google_cver=1&google_push=ATf1kGN7cJsQYtGZuPTaok1cxxi3En4V4EzMIFsAQla2x4UHQ7G2xmJ8a2eJBZOHIudEojHCl5bBoBbvhOZqnkh7...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=lifrINI0R_iMbHA3Kg9hQg2&google_push=ATf1kGN7cJsQYtGZuPTaok1cxxi3En4V4EzMIFsAQla2x4UHQ7G2xmJ8a2eJBZOHIudEojHCl5bBoBbvhOZqnkh7ee4EjUo2PMeV

170 B
188 B

33ms
32ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=lifrINI0R_iMbHA3Kg9hQg2&google_push=ATf1kGN7cJsQYtGZuPTaok1cxxi3En4V4EzMIFsAQla2x4UHQ7G2xmJ8a2eJBZOHIudEojHCl5bBoBbvhOZqnkh7ee4EjUo2PMeV

Requested by

Host: minecraft.nagoya
URL: https://minecraft.nagoya/

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 May 2023 05:35:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 02 May 2023 05:35:15 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=lifrINI0R_iMbHA3Kg9hQg2&google_push=ATf1kGN7cJsQYtGZuPTaok1cxxi3En4V4EzMIFsAQla2x4UHQ7G2xmJ8a2eJBZOHIudEojHCl5bBoBbvhOZqnkh7ee4EjUo2PMeV
x-host: tde-deliveryengine-production-69d487867f-6vc5z
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F5AE
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESELHeAcDnrg-Ap3YgmGV581M&google_cver=1&google_push=ATf1kGO8VFJrJGwwkt-r_1ZT6ShYK3CjeGR2YHQYPtw1KQpoot7mc0lhQUIDCz3CUrTRJsyuQ50vjomAjloVDd4Q9PTBjsn...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGO8VFJrJGwwkt-r_1ZT6ShYK3CjeGR2YHQYPtw1KQpoot7mc0lhQUIDCz3CUrTRJsyuQ50vjomAjloVDd4Q9PTBjsn0Brijvw&google_hm=eS1CWEllaHY5RTJwRzhy...

170 B
188 B

33ms
32ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGO8VFJrJGwwkt-r_1ZT6ShYK3CjeGR2YHQYPtw1KQpoot7mc0lhQUIDCz3CUrTRJsyuQ50vjomAjloVDd4Q9PTBjsn0Brijvw&google_hm=eS1CWEllaHY5RTJwRzhyVUNKRldQa2lpd09kcEZZOWUxeH5B

Requested by

Host: minecraft.nagoya
URL: https://minecraft.nagoya/

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 May 2023 05:35:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 02 May 2023 05:35:15 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGO8VFJrJGwwkt-r_1ZT6ShYK3CjeGR2YHQYPtw1KQpoot7mc0lhQUIDCz3CUrTRJsyuQ50vjomAjloVDd4Q9PTBjsn0Brijvw&google_hm=eS1CWEllaHY5RTJwRzhyVUNKRldQa2lpd09kcEZZOWUxeH5B
content-length: 0

GET
H2 200 dds
rtb.openx.net/sync/ Frame F5AE 43 B
351 B 100ms
21ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEO2Ia-KPFO4xVeUqoQ3oM3U&google_cver=1&google_push=ATf1kGP3OwMQEn8N5NJGGfOsjZSHm3hm9uEzwd3V8JeAnKtLaRrQJJqwp-yclevZMA75ad6xkAUeKEv4Y-JIOWFjBnknhVeJYR3x7w
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6667105062117622&output=html&h=280&adk=3898524957&adf=2723329071&pi=t.aa~a.4118584550~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1683005714&rafmt=1&to=qs&pwprc=9570826514&format=1110x280&url=https%3A%2F%2Fminecraft.nagoya%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683005714555&bpp=1&bdt=1769&idt=-M&shv=r20230426&mjsv=m202304260101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D154d9255d3c89d67-227c4f41b6dd0061%3AT%3D1683005713%3ART%3D1683005713%3AS%3DALNI_MZvsZ2WKGHBjjuP__yWjPzGgmBKEg&gpic=UID%3D00000bf3cd2149b3%3AT%3D1683005713%3ART%3D1683005713%3AS%3DALNI_MYmxOVbpcCEq-lthveDompEJESYpA&prev_fmts=0x0%2C1110x200&nras=2&correlator=3146917329212&frm=20&pv=1&ga_vid=1412944886.1683005714&ga_sid=1683005714&ga_hid=617088275&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1384&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44773810%2C44759837%2C44759875%2C31073973%2C44788442%2C44789761%2C44790154&oid=2&psts=ABHeCvg_rXXaSNqtS_5Jwz-BaRNGes2UPiKyLmZcBlGPVXPTdUn08pRYX_TNnTCEBgG0Piowk6XXMWG6p8FIXzctjLiDNQ&pvsid=283296863923680&tmod=582782916&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=eF2AM45bcn&p=https%3A//minecraft.nagoya&dtd=8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 May 2023 05:35:15 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: 36nfvpfr3bmatc8kut1oh2b3rmd8kva2

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F5AE
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=8KUjo9MoQ0SxMyblL3kN1w%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

33ms
33ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=8KUjo9MoQ0SxMyblL3kN1w%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ATf1kGNFaJHIli_B3gDl2BRIucQT6XBCmazPn-VF2LtywwuSsSfuXV0QYI1rMthNTo7k5XOWQiqr9NwAHI2Gz0fXvI4Wt3cNDW_FSA

Requested by

Host: minecraft.nagoya
URL: https://minecraft.nagoya/

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 May 2023 05:35:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=8KUjo9MoQ0SxMyblL3kN1w%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ATf1kGNFaJHIli_B3gDl2BRIucQT6XBCmazPn-VF2LtywwuSsSfuXV0QYI1rMthNTo7k5XOWQiqr9NwAHI2Gz0fXvI4Wt3cNDW_FSA
date: Tue, 02 May 2023 05:35:14 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F5AE
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEIWna8-EwgLCTZLpY8G0Sws&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEIWna8-EwgLCTZLpY8G0Sws&google_push=AT...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEIWna8-EwgLCTZLpY8G0Sws&google_hm=ZFChE6mNTdNneTThFBV-AgAADLEAAAAB&google_nid=index&google_push=ATf1kGOHR7Nu9j-xFtiY8UbqLoTfMGzIjupki...

170 B
188 B

33ms
33ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEIWna8-EwgLCTZLpY8G0Sws&google_hm=ZFChE6mNTdNneTThFBV-AgAADLEAAAAB&google_nid=index&google_push=ATf1kGOHR7Nu9j-xFtiY8UbqLoTfMGzIjupkiIY8ofh71gtW0cGxGQwx_Gd9XjQ0kMj9IiGnqO7EA_sXg1qRYCkPu4Vq1AVHLTFo

Requested by

Host: minecraft.nagoya
URL: https://minecraft.nagoya/

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 May 2023 05:35:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 02 May 2023 05:35:15 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEIWna8-EwgLCTZLpY8G0Sws&google_hm=ZFChE6mNTdNneTThFBV-AgAADLEAAAAB&google_nid=index&google_push=ATf1kGOHR7Nu9j-xFtiY8UbqLoTfMGzIjupkiIY8ofh71gtW0cGxGQwx_Gd9XjQ0kMj9IiGnqO7EA_sXg1qRYCkPu4Vq1AVHLTFo
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 0
Expires: 0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame F5AE 0
50 B 32ms
31ms Image
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JnuHpimTEsdkPU27ucl5tsJxx0L8C4D3EZMJZmj6HB7WnBaQC6IfqKYU0MZGA0L_9fy2hB

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 05:35:15 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230426/r20110914/ Frame 8427 28 KB
11 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230426/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AlMiDZIJFSWWJAvUdpz9v6dSLn340ZjNAzNNPFnTVvmCAOBUYmctPM7SSBjx1YgwVeQ-X3HCXBB1CgtOHwOy0pY3P9Gg&cry=1&dbm_d=AKAmf-D_LImBbV-pvcimsMla9dGhtbT-_fvLSrB-6qLVO3im0k0adLZg7WRAxBDVvxTqF0ywHCXxoGwimv0H8fnt9F5fGxLEHEUB_LqPrMFEqGGyzLSI0dsfAAbGqogWHHRhX4fIXlZLEQihQEgXLdFhbfHP_A4Vrss6Tjxm9PjREiIAdbdleJuOQUi6B-OI0fOvm13W9Hccsugw6l4C3ske95Hm80UOE_y6zeKI-3iOs5AV_kGIM7Mso_Qt25N0dtxlwLTXWys5M05VGMOcEk55vuW9EHeRBrRL38npJ1axF686vtmc3PoKfQW_-c0VTguFCIKeXbRegZaN95IhlzNHr-vrFeziqiTxjbZeHQUMRqjZjXUM9Z2ekF2Sp4wTJledXjXkoIIYrmhERY8-_O9t2PTas4ReqbQFxCr3MrPovp3A5ydTVHCAVthagFtrVOBYL_nuuNaHLCPhWxhPy0ft4RKJZS_islCWzgIs9sThfiXSpTZJZLo7U0xsmMBM8NF-d2hpPlgRkEAdWr0JJtHOR9XV76Sdrvgh4OnftAJV0Q9TpYNDkRMYBj7_I5HvAutSOSAAIQYtMHCa7TJxxCpFWuoYrh5ss__IHXsKGwdFq3MspWzG3KU6kt8HrE5HWhU6EJ5SY0m5fpELpo-DUDiIAp5VhJ_rED9FJ87E8N6WivHFUsFPQ5TKFLxNKA7n_v0G346UuKrxRZwm-RaKHVB5XdMC-P10sKSVfbVY4l6NSt5tp7zDd04tnsaaI5wvJWgpoSGZAQCN3AVw18VwmJRWt0OJIKJJZLz99WGRzhZTztJx7CNgoPkE2es5bbgx_8rmRaH9Vq6HGzyFAHOWUxS6RT3_KpiMpRWhVHxFamTBBWo2x3Dw0eKluJTgBoNVxHsnkjmyp8mJVLBIxai1Gy-KYp1rgJkJFnaYfB_YT1EWXhlD5cyD0olWNe9eaLU1Tdpugx8lfC824Q9vsgwOnW8SOuMBelCYn_WrZWCxJtm_a-3dyhMIXR_FmG3u-8m518mnJKweyBfTsaHWgbA4CaXuHXyXj1M9cFNznVr8LKshotEIGq8c-HtGWD4ghPUsYqQaejaLSflU0mXa0ws9cRxXBiWT-4F6MvR0XyrgmYHe4EYa5qg9SPzv8kwmQwB0vJPmnA_joM9biwE22iuEfbzjuwdvsFLoxVjEUxC75xNaUswaoRWylHB4NnHCOphq8EIKrEDSnPgT5yVwXTWu6gM9ZDqCrL4ucdfBjbdggQICmpKTqNxY8w_QX5_rIaedAncYfKFr9Arv_v3gJ9uVccKd9x7h4vhPvwmawXt0lRGb9M1zKTo2exvz0EPq4X8s1ZiaPNujaWdFDVS3iG2KSrcKKwi563tjIoTFZvYml9hZa0VaqeVKo7Jp4RUml77ItqNF3Hp5ATaNM9oUoHJNURz9BTHFjtCaQGvPRlO07cDfZ-kX_8GoT7w1ANoEjJihphKxjujfWvx7CUX4jXRV4OFlQc92qKvcnOJK4mxyVO6LKc8gxCIvWsaJdGpJsXs5PzyIA0gs8fUapPb5PkXpluolFgkZrCi_qdWuUh_4ueaIsJjVAMRHAalWsZIT26bpnDHIWEFVpEE1oMHA7D_SXWsPl91XaX4iMIkP_fYkW2BkLeUoGEyUjEtZdyuiCO4GK2-4p5cTF6K1V60hlUuMrG0cudZNEXSuKWJWPpEQUc_lh_sp1R8EtzkkeTZR1MtQyYxKSvM-3ndl_fN6k3ZsMmZ6LZs71kOk2IxzS1aTI3fa4wM3vAD-dS48nx9kiuUJtfgLh-doueH17QWvOvfnFjA_SoR6PGbn8v4fIpioYv6-pcQ3fM9L5IFm2_jPBdKxG7B2m1lBoCEAQucuS8WdsF7cihSlgCvsII_jeHjQLGAVhCUwczdxaJpqGESVY9_K-G13oEGH3q_99E57ar1cSiZLHpVTTilvtWq-hVX0Xv08xiAiI9sSLuC96lpP9LKB5vkYXsNFpVUOo6PfXeWaQUCavGjR-r7w63k7oqtyIx_m16w6xw15AYXXxnqoDYqfAoYaCRjNSeH0Y5P1KxGwuOqMCyWpWluQpmK0hArEeNIJqO2KTz7AZXvfEiNksUzIeJGophntRPuTqyEmHs-pXP4KS-SwLJfriOEptlKwn6bRZaSfnu9zsx2oAsy8O6ubrMpXRVYefr-gueAVkpQMxDTkuzqGZg2zDlyc7nXgWtpKDxBC9GLIxn8gzZJRiezw3fFCkTH46K3NbMLjoxTy2rcHwlF1hTTohraHu3-mvOSZCCWo_9bjOgjEnysvSsF6QZ969KYrjCIv5pIq4tUHJfFiT4Kp1N98DQwNimGIA5D0T9K3aU9zb6yWBXcPK_tfsue-HqWdxc6ZaFsf2dP09KIqafxt89tAkolBnxLDN9I3CmSbZ6PNSHEBKmETxSCG_zy3jYd0h1cgHCvjGaS58zgNzjw4GS_YikR3uY4_dlF1EraAfvvRtp60QzO35y4xAsYQ73KgN8VzeehgNuKXGoQ266iCBpvVUAenrXl9XmZsIrwwdWBkKrsxbsLnLzCUy47aXhdimbL21hFUHw-bwHjDCUa9bMLB3yL1tjkIZwlpKPhDugxHRLIOjktgyT4H_VpTnd12TAy7sHjEwt0owHUKIvGb_r8WFtJnvWF0m0RTBIGf4eAXavA8jAe2cVsNwpbiCXquKnLDLBkHBH1nHVYFJ_DdQ7qQ208FHwEGR9c2o3B80s0G1DE9iCjrFKNSOvZrF1NdQ0vDK1zyR8MFDuUj00fDUOyKuERVB5ZagYvFTkUFGBZXR2rrwdWUUbRh-3NSXcyqtTxo6RMV1QL-LpppomuAT3P0XZlbr4dhqZFVPSZiUBjZt6GwSK42c-kLVHlx8pu_iNEEtFanDFx8dbejwvtJu6tthOU7pq0H4mTLDJ-yR5JoiA68fp2cHMnAkNxKaoP-5ONrvL7s74cZnWCeEKt-t4ALQXAr2ONtKV-wvdcQnUCBE9ippGdZ2USeBnxF7yLaK6TQKh4iS_csL5rnGO0zpIyVuutw3K1osXfzMbeotOSP-BqlUo0AAMj967c4TGQhk_rMvbVAMH_b7P9VdMuma-44tgUuEAaOvMZzppANKExey8UawkIyBXCsR92m15Oh6463-QsqlfrJVo1VleHPEV5gp38ndWM48JekujoBuoJ9JKunb4CleH8fKXN7m3_ofUZHTP_-RT1g3sC_m5afTsNqi5Xo1T0xkRkKIdnFRGxop8LnFBRX-UFpN-IecabgFqMCmUVV_xZaUQ0cSkr7_I8vUkbSM-znGZWO8l8CFDTKflMGnI_S60InunmTIiiEqh92&cid=CAQSOwBygQiDfgaRmks1jyRTOKcGdnJNyiKw_j1ya15xpzRV4iEHPqRHR8ysBEa5P4FLFYH_cAePD-qS4-0XGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fminecraft.nagoya%2F&ds=l&xdt=1&iif=1&cor=16827013859277562000&adk=3047537735&idt=78&cac=0&dtd=6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

750d70bfb8a9982b827656699387de0b63da65b2e9a247768005d9775bad42b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 20:21:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33197
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10878
x-xss-protection: 0
server: cafe
etag: 6410051166583139006
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 15 May 2023 20:21:58 GMT

GET
H2 200 3927814382236094893
s0.2mdn.net/simgad/ Frame 8427 60 KB
61 KB 101ms
23ms Image
image/png 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/3927814382236094893

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b90b9a1f113e2c58675a6c13193cbb2e57d5ccef8baa2171866434f63595fb76

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 02:54:47 GMT
x-content-type-options: nosniff
age: 9628
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61486
x-xss-protection: 0
last-modified: Sun, 23 Apr 2023 13:44:59 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 01 May 2024 02:54:47 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230426/r20110914/elements/html/ Frame 8427 11 KB
4 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230426/r20110914/elements/html/omrhp.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a9b847c681a24b03ba8acc0b4dcd8aab9acf8c4d3131be784d488e2402d57427

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 20:08:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34026
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4122
x-xss-protection: 0
server: cafe
etag: 11429739870029468282
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 15 May 2023 20:08:09 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 8427 0
0 141ms
66ms Fetch
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstTkFkSC5Fh_P7hZrWqJzkDsvnzjHNXK8rd9yoiY5HfZ5S3gqwSoT7I_4eGjreGQlmbC_syEoclJILdwVjjla0KZDpi6wSjuuXiEdYr7zihEjOLogPa_U_JtifJm7cNb7y_UjKeMTR9gHFiCrGxIFN_RPA208KlsuHgII-Y88dIYfkV8a3-Plu1u4mSknF3xTW5wl2hhJ_6on0fUp-15GJoLlpWEabmXP4kkKCNBhxFhuGFYYN6FYpVYVpVCj2lOi9Z_ZX7OGV2HHaylXhdojvqiGP_A9FqPtVe4wAn6YiSQ5NXZ7ngjFb70_IZqlzH3pSpjnRa3xxR4zFS_HP5_ABbm7iuf9risXefR3OEsTVV1DQ3_hC2zAfA89yHHPFi8Y6ORjJb_jjuTZy22LQoJYgon5sK3NaZs9j4sAk8WPbWpBF3ksmT7h89HvqTpHZo1z2QHfSSjrTrrgAtqvubwZ642-RnneTslUIiNdwzzsV6g2Jz_92MvzOvf569PbZoH8B9VQ53I9E2RgDZuUQ_zfCqBszFyHAql62rS44bqJ-WCnb1Ehj7swgBe7ttTV_4X1CiBmR57vibh7Fffzo6LtYFBjYsT_KFQwZD_BhElucz86s7mboj6f_8aFkO1cWQvSxfBmJ_Srfh8DizWbnlIJlWhg6LmcXLLMJCebfaIPL70elwv9z2DLHbE2_H2Y-bI-zhH5qjgH--vnhRkJWZqv_ZzMlDM82kx4MtGN18Sjbg2T5IPvt4YKHs1rY-G7FLrivzcLkN8zvQK0O-IqFnX5uO8Rb3XNA5emorqp5GboTjKVRzlV4KwNtbN9uOkX63BfFC1biWMR0qEZZMLkbc9R4Z-y88c4gGJkOCjxkhj_b-Qqo8liuoxJcF-NInKsmycSdrwmQ1tOssa-qvj5dtTsIC_0tAIlIjMklk81PGeqYC5jfu1PmTvG8QN7o9gtyIr0VcY8C_XcmurKlE1t3GpPySRs8P8EZdL2ZyE9fX5gVoeu1YvYfj9pw1b5Y3KYzLO4D57HEfOWKqEV6qWBdVlPhcxIuXSkqPqiPl9AgTdABMY2H5ilAgpwpT8NzS7mjdW_UKKpFc3rnO3wIfZ2kcIWw4yDVp3rsdJQ5aPGkoB0r4xbxu6W_UJhQ4X9P1i7vu__dsEnLhIe85lEqJumLFYLz3xn2Kwou0TSaIKCa_6EyNy5K1nB9lwU8kr8IyAhASIc5fd7HaBN90&sai=AMfl-YRNUsksKy4JHx5Dl1sHJpBJ-PGBvey4H7XjBmbwN5D8ZrWUYV5SEBFDHEecgIiYwbgYSX_Kyp2VyXwd34IYacB4nMmg9vn4uKnMas3w9MCR8oPKBWJtuLulx0-eiDg_PndQ_Vno9W05X0fHKal9CcWnTGgQWttiJr7VVELAxFY6kCzcup7oRaOPJn7AYmLeSpq2BowJU3N5OVbAygj0v9KWK1zpLpNw90IpEyUpKiXjpRcuBMohQEIhRoCHW7qHV7I2&sig=Cg0ArKJSzLJoLQCDXEhzEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20230426.38228&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 02 May 2023 05:35:15 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Tue, 02 May 2023 05:35:15 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 8427 41 KB
15 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 14:54:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 484832
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 25 Apr 2024 14:54:43 GMT

GET
H3 200 sRhYKH_5dmvPrul9dgGb794WXhJ3dcjrskH3Px1HIuI.js Show response
pagead2.googlesyndication.com/bg/ Frame CE35 36 KB
14 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/sRhYKH_5dmvPrul9dgGb794WXhJ3dcjrskH3Px1HIuI.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b11858287ff9766bcfaee97d76019befde165e127775c8ebb241f73f1d4722e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 06:55:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81568
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14021
x-xss-protection: 0
last-modified: Tue, 25 Apr 2023 09:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 30 Apr 2024 06:55:47 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame E4A2 1 KB
643 B 27ms
24ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 82045
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 01 May 2023 06:47:50 GMT
etag: 48472445140208031
expires: Tue, 02 May 2023 06:47:50 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 1717 22 KB
8 KB 35ms
22ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 147810
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 30 Apr 2023 12:31:45 GMT
expires: Mon, 29 Apr 2024 12:31:45 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 8427 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f96ea0658ac0d11f8bd98a4f55ed0ebf37ea0df254f571d140b0146fbf767821

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 1468 42 B
64 B 103ms
58ms Fetch
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstF3XU3V5_AksIiU7gcFY4ediuywRAKxx4FyKk96jApQMgrCmsk6FOZZLhtGvsl6gwCNm93XDb7FgcmEs9zkCtYkAbAJ0Rs7833RNiYClknamrQ995pXxoND3_aiuRcrWbyqc4jrg&sai=AMfl-YS9F4iPi45ZZJ6kVXG_OmdaE7xOaSyp2HHf5dbIfj4JfYzm7nS6tpdTafDG634Tm4NY20iQ83-olG7j&sig=Cg0ArKJSzPqXGROL2o67EAE&cid=CAQSGwBygQiDjFpXjIbBseZajYI_2Bv4Dbl5g3sbUBgB&id=lidar2&mcvt=1017&p=0,0,200,1110&mtos=1017,1017,1017,1017,1017&tos=1017,0,0,0,0&v=20230501&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=537440905&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1683005713853&rpt=779&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 May 2023 05:35:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 8427 0
0 62ms
61ms Fetch
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstTkFkSC5Fh_P7hZrWqJzkDsvnzjHNXK8rd9yoiY5HfZ5S3gqwSoT7I_4eGjreGQlmbC_syEoclJILdwVjjla0KZDpi6wSjuuXiEdYr7zihEjOLogPa_U_JtifJm7cNb7y_UjKeMTR9gHFiCrGxIFN_RPA208KlsuHgII-Y88dIYfkV8a3-Plu1u4mSknF3xTW5wl2hhJ_6on0fUp-15GJoLlpWEabmXP4kkKCNBhxFhuGFYYN6FYpVYVpVCj2lOi9Z_ZX7OGV2HHaylXhdojvqiGP_A9FqPtVe4wAn6YiSQ5NXZ7ngjFb70_IZqlzH3pSpjnRa3xxR4zFS_HP5_ABbm7iuf9risXefR3OEsTVV1DQ3_hC2zAfA89yHHPFi8Y6ORjJb_jjuTZy22LQoJYgon5sK3NaZs9j4sAk8WPbWpBF3ksmT7h89HvqTpHZo1z2QHfSSjrTrrgAtqvubwZ642-RnneTslUIiNdwzzsV6g2Jz_92MvzOvf569PbZoH8B9VQ53I9E2RgDZuUQ_zfCqBszFyHAql62rS44bqJ-WCnb1Ehj7swgBe7ttTV_4X1CiBmR57vibh7Fffzo6LtYFBjYsT_KFQwZD_BhElucz86s7mboj6f_8aFkO1cWQvSxfBmJ_Srfh8DizWbnlIJlWhg6LmcXLLMJCebfaIPL70elwv9z2DLHbE2_H2Y-bI-zhH5qjgH--vnhRkJWZqv_ZzMlDM82kx4MtGN18Sjbg2T5IPvt4YKHs1rY-G7FLrivzcLkN8zvQK0O-IqFnX5uO8Rb3XNA5emorqp5GboTjKVRzlV4KwNtbN9uOkX63BfFC1biWMR0qEZZMLkbc9R4Z-y88c4gGJkOCjxkhj_b-Qqo8liuoxJcF-NInKsmycSdrwmQ1tOssa-qvj5dtTsIC_0tAIlIjMklk81PGeqYC5jfu1PmTvG8QN7o9gtyIr0VcY8C_XcmurKlE1t3GpPySRs8P8EZdL2ZyE9fX5gVoeu1YvYfj9pw1b5Y3KYzLO4D57HEfOWKqEV6qWBdVlPhcxIuXSkqPqiPl9AgTdABMY2H5ilAgpwpT8NzS7mjdW_UKKpFc3rnO3wIfZ2kcIWw4yDVp3rsdJQ5aPGkoB0r4xbxu6W_UJhQ4X9P1i7vu__dsEnLhIe85lEqJumLFYLz3xn2Kwou0TSaIKCa_6EyNy5K1nB9lwU8kr8IyAhASIc5fd7HaBN90&sai=AMfl-YRNUsksKy4JHx5Dl1sHJpBJ-PGBvey4H7XjBmbwN5D8ZrWUYV5SEBFDHEecgIiYwbgYSX_Kyp2VyXwd34IYacB4nMmg9vn4uKnMas3w9MCR8oPKBWJtuLulx0-eiDg_PndQ_Vno9W05X0fHKal9CcWnTGgQWttiJr7VVELAxFY6kCzcup7oRaOPJn7AYmLeSpq2BowJU3N5OVbAygj0v9KWK1zpLpNw90IpEyUpKiXjpRcuBMohQEIhRoCHW7qHV7I2&sig=Cg0ArKJSzLJoLQCDXEhzEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=156&vt=11&dtpt=155&dett=2&cstd=0&cisv=r20230426.38228&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 05:35:15 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 02 May 2023 05:35:15 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E4A2
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEG8I-lShkf8f1PwOMLWRgro&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEG8I-lShkf8f1PwOMLWRgro&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=clhaMnZPbkIxUFRJRnQ1&google_gid=CAESEG8I-lShkf8f1PwOMLWRgro&google_cver=1&google_push=ATf1kGN1wxkKbRTzoflGBOrhx4Zbcu9issiO41yVDbALkPf...

170 B
188 B

33ms
32ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=clhaMnZPbkIxUFRJRnQ1&google_gid=CAESEG8I-lShkf8f1PwOMLWRgro&google_cver=1&google_push=ATf1kGN1wxkKbRTzoflGBOrhx4Zbcu9issiO41yVDbALkPfmhs4n7jTXf0ALyo7SjfpQW0UAkHCQ7cZlyEgCmEQBM-SvOhc7M6H3tA

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 May 2023 05:35:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 02 May 2023 05:35:15 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-775-g5f74e41#rel-ec2-master i-0a06c616171ab44f5@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=clhaMnZPbkIxUFRJRnQ1&google_gid=CAESEG8I-lShkf8f1PwOMLWRgro&google_cver=1&google_push=ATf1kGN1wxkKbRTzoflGBOrhx4Zbcu9issiO41yVDbALkPfmhs4n7jTXf0ALyo7SjfpQW0UAkHCQ7cZlyEgCmEQBM-SvOhc7M6H3tA
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame E4A2
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEPZVjsWMErnjeT1eKNmKppY&google_cver=1&google_push=ATf1kGO0kEFOkQWG-uOzoRpUOePSrqQdS5HCv5c5oc3tB7MYbiK91v3Cjr9Q8xFu8xZ16p1SyRtAR9SnELhEMRzfpaCNlpFfBY5rE...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEPZVjsWMErnjeT1eKNmKppY&google_cver=1&google_push=ATf1kGO0kEFOkQWG-uOzoRpUOePSrqQdS5HCv5c5oc3tB7MYbiK91v3Cjr9Q8xFu8xZ16p1SyRtAR9SnELhEMRzfpaCNlpFfBY5...

43 B
443 B

207ms
191ms

Image
image/gif

2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEPZVjsWMErnjeT1eKNmKppY&google_cver=1&google_push=ATf1kGO0kEFOkQWG-uOzoRpUOePSrqQdS5HCv5c5oc3tB7MYbiK91v3Cjr9Q8xFu8xZ16p1SyRtAR9SnELhEMRzfpaCNlpFfBY5rEfI&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGO0kEFOkQWG-uOzoRpUOePSrqQdS5HCv5c5oc3tB7MYbiK91v3Cjr9Q8xFu8xZ16p1SyRtAR9SnELhEMRzfpaCNlpFfBY5rEfI%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Protocol: H2
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 May 2023 05:35:16 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7c0de65c6bb51e62-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 02 May 2023 05:35:15 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 217
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEPZVjsWMErnjeT1eKNmKppY&google_cver=1&google_push=ATf1kGO0kEFOkQWG-uOzoRpUOePSrqQdS5HCv5c5oc3tB7MYbiK91v3Cjr9Q8xFu8xZ16p1SyRtAR9SnELhEMRzfpaCNlpFfBY5rEfI&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGO0kEFOkQWG-uOzoRpUOePSrqQdS5HCv5c5oc3tB7MYbiK91v3Cjr9Q8xFu8xZ16p1SyRtAR9SnELhEMRzfpaCNlpFfBY5rEfI%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7c0de65b4a951e62-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E4A2
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEO9ldJWOdyFM_7aXaDO9a38&google_cver=1&google_push=ATf1kGOhIcwKU9J0giJhKiRiXfnfNfmkEe0JtE5eCzeZHgvuImNkedh5QWNWXqiSPlRpRdgcdWXRRWAAv33qi1...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIyODQ1NDUwNDkyMDk3MTQxMQ%3D%3D&google_push=ATf1kGOhIcwKU9J0giJhKiRiXfnfNfmkEe0JtE5eCzeZHgvuImNkedh5QWNWXqiSPlRpRdgcdWXRRWAAv33qi1IonQ...

170 B
188 B

33ms
32ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIyODQ1NDUwNDkyMDk3MTQxMQ%3D%3D&google_push=ATf1kGOhIcwKU9J0giJhKiRiXfnfNfmkEe0JtE5eCzeZHgvuImNkedh5QWNWXqiSPlRpRdgcdWXRRWAAv33qi1IonQGsBZ03b8eBj5I

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 May 2023 05:35:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIyODQ1NDUwNDkyMDk3MTQxMQ%3D%3D&google_push=ATf1kGOhIcwKU9J0giJhKiRiXfnfNfmkEe0JtE5eCzeZHgvuImNkedh5QWNWXqiSPlRpRdgcdWXRRWAAv33qi1IonQGsBZ03b8eBj5I
Date: Tue, 02 May 2023 05:35:15 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E4A2
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESELHeAcDnrg-Ap3YgmGV581M&google_cver=1&google_push=ATf1kGOuP6rGbJT7v-76_ax0u2nvprDpHgM1eso7PI4hNDh_JdAsYEff0dpl45DoS19d3RPE5ClQq6R95GDBPBnkqKV90P7...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGOuP6rGbJT7v-76_ax0u2nvprDpHgM1eso7PI4hNDh_JdAsYEff0dpl45DoS19d3RPE5ClQq6R95GDBPBnkqKV90P71RHXOxnM&google_hm=eS1CWEllaHY5RTJwRzh...

170 B
188 B

31ms
31ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGOuP6rGbJT7v-76_ax0u2nvprDpHgM1eso7PI4hNDh_JdAsYEff0dpl45DoS19d3RPE5ClQq6R95GDBPBnkqKV90P71RHXOxnM&google_hm=eS1CWEllaHY5RTJwRzhyVUNKRldQa2lpd09kcEZZOWUxeH5B

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 May 2023 05:35:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 02 May 2023 05:35:15 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGOuP6rGbJT7v-76_ax0u2nvprDpHgM1eso7PI4hNDh_JdAsYEff0dpl45DoS19d3RPE5ClQq6R95GDBPBnkqKV90P71RHXOxnM&google_hm=eS1CWEllaHY5RTJwRzhyVUNKRldQa2lpd09kcEZZOWUxeH5B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E4A2
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEF74fXQx2lAIv6dKjaw_tDY&google_cver=1&google_push=ATf1kGNf23DT1hsa41r9q0KBqDDHvkwidjio03R1ofI5FOKgKzsN_V7Eq2kqW1JdNV8VkWXLf8s8Q54owp73qTi_YKfcYMn...
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEF74fXQx2lAIv6dKjaw_tDY&google_cver=1&google_push=ATf1kGNf23DT1hsa41r9q0KBqDDHvkwidjio03R1ofI5FOKgKzsN_V7Eq2kqW1JdNV8VkWXLf8s8Q54owp73qTi_YKfcY...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ATf1kGNf23DT1hsa41r9q0KBqDDHvkwidjio03R1ofI5FOKgKzsN_V7Eq2kqW1JdNV8VkWXLf8s8Q54owp73qTi_YKfcYMn7-jLMsmM

170 B
188 B

32ms
32ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ATf1kGNf23DT1hsa41r9q0KBqDDHvkwidjio03R1ofI5FOKgKzsN_V7Eq2kqW1JdNV8VkWXLf8s8Q54owp73qTi_YKfcYMn7-jLMsmM

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 May 2023 05:35:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=ATf1kGNf23DT1hsa41r9q0KBqDDHvkwidjio03R1ofI5FOKgKzsN_V7Eq2kqW1JdNV8VkWXLf8s8Q54owp73qTi_YKfcYMn7-jLMsmM
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E4A2
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEHbtkvei_FKEIlfWGyNkS_E&google_cver=1&google_push=ATf1kGNPZplWuubpwBEO5YZe92qNwET-NWW5TNNnbPBQM0KbaP9kaM7ecuqg4shH7buPo3JPQQrc28RN...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEHbtkvei_FKEIlfWGyNkS_E&google_cver=1&google_push=ATf1kGNPZplWuubpwBEO5YZe92qNwET-NWW5TNNnbPBQM0KbaP9kaM7ecuqg4shH7buPo3JPQQr...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTk1ODUwOTE0MTczNDE0NTY2Nw&google_push=ATf1kGNPZplWuubpwBEO5YZe92qNwET-NWW5TNNnbPBQM0KbaP9kaM7ecuqg4shH7buPo3JPQQrc28...

170 B
188 B

31ms
30ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTk1ODUwOTE0MTczNDE0NTY2Nw&google_push=ATf1kGNPZplWuubpwBEO5YZe92qNwET-NWW5TNNnbPBQM0KbaP9kaM7ecuqg4shH7buPo3JPQQrc28RNDe-Egv-E_mWNlhCKfTYbNw

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 May 2023 05:35:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 02 May 2023 05:35:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTk1ODUwOTE0MTczNDE0NTY2Nw&google_push=ATf1kGNPZplWuubpwBEO5YZe92qNwET-NWW5TNNnbPBQM0KbaP9kaM7ecuqg4shH7buPo3JPQQrc28RNDe-Egv-E_mWNlhCKfTYbNw
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E4A2
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=nDawW8KdTt-LY963v9n6Hw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

32ms
31ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=nDawW8KdTt-LY963v9n6Hw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ATf1kGNxrQ-ilYuvwJ1aZfe9U88usk8m9pCd1PMOG6n5gu95_mcyLxg9Z-KCSv4B4sWyglUoKzUeQRYK_ktLn9H2ff1ibWcinmlgeXs

Requested by

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 May 2023 05:35:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=nDawW8KdTt-LY963v9n6Hw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ATf1kGNxrQ-ilYuvwJ1aZfe9U88usk8m9pCd1PMOG6n5gu95_mcyLxg9Z-KCSv4B4sWyglUoKzUeQRYK_ktLn9H2ff1ibWcinmlgeXs
date: Tue, 02 May 2023 05:35:14 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame E4A2 0
12 B 30ms
29ms Image
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K3L3qTubEUrbNf-x2SEfkW5OO-84cHORzWJ30AMZQH8Dh2gsI7VDM_fhTwuMQ9zEtIkAjJ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 05:35:15 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 sRhYKH_5dmvPrul9dgGb794WXhJ3dcjrskH3Px1HIuI.js Show response
pagead2.googlesyndication.com/bg/ Frame 1717 36 KB
14 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/sRhYKH_5dmvPrul9dgGb794WXhJ3dcjrskH3Px1HIuI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b11858287ff9766bcfaee97d76019befde165e127775c8ebb241f73f1d4722e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 06:55:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81568
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14021
x-xss-protection: 0
last-modified: Tue, 25 Apr 2023 09:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 30 Apr 2024 06:55:47 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 72ms
72ms XHR
application/json 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230426&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0a23d73c052a91257b2ef50baeab4eb8d2a777bd03d44bf08272f1963332f96a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://minecraft.nagoya/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 05:35:15 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11363
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://minecraft.nagoya/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 05:35:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 02 May 2023 05:35:15 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1717 0
20 B 60ms
59ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BSVZWE6FQZPbGG6Kn9u8PtOGH6AcAAAAAOAHgBAI&bg=!g4ClgNTNAAb9Sbh13Uk7ADkAdvg8WmYNwoy8g3rpdpryt7l516SkgfUcHmjmpKj_iMkALFMj8kSusd9kYfStwgdkmxL0zfN8oXsCAAAAaVIAAAADaAEHCgAKL39xSKZQVBZhYJkDAATIQgJTPjJ4DSYwkG4Q04aS0SqTJi_-NUplOfOXVwlHy6z73tMBHaeltE9eVCCvgpPhbu4Cv3kVx0hX5BffuQSpAQkqrxG-jQAkb9IS1GzbBvbrGf6FpMS4LGsdUkZ7JHnda7zjQMS_NY9rwgWh59P7n8cUJyCEYEhJtfVIjCmOIJw9M3_hrq-tHisfMjGMuQ_EOUhuXegdCjlCxg9T9AqcJ6y_jApYDoj6luUxvV7gO6nYjLg4g7RKuFh1lk-c56AabYy2pkhS5gMEZg-sKegk5SdBqkZ8ZgfvlaBIj42wvW4rie-OH6OENWeRMptX1No1XAJQymSzzw8Jtk-u_NzTeUqc57p-WRyB34uohuDAfAjsgHpHN2yjtOyLGqCr2-wCVqLw9WhOfEyy6UEwI6etaKoWC0NDzhJ5X9jbUFYEJ2ObwX-hELT3Hh5dK67t-xb2ixAzP0J0VcF9GdU6O7xOeUHSLzheKDQU78rCkRWwZ9HHaF9py-qweqtmIl81T9LNd8KkR-IexJ_Zxaje-iF0qCWFPPQ8EsUhhdnegauN6YCshInqfFjbscjFeSfwwaJZpLyYYaLhjSN1A3d3NMIe1IGUC3ZsMZmwQdFuy9LXlQlUcjkYPGCDlJ9a_Soqsee_WT8GhZN_xnVOMc6NvBpziIrz9Bn9aZDbHjrNJ3WvqIloy7ySsHvVQ0kIRQXrKXHismPZaBrTr7kZ-J6PJztx5DRwy5Uo3Nli0p0EaQHBOQqecG24mt3ZJrqfkMh-shqMQDsNwlzEZCThN8uKmChf0JH5YQIjmx8y3GyLhauHDOz1L3U8YNpZcANQG7vFgt46rZ0M0ByogfvX5Wn5FJtqaUvgDXpM_7HFSkY0nanYwizCww4ON7AVmY7SdcmNF10Ye4lvboYFHCURTwDhtIOKZqYxJLTf2yQ05IzFNZSQadIkBC4cDMsDWgAceC7KZ_kCGAcCfHUbGEYFUbaorfBevuBvaujibT1cpH_OuQNzanTSyCGlFUpyTFueXa92zg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 May 2023 05:35:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 196F 13 KB
5 KB 23ms
21ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://minecraft.nagoya/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 37682
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 01 May 2023 19:07:13 GMT
expires: Tue, 30 Apr 2024 19:07:13 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 9D64 783 B
536 B 30ms
30ms Document
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

4d1d27323c901a2806922ac3e9311482504094c1e0c089896681151ea726c5b6

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-UkIBQpTj16smUGMDdAGxLQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://minecraft.nagoya/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-UkIBQpTj16smUGMDdAGxLQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 02 May 2023 05:35:15 GMT
expires: Tue, 02 May 2023 05:35:15 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 sRhYKH_5dmvPrul9dgGb794WXhJ3dcjrskH3Px1HIuI.js Show response
pagead2.googlesyndication.com/bg/ Frame 196F 36 KB
14 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/sRhYKH_5dmvPrul9dgGb794WXhJ3dcjrskH3Px1HIuI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b11858287ff9766bcfaee97d76019befde165e127775c8ebb241f73f1d4722e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 06:55:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81568
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14021
x-xss-protection: 0
last-modified: Tue, 25 Apr 2023 09:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 30 Apr 2024 06:55:47 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 9D64 0
0 55ms
55ms Image
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230426&jk=283296863923680&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 196F 0
11 B 23ms
22ms Image
text/plain 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?3ZCVDw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 05:35:16 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 60A7 42 B
64 B 58ms
58ms Fetch
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuVUEqDumWbLlMHbpSNNK65Drxtw3av8gogjz-MgZt9pEmCQeLwTUTnitT1FNaH7py9j6mj4P6frWBIHovTFpM2bUeVdRNqUWHfcviQVBFnRBGlLCFeN2kIcNtYEhSePVEH54uuhg&sai=AMfl-YSY87fzFfJk7L067iCDp_rrRoBWe0wp496qtGGg8ljZMaWqKi2XRkd--djcKASP8hqUUceGFtg_tynd&sig=Cg0ArKJSzBKyL74p4T6YEAE&cid=CAQSGwBygQiDylXc0alZ7uS5o2GGBJwmoWxyjKS81BgB&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=88,774,1000,1020,1020&tos=88,686,226,20,0&v=20230501&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1683005714662&rpt=363&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 May 2023 05:35:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 65ms
64ms Image
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230426&jk=283296863923680&bg=!TU6lThrNAAb9Sbh13Uk7ADkAdvg8WlzujkGdcWGD-LTkxkvPJ6smFj3FgT9ftCCuvEVVa9dn24tJomvp3LDKnORZWYZqXGkBGm8CAAAAV1IAAAADaAEHCgBAJGiQP719bded47F0ukxBfoowt6JWjnuVOricaTcwfUnTJS-p2fU9tmVsIYgQNX0JRhQxLdkkzDsQzC5WKrD9e5kCyRHh8X63LxHEmgR4F0H0sfSccof8lkrieRRh9u4akAF-Fid5tzTAGf8SC_sUSXbqXPtfqTN3yAw94qud523fmrdt1MmWx-dNbY97YylNvPlLjCCLRiM3Am-9Ed-pF0FboXmKsT12oqL02lQltNtwHcdajTbz1clHb_FyjPZCZgZeKYbMgqp8hE2YQ-60bQ53CZxxMjz8hFxIdKrVxPFRL2LPP07pdn08fLsoGCyfodjRq_odkAAEMWOvVMJAkRpYTVfzAVePaO57d6reA57yiAjzF8bETZqT3IB5SqHDtn2DlWuRaQ6FqH8eLgBvy6eKjjqu9i2xX9AuJAkGhnmjWlb-BNUm94U9gZGhhqExdA6ClgOTu5s9xM8AWpGjs5418YEfZ4Q0BIlQAG2cHmxnjTRBSS1dTyllADn2M3A79hOLvJBdqlTfS4xKg94QO-ovhH2DiS8Xg6X8v1Kuyjx6EkOv141V9NA7Si3InaVF673zGyhfg16p57E-huXudoOkFf7N0nuQTELF-uq5Pewzxii6Nh3raNo0kVe7FnumR2ha-TtgW__3rbhf6Sc-9znt2uphILABr4upBJ_dgh74dNII3VjmFmOc-O1nCYmsUe73Jh7wqPkZIvoWuXqMxQVE-u50JW1PonReDr4SH60OUDCCuPjg3aKTM5ug2aLwD5byB_QtoUEEv23UWvcfOhLM_XlJgB3_bE7i5bjW1Oyl-n5Y6oF0ETglvz0O29XVGIsnQUPgY1KlocZwUcWdLypRGV5NHo_G8ETz4EiFACHwRE6d6L7zKugKuSkfRe3Rssu9j4dovfOBGx2k8f6Ct89DrN64iDuUa2jsiCqnz3B8_h-KinlTOc11o00eCZK36aU3z5wBrLP6oc6TAQEwYjbtbOMucA8oy-_3ISOiHJ-Jyslg52qMc1EPH2MWy3o7LHl3NBhRbKV1W3jV
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://minecraft.nagoya/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8427 0
20 B 56ms
55ms Ping
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=2273981098475&version=m202301230201&ct=76&x=1&cor=16827013859277562000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 May 2023 05:35:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

59 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

26 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.minecraft.nagoya/	1970-01-20 11:31:32	Name: _gid Value: GA1.2.2037168531.1683005714
.minecraft.nagoya/	1970-01-20 11:30:05	Name: _gat Value: 1
.minecraft.nagoya/	1970-01-20 21:06:05	Name: _ga_65P2VB0SET Value: GS1.1.1683005713.1.0.1683005713.0.0.0
.minecraft.nagoya/	1970-01-20 21:06:05	Name: _ga Value: GA1.1.1412944886.1683005714
.minecraft.nagoya/	1970-01-20 20:51:41	Name: __gads Value: ID=154d9255d3c89d67-227c4f41b6dd0061:T=1683005713:RT=1683005713:S=ALNI_MZvsZ2WKGHBjjuP__yWjPzGgmBKEg
.minecraft.nagoya/	1970-01-20 20:51:41	Name: __gpi Value: UID=00000bf3cd2149b3:T=1683005713:RT=1683005713:S=ALNI_MYmxOVbpcCEq-lthveDompEJESYpA
.doubleclick.net/	1970-01-20 20:51:41	Name: IDE Value: AHWqTUlup5LkC7dack4m4McDvPHs--KIeaTlWrAjNmry-ZLEdsnaD9muzyUFvQam05c
.doubleclick.net/	1970-01-20 11:30:09	Name: DSID Value: NO_DATA
.casalemedia.com/	1970-01-20 20:15:41	Name: CMID Value: ZFChE6mNTdNneTThFBV.AgAA
.casalemedia.com/	1970-01-20 13:39:41	Name: CMPS Value: 3249
.casalemedia.com/	1970-01-20 13:39:41	Name: CMPRO Value: 3249
.travelaudience.com/	1970-01-20 21:01:46	Name: _tracker Value: %7B%22UUID%22%3A%229627EB20-D234-47F8-8C6C-70372A0F6142%22%7D
.mathtag.com/	1970-01-20 20:56:00	Name: uuid Value: 32596450-a113-4500-8632-2f07b4211e17
.mathtag.com/	1970-01-20 12:13:17	Name: mt_mop Value: 4:1683005715
.pubmatic.com/	1970-01-20 11:31:32	Name: KTPCACOOKIE Value: YES
.yahoo.com/	1970-01-20 20:16:03	Name: A3 Value: d=AQABBBOhUGQCEFzkECOT-Lt8Ek4AQP2fcM8FEgEBAQHyUWRaZAAAAAAA_eMAAA&S=AQAAAmHEPvWcjSXqmD1fv_rAIkI
.adnxs.com/	1970-01-20 13:39:41	Name: anj Value: dTM7k!M41.D>6NRF']wIg2GUiZAh9y!1yIE`fS1ueD1W-044)d+]UgQ)/9szr=SAjEA7>$X)M-_+0Mr=1TYaJXleh4%nugO%v4VB%nl=x)gubO
.adnxs.com/	1970-01-20 13:39:41	Name: uuid2 Value: 9060016205318594580
.pubmatic.com/	1970-01-20 20:15:41	Name: KADUSERCOOKIE Value: 9C36B05B-C29D-4EDF-8B63-DEB7BFD9FA1F
.adfarm1.adition.com/	1970-01-20 13:39:41	Name: UserID1 Value: 7228454504920971411
.adform.net/	1970-01-20 12:14:44	Name: C Value: 1
.w55c.net/	1970-01-20 21:01:46	Name: wfivefivec Value: rXZ2vOnB1PTIFt5
.de17a.com/	1970-01-20 20:08:29	Name: guid Value: 1.5577326177485980992
.adform.net/	1970-01-20 12:56:29	Name: uid Value: 5958509141734145667
.w55c.net/	1970-01-20 12:13:17	Name: matchgoogle Value: 5
.tribalfusion.com/	1970-01-20 13:39:41	Name: ANON_ID Value: a4nseFSZdIijSTnMSYlNh9ZdMFnfpe1cdXWecSZdHZasO88hBrWIKc5FiHZdf7QMwudZdO9QJfXlRk4e4rUnjSOqsn

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
ads.travelaudience.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
c1.adform.net
cm.g.doubleclick.net
d5p.de17a.com
dclk-match.dotomi.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
image6.pubmatic.com
minecraft.nagoya
pagead2.googlesyndication.com
partner.googleadservices.com
platform.twitter.com
pm.w55c.net
pr-bh.ybp.yahoo.com
region1.google-analytics.com
rtb.openx.net
s.tribalfusion.com
s0.2mdn.net
ssum-sec.casalemedia.com
stats.g.doubleclick.net
sync.mathtag.com
syndication.twitter.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
104.244.42.200
142.250.186.34
172.217.18.2
185.29.134.244
185.64.190.78
185.80.39.216
185.89.211.116
199.232.148.157
2001:4860:4802:32::36
213.155.156.167
2606:4700:3036::ac43:bd6d
2606:4700::6812:18ad
2a00:1450:4001:800::2002
2a00:1450:4001:802::2002
2a00:1450:4001:808::2001
2a00:1450:4001:809::2002
2a00:1450:4001:80e::2004
2a00:1450:4001:813::2002
2a00:1450:4001:813::200a
2a00:1450:4001:827::200e
2a00:1450:4001:82a::2008
2a00:1450:4001:82f::2006
2a00:1450:4001:831::2002
2a00:1450:4001:831::2003
2a00:1450:4001:831::200a
2a00:1450:400c:c07::9a
2a02:fa8:8806:12::1400
2a05:d018:d29:3601:aa7c:1c33:de1d:a4ba
35.186.253.211
35.190.0.66
37.157.3.20
54.93.45.240
85.114.159.118
0761599a569a3a6c03de9e05afc2cf135fb6581abb26c89b3615f46988b31fad
0a23d73c052a91257b2ef50baeab4eb8d2a777bd03d44bf08272f1963332f96a
0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0cf67aadd9bc4754c19b371b62c5283306af75fe84f2c3b674b3fea5ea63d8b8
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12a3831e778d8969aad8052ad463f9ecc63745c97c994c4e8b15c04e46f49b39
14a49d3789d9242d33d48bf8b536a6cc9b5a17eb21dcf90b289ed5015a8c339c
14c77f954be37da1e7fba8efd1279e7ece7e384d33b8375d6e6a1ce013daaf47
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
257a2c7508baa19693d8fa2a393c81afe3039547ef42f1f2a1ac574df28df1e5
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
35c30723a8e9b61d4b0f728eef929b8134697201c8e72c2c65a74978c005c6f5
392c9fa9cd1273a2a89d1a83a69cd1f63f21d1d55e7be21e1d8f51f25145668b
3b2f6d7b6819c616dc6530caa4a987a9f7f37f7fef279dae62124b75c26a8240
4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf
400fabe35a47597142482001174f415493a18dc7e1d35f2f66385013b7dd1e02
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
45a61a04904fc2115c440a349a65dc93d2965b0b24dc5a8172bd8b792bdbf103
46b3e081067e631f9a1049fbfa37844da854f741b7f9a45900dc02a19a4ef143
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d1d27323c901a2806922ac3e9311482504094c1e0c089896681151ea726c5b6
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
51b9a80bb5b987880dbde1d15bc552bb7ef1881b7d6a25b18bda20341b12e2cc
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
647019f8c96503afffc80d4a4c6f140ba772320ff4814695ceb455761dfb25bd
6a160163eba6007a47cdecdab07ec5d3d2ec6e793774d44a1e36708755a28260
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
750d70bfb8a9982b827656699387de0b63da65b2e9a247768005d9775bad42b8
794c39fc5a469edc267bd06213a221854a3c741de8221e185f141dc432619adf
7c69bfc0b19c4f2d1eb6451e4f2847ce1455baa9463fda89a0dff54625c62f36
831997ce334905a4fc3c7f0673c30bd34701f9810d87b19335aea228804ae38a
84f2a35a6292cf7ad1e43ec9603349fe37590bf693d11d1a76af48e52c3ee8b7
874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4
88a95882581fbaf9d0d9e44f5707f6dd1bf350eaddd791b463fcec00017d69f1
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9e5e995f0936d63304195ab72af99edee3c10d218a5d57719b13c94780631127
9fe1e1a729d0d8a1042ea6f19b0ce23f84f2d5f77115ab9bf30fafe424451d27
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a1f6a852ea922e4e8b7b1699f790cd73ee3ff02b6d65c2bf1abf392c8f88b582
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a9b847c681a24b03ba8acc0b4dcd8aab9acf8c4d3131be784d488e2402d57427
ab646913981bd4d59bf0d361024dd254cd33c256b65d45817b91aa1b8ff98e8e
aba72ebe76783eb13a713b86a7b1176777103ac6c67d9cd02562351cee04ecf7
b11858287ff9766bcfaee97d76019befde165e127775c8ebb241f73f1d4722e2
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b90b9a1f113e2c58675a6c13193cbb2e57d5ccef8baa2171866434f63595fb76
c433b337c1f2767f0de7736f2bf84d9d5068ea2a0eb6f1a638f7b9c35eaf0a5f
c7d17a3e6528beb63aff730be45579dea592f4e960ece6d0b6c1daa1ddef1340
c7fc4a99ab664906d545b36b310a40b58d9e41986fcd9318ac8f6f90e41d61b3
c8beabe16b2d22cfd6e99cf22b11e1cc4c8e09a2d1d48c3ada8602eb387e7713
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
d0b883956435119f647b57e5d2e7df987fa6c51c1a487c25bf0107d256cab3fa
d7c03a67df15cb013a2b10103e5a694d2f5620cd05c0195c2205c4b078e90624
dcef0a2eb37a3d8e32ddf11f664b3375a06980cf33792aa7bfb798b15cb646d1
e3a4f88e910ae8c02a8ea28994983972195bab4636486d751b1820ae8880969f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
ec81013fada9e239bb9d91316ba5cdfffaf0f7a1ea4220ae81c271db75b71a5a
eceba5c1b7d5a48dc8ec0773f2d84b3ce2fdf725933eda1fbea17126e2c6ef90
ee5932bea2ae4239b9f2f5193f46427d7ada7db0bf299b1646a1c20e9008a2c1
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f96ea0658ac0d11f8bd98a4f55ed0ebf37ea0df254f571d140b0146fbf767821

minecraft.nagoya Open in urlscan Pro 2606:4700:3036::ac43:bd6d Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

148 Requests

89 %HTTPS

58 %IPv6

26 Domains

37 Subdomains

26 IPs

10 Countries

1693 kBTransfer

4851 kBSize

26 Cookies

3 Outgoing links

Page URL History

Redirected requests

148 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

minecraft.nagoya Open in urlscan Pro
2606:4700:3036::ac43:bd6d Public Scan

Screenshot
Live screenshot

Full Image

148
Requests

89 %
HTTPS

58 %
IPv6

26
Domains

37
Subdomains

26
IPs

10
Countries

1693 kB
Transfer

4851 kB
Size

26
Cookies

148 HTTP transactions
8 data transactions