urlscan.io logo urlscan.io
SecurityTrails logo

playcs.yikm.net Open in urlscan Pro
64.64.249.2  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://playcsol.com/
Effective URL: https://playcs.yikm.net/
Submission Tags: analytics-framework
Submission: On April 25 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 4 countries across 13 domains to perform 58 HTTP transactions. The main IP is 64.64.249.2, located in Los Angeles, United States and belongs to IT7NET, CA. The main domain is playcs.yikm.net.
TLS certificate: Issued by TrustAsia RSA DV TLS CA G2 on March 2nd 2023. Valid for: a year.
This is the only time playcs.yikm.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 8 64.64.249.2 25820 (IT7NET)
2 163.181.56.170 24429 (TAOBAO Zh...)
10 2a00:1450:400... 15169 (GOOGLE)
12 61.160.236.93 23650 (CHINANET-...)
5 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 103.235.46.191 55967 (BAIDU Bei...)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2 2a00:1450:400... 15169 (GOOGLE)
58 14
8    64.64.249.2 (Los Angeles, United States)

ASN25820 (IT7NET, CA)
PTR: 64.64.249.2.16clouds.com
playcsol.com
playcs.yikm.net
2    163.181.56.170 (Frankfurt am Main, Germany)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)
cdn.staticfile.org
10    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
12    61.160.236.93 (China)

ASN23650 (CHINANET-JIANGSU-PROVINCE-IDC AS Number for CHINANET jiangsu province backbone, CN)
img.1990i.com
5    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
partner.googleadservices.com
2    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
2    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
2    103.235.46.191 (Hong Kong)

ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)
hm.baidu.com
2    2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
8    2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
2    2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
Apex Domain
Subdomains		 Transfer
18 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 129
tpc.googlesyndication.com — Cisco Umbrella Rank: 177
279 KB
12 1990i.com
img.1990i.com
699 KB
7 yikm.net
playcs.yikm.net
169 KB
5 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 67
45 KB
4 google.com
adservice.google.com — Cisco Umbrella Rank: 130
www.google.com — Cisco Umbrella Rank: 16
2 KB
3 gstatic.com
www.gstatic.com
15 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 119
2 KB
2 baidu.com
hm.baidu.com — Cisco Umbrella Rank: 6664
12 KB
2 google.de
adservice.google.de — Cisco Umbrella Rank: 5261
696 B
2 staticfile.org
cdn.staticfile.org — Cisco Umbrella Rank: 43373
84 KB
1 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 238
49 KB
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 1132
601 B
1 playcsol.com
playcsol.com
199 B
58 13
Domain Requested by
12 img.1990i.com playcs.yikm.net
10 pagead2.googlesyndication.com playcs.yikm.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
8 tpc.googlesyndication.com googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
7 playcs.yikm.net playcs.yikm.net
5 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
3 www.gstatic.com googleads.g.doubleclick.net
2 www.google.com 1 redirects tpc.googlesyndication.com
2 fonts.googleapis.com googleads.g.doubleclick.net
2 hm.baidu.com playcs.yikm.net
2 adservice.google.com pagead2.googlesyndication.com
2 adservice.google.de pagead2.googlesyndication.com
2 cdn.staticfile.org playcs.yikm.net
cdn.staticfile.org
1 www.googletagservices.com googleads.g.doubleclick.net
1 partner.googleadservices.com pagead2.googlesyndication.com
1 playcsol.com 1 redirects
58 15

This site contains links to these domains. Also see Links.

Domain
mail.qq.com
Subject Issuer Validity Valid
playcs.yikm.net
TrustAsia RSA DV TLS CA G2		 2023-03-02 -
2024-03-01		 a year crt.sh
*.staticfile.org
GeoTrust RSA CN CA G2		 2022-09-05 -
2023-10-03		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
img.1990i.com
TrustAsia RSA DV TLS CA G2		 2023-04-03 -
2024-05-02		 a year crt.sh
*.googleadservices.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
*.google.de
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
baidu.com
GlobalSign RSA OV SSL CA 2018		 2022-07-05 -
2023-08-06		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh

This page contains 8 frames:

Primary Page: https://playcs.yikm.net/
Frame ID: 2E0D5A9F638834BF77E9D39D183454A2
Requests: 36 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230420/r20190131/zrt_lookup.html
Frame ID: 9883FD5BC3CF7C3C9437D7DEC5C952BE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2537602355535235&output=html&adk=1812271804&adf=3025194257&lmt=1682397964&plat=1%3A16777216%2C2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fplaycs.yikm.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682397963970&bpp=5&bdt=253&idt=333&shv=r20230420&mjsv=m202304190101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3394176573630&frm=20&pv=2&ga_vid=956803091.1682397964&ga_sid=1682397964&ga_hid=752941124&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44773810%2C44759837%2C44782466%2C44789761&oid=2&pvsid=1054746855367859&tmod=2037838673&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=369
Frame ID: 51C369DB1956D63A41571ABEF895F1D3
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230420/r20110914/zrt_lookup.html?fsb=1
Frame ID: 4EB3F5F8C2E375A1FD0B3DDB36D94566
Requests: 5 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 7155AC93AEC62814A7099A68C80DA3DE
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: ABA412241DC9F22B3E73D69699EBD34B
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: ED91B8C292CF7EACA08693D756A12EF0
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 1AACBF705F438E80A7D1053F8CFA5927
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

在线玩cs1.6,无需下载客户端

Page URL History Show full URLs

  1. https://playcsol.com/ HTTP 301
    https://playcs.yikm.net/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css
Overall confidence: 100%
Detected patterns
  • hm\.baidu\.com/hm\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

58
Requests

100 %
HTTPS

71 %
IPv6

13
Domains

15
Subdomains

14
IPs

4
Countries

1358 kB
Transfer

2749 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://playcsol.com/ HTTP 301
    https://playcs.yikm.net/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 46
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

58 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
playcs.yikm.net/
Redirect Chain
  • https://playcsol.com/
  • https://playcs.yikm.net/
35 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://playcs.yikm.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.64.249.2 Los Angeles, United States, ASN25820 (IT7NET, CA),
Reverse DNS
64.64.249.2.16clouds.com
Software
nginx/1.12.2 /
Resource Hash
124896d0d7067498bb9c7eaf4065fffe65a18d69cb47f8ebc12710810be970b5

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Language
de-DE
Content-Type
text/html;charset=UTF-8
Date
Tue, 25 Apr 2023 04:46:03 GMT
Server
nginx/1.12.2
Transfer-Encoding
chunked

Redirect headers

Connection
keep-alive
Content-Length
185
Content-Type
text/html
Date
Tue, 25 Apr 2023 04:46:03 GMT
Location
https://playcs.yikm.net/
Server
nginx/1.12.2
font-awesome.min.css
cdn.staticfile.org/font-awesome/4.7.0/css/ 		30 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.staticfile.org/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: playcs.yikm.net
URL: https://playcs.yikm.net/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
163.181.56.170 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://playcs.yikm.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

X-Log
X-Log
Date
Mon, 24 Apr 2023 06:36:18 GMT
Via
cache10.l2de2[0,0,304-0,H], cache4.l2de2[1,0], ens-cache2.de4[0,0,200-0,H], ens-cache5.de4[1,0]
Content-Encoding
gzip
X-Svr
IO
X-Reqid
qo8AAAC27ld4y1gX
Age
79785
X-Swift-CacheTime
86391
X-Cache
HIT TCP_MEM_HIT dirn:8:360862401
Content-Transfer-Encoding
binary
Content-Disposition
inline; filename="font-awesome.min.css"; filename*=utf-8''font-awesome.min.css
Connection
keep-alive
X-Swift-SaveTime
Mon, 24 Apr 2023 06:36:27 GMT
Content-Length
6968
Last-Modified
Wed, 26 Oct 2016 03:05:20 GMT
Server
Tengine
Etag
"FlEsfXkDPjAoqb5htUDPGmhwyJb4.gz"
Access-Control-Max-Age
2592000
Vary
Accept-Encoding
Content-Type
text/css
Access-Control-Allow-Origin
*
Ali-Swift-Global-Savetime
1682318178
Access-Control-Expose-Headers
X-Log, X-Reqid
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
X-Qiniu-Zone
0
Timing-Allow-Origin
*
EagleId
2ff62b1d16823979637492343e
bootstrap.min.css
playcs.yikm.net/assets/css/ 		189 KB
36 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://playcs.yikm.net/assets/css/bootstrap.min.css
Requested by
Host: playcs.yikm.net
URL: https://playcs.yikm.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.64.249.2 Los Angeles, United States, ASN25820 (IT7NET, CA),
Reverse DNS
64.64.249.2.16clouds.com
Software
nginx/1.12.2 /
Resource Hash
fb1763b59f9f5764294b5af9fa5250835ae608282fe6f2f2213a5952aacf1fbf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://playcs.yikm.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Tue, 25 Apr 2023 04:46:03 GMT
Content-Encoding
gzip
Last-Modified
Wed, 03 Aug 2022 20:45:32 GMT
Server
nginx/1.12.2
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/css
style2.css
playcs.yikm.net/assets/css/ 		103 KB
23 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://playcs.yikm.net/assets/css/style2.css
Requested by
Host: playcs.yikm.net
URL: https://playcs.yikm.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.64.249.2 Los Angeles, United States, ASN25820 (IT7NET, CA),
Reverse DNS
64.64.249.2.16clouds.com
Software
nginx/1.12.2 /
Resource Hash
7764969e552b83982e6388316606211ce35735bcd2dae7b82509fc8c6858a031

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://playcs.yikm.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Tue, 25 Apr 2023 04:46:03 GMT
Content-Encoding
gzip
Last-Modified
Wed, 04 Jan 2023 09:29:02 GMT
Server
nginx/1.12.2
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/css
style.css
playcs.yikm.net/assets/css/ 		297 KB
49 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://playcs.yikm.net/assets/css/style.css
Requested by
Host: playcs.yikm.net
URL: https://playcs.yikm.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.64.249.2 Los Angeles, United States, ASN25820 (IT7NET, CA),
Reverse DNS
64.64.249.2.16clouds.com
Software
nginx/1.12.2 /
Resource Hash
6e51e2b45543acd28b12fa04a3e98708a7524b187162c2dc638198a092924c8d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://playcs.yikm.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Tue, 25 Apr 2023 04:46:04 GMT
Content-Encoding
gzip
Last-Modified
Fri, 26 Aug 2022 00:41:52 GMT
Server
nginx/1.12.2
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/css
hud_v2.css
playcs.yikm.net/css/ 		24 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://playcs.yikm.net/css/hud_v2.css?v=7
Requested by
Host: playcs.yikm.net
URL: https://playcs.yikm.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.64.249.2 Los Angeles, United States, ASN25820 (IT7NET, CA),
Reverse DNS
64.64.249.2.16clouds.com
Software
nginx/1.12.2 /
Resource Hash
808f8bc48b32aed870131d6778213ef8243bb9ff73c803ac193da27613f94573

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://playcs.yikm.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Tue, 25 Apr 2023 04:46:04 GMT
Content-Encoding
gzip
Last-Modified
Thu, 20 Oct 2022 04:01:35 GMT
Server
nginx/1.12.2
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/css
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		135 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2537602355535235
Requested by
Host: playcs.yikm.net
URL: https://playcs.yikm.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7f3119b2807e3158f5e0db81344c9fc84fde61fa830860c5d8b1e2dbd6ac4842
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://playcs.yikm.net/
Origin
https://playcs.yikm.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 04:46:03 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47191
x-xss-protection
0
server
cafe
etag
3888795963140590483
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 25 Apr 2023 04:46:03 GMT
cslogo1.png
img.1990i.com/cs/img/logo/ 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.1990i.com/cs/img/logo/cslogo1.png
Requested by
Host: playcs.yikm.net
URL: https://playcs.yikm.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.160.236.93 , China, ASN23650 (CHINANET-JIANGSU-PROVINCE-IDC AS Number for CHINANET jiangsu province backbone, CN),
Reverse DNS
Software
nginx/1.20.2 /
Resource Hash
7c4dac3aeec35ebe83e584037539b4414022295489192f91412138bc0d8696c7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://playcs.yikm.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Tue, 25 Apr 2023 04:45:42 GMT
Content-Encoding
gzip
Last-Modified
Wed, 17 Aug 2022 12:54:28 GMT
Server
nginx/1.20.2
ETag
W/"62fce504-9302"
Transfer-Encoding
chunked
Content-Type
image/png
Cache-Control
max-age=604800
Connection
keep-alive
Expires
Tue, 02 May 2023 04:45:42 GMT
cslogo2.png
img.1990i.com/cs/img/logo/ 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.1990i.com/cs/img/logo/cslogo2.png
Requested by
Host: playcs.yikm.net
URL: https://playcs.yikm.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.160.236.93 , China, ASN23650 (CHINANET-JIANGSU-PROVINCE-IDC AS Number for CHINANET jiangsu province backbone, CN),
Reverse DNS
Software
nginx/1.20.2 /
Resource Hash
f7b285dad3a08b17accaeb3edda2c0663a7e9fc8a09bd040e80c09b5cc14df2c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://playcs.yikm.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Tue, 25 Apr 2023 04:45:42 GMT
Content-Encoding
gzip
Last-Modified
Wed, 17 Aug 2022 12:53:25 GMT
Server
nginx/1.20.2
ETag
W/"62fce4c5-a70d"
Transfer-Encoding
chunked
Content-Type
image/png
Cache-Control
max-age=604800
Connection
keep-alive
Expires
Tue, 02 May 2023 04:45:42 GMT
zm_cross.png
img.1990i.com/cs/img/maplogo/ 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.1990i.com/cs/img/maplogo/zm_cross.png
Requested by
Host: playcs.yikm.net
URL: https://playcs.yikm.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.160.236.93 , China, ASN23650 (CHINANET-JIANGSU-PROVINCE-IDC AS Number for CHINANET jiangsu province backbone, CN),
Reverse DNS
Software
nginx/1.20.2 /
Resource Hash
abaf03545a14e06ddbed45661810f90c00e836fcc5aa904f79c8880456ab874e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://playcs.yikm.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Tue, 25 Apr 2023 04:45:42 GMT
Content-Encoding
gzip
Last-Modified
Sat, 04 Feb 2023 04:12:23 GMT
Server
nginx/1.20.2
ETag
W/"63dddb27-b219"
Transfer-Encoding
chunked
Content-Type
image/png
Cache-Control
max-age=604800
Connection
keep-alive
Expires
Tue, 02 May 2023 04:45:42 GMT
ze_ffvii_mako_reactor_complete.png
img.1990i.com/cs/img/maplogo/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.1990i.com/cs/img/maplogo/ze_ffvii_mako_reactor_complete.png
Requested by
Host: playcs.yikm.net
URL: https://playcs.yikm.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.160.236.93 , China, ASN23650 (CHINANET-JIANGSU-PROVINCE-IDC AS Number for CHINANET jiangsu province backbone, CN),
Reverse DNS
Software
nginx/1.20.2 /
Resource Hash
ef4656ed5c8833a35c6160e384b77a2de4c8462da2fb86b68e432a78c67b0530

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://playcs.yikm.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Tue, 25 Apr 2023 04:45:42 GMT
Content-Encoding
gzip
Last-Modified
Sun, 30 Oct 2022 12:23:16 GMT
Server
nginx/1.20.2
ETag
W/"635e6cb4-340d"
Transfer-Encoding
chunked
Content-Type
image/png
Cache-Control
max-age=604800
Connection
keep-alive
Expires
Tue, 02 May 2023 04:45:42 GMT
deathrun_bandicoot1.png
img.1990i.com/cs/img/maplogo/ 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.1990i.com/cs/img/maplogo/deathrun_bandicoot1.png
Requested by
Host: playcs.yikm.net
URL: https://playcs.yikm.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.160.236.93 , China, ASN23650 (CHINANET-JIANGSU-PROVINCE-IDC AS Number for CHINANET jiangsu province backbone, CN),
Reverse DNS
Software
nginx/1.20.2 /
Resource Hash
db5307fdda9a09e78038fcdcdc7041672cb97e2b6aced6cdc9fdd25d3601330e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://playcs.yikm.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Tue, 25 Apr 2023 04:45:42 GMT
Content-Encoding
gzip
Last-Modified
Wed, 05 Apr 2023 05:30:24 GMT
Server
nginx/1.20.2
ETag
W/"642d0770-9fdb"
Transfer-Encoding
chunked
Content-Type
image/png
Cache-Control
max-age=604800
Connection
keep-alive
Expires
Tue, 02 May 2023 04:45:42 GMT
de_nuke.png
img.1990i.com/cs/img/maplogo/ 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.1990i.com/cs/img/maplogo/de_nuke.png
Requested by
Host: playcs.yikm.net
URL: https://playcs.yikm.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.160.236.93 , China, ASN23650 (CHINANET-JIANGSU-PROVINCE-IDC AS Number for CHINANET jiangsu province backbone, CN),
Reverse DNS
Software
nginx/1.20.2 /
Resource Hash
801a3dbc629d8a7dcd6831945958766f4a29cbf6c76dbada68da0380175e9be6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://playcs.yikm.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Tue, 25 Apr 2023 04:45:43 GMT
Content-Encoding
gzip
Last-Modified
Thu, 17 Nov 2022 09:09:04 GMT
Server
nginx/1.20.2
ETag
W/"6375fa30-c3a6"
Transfer-Encoding
chunked
Content-Type
image/png
Cache-Control
max-age=604800
Connection
keep-alive
Expires
Tue, 02 May 2023 04:45:43 GMT
cs_ship.png
img.1990i.com/cs/img/maplogo/ 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.1990i.com/cs/img/maplogo/cs_ship.png
Requested by
Host: playcs.yikm.net
URL: https://playcs.yikm.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.160.236.93 , China, ASN23650 (CHINANET-JIANGSU-PROVINCE-IDC AS Number for CHINANET jiangsu province backbone, CN),
Reverse DNS
Software
nginx/1.20.2 /
Resource Hash
cc20714fb078dae243e4a4e563fc06ed133efb3ce9836929bb31abcbde1660d7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://playcs.yikm.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Tue, 25 Apr 2023 04:45:42 GMT
Content-Encoding
gzip
Last-Modified
Sun, 05 Mar 2023 05:02:26 GMT
Server
nginx/1.20.2
ETag
W/"64042262-a7b2"
Transfer-Encoding
chunked
Content-Type
image/png
Cache-Control
max-age=604800
Connection
keep-alive
Expires
Tue, 02 May 2023 04:45:42 GMT
de_dust2.png
img.1990i.com/cs/img/maplogo/ 		274 KB
274 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.1990i.com/cs/img/maplogo/de_dust2.png
Requested by
Host: playcs.yikm.net
URL: https://playcs.yikm.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.160.236.93 , China, ASN23650 (CHINANET-JIANGSU-PROVINCE-IDC AS Number for CHINANET jiangsu province backbone, CN),
Reverse DNS
Software
nginx/1.20.2 /
Resource Hash
5c1110a5c13872734b494c7c9b589e30b01b99f779d16aee311ab828cb4e1df6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://playcs.yikm.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Tue, 25 Apr 2023 04:45:42 GMT
Content-Encoding
gzip
Last-Modified
Thu, 18 Aug 2022 13:43:49 GMT
Server
nginx/1.20.2
ETag
W/"62fe4215-446f1"
Transfer-Encoding
chunked
Content-Type
image/png
Cache-Control
max-age=604800
Connection
keep-alive
Expires
Tue, 02 May 2023 04:45:42 GMT
css_dust2sky_go.png
img.1990i.com/cs/img/maplogo/ 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.1990i.com/cs/img/maplogo/css_dust2sky_go.png
Requested by
Host: playcs.yikm.net
URL: https://playcs.yikm.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.160.236.93 , China, ASN23650 (CHINANET-JIANGSU-PROVINCE-IDC AS Number for CHINANET jiangsu province backbone, CN),
Reverse DNS
Software
nginx/1.20.2 /
Resource Hash
471a52e9ddb5b3b9e7d584857d60f65cc3050fcf4add327a9eeb93dee940db4e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://playcs.yikm.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Tue, 25 Apr 2023 04:45:43 GMT
Content-Encoding
gzip
Last-Modified
Sat, 21 Jan 2023 03:13:08 GMT
Server
nginx/1.20.2
ETag
W/"63cb5844-8ac7"
Transfer-Encoding
chunked
Content-Type
image/png
Cache-Control
max-age=604800
Connection
keep-alive
Expires
Tue, 02 May 2023 04:45:43 GMT
cs_zhasini.png
img.1990i.com/cs/img/maplogo/ 		58 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.1990i.com/cs/img/maplogo/cs_zhasini.png
Requested by
Host: playcs.yikm.net
URL: https://playcs.yikm.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.160.236.93 , China, ASN23650 (CHINANET-JIANGSU-PROVINCE-IDC AS Number for CHINANET jiangsu province backbone, CN),
Reverse DNS
Software
nginx/1.20.2 /
Resource Hash
e6021642bf72a21003c1478df64d6006d68c7a239f06c26a0a7224fa94186b8f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://playcs.yikm.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Tue, 25 Apr 2023 04:45:43 GMT
Content-Encoding
gzip
Last-Modified
Sat, 04 Mar 2023 05:30:26 GMT
Server
nginx/1.20.2
ETag
W/"6402d772-e982"
Transfer-Encoding
chunked
Content-Type
image/png
Cache-Control
max-age=604800
Connection
keep-alive
Expires
Tue, 02 May 2023 04:45:43 GMT
fy_iceworld2k.png
img.1990i.com/cs/img/maplogo/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.1990i.com/cs/img/maplogo/fy_iceworld2k.png
Requested by
Host: playcs.yikm.net
URL: https://playcs.yikm.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.160.236.93 , China, ASN23650 (CHINANET-JIANGSU-PROVINCE-IDC AS Number for CHINANET jiangsu province backbone, CN),
Reverse DNS
Software
nginx/1.20.2 /
Resource Hash
34a2a91df1ea246a4b9c235a36b39be41aa88900231625a54052830986a8e26f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://playcs.yikm.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Tue, 25 Apr 2023 04:45:43 GMT
Content-Encoding
gzip
Last-Modified
Mon, 13 Mar 2023 07:05:21 GMT
Server
nginx/1.20.2
ETag
W/"640ecb31-5409"
Transfer-Encoding
chunked
Content-Type
image/png
Cache-Control
max-age=604800
Connection
keep-alive
Expires
Tue, 02 May 2023 04:45:43 GMT
fy_fodder1.png
img.1990i.com/cs/img/maplogo/ 		40 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.1990i.com/cs/img/maplogo/fy_fodder1.png
Requested by
Host: playcs.yikm.net
URL: https://playcs.yikm.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.160.236.93 , China, ASN23650 (CHINANET-JIANGSU-PROVINCE-IDC AS Number for CHINANET jiangsu province backbone, CN),
Reverse DNS
Software
nginx/1.20.2 /
Resource Hash
bf007abacad91883025987c075279b565fa51e1990992da742e64d9b464d28ae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://playcs.yikm.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Tue, 25 Apr 2023 04:45:43 GMT
Content-Encoding
gzip
Last-Modified
Wed, 05 Apr 2023 06:45:12 GMT
Server
nginx/1.20.2
ETag
W/"642d18f8-a13b"
Transfer-Encoding
chunked
Content-Type
image/png
Cache-Control
max-age=604800
Connection
keep-alive
Expires
Tue, 02 May 2023 04:45:43 GMT
jquery-2.0.0.min.js
playcs.yikm.net/js/ 		81 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://playcs.yikm.net/js/jquery-2.0.0.min.js
Requested by
Host: playcs.yikm.net
URL: https://playcs.yikm.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.64.249.2 Los Angeles, United States, ASN25820 (IT7NET, CA),
Reverse DNS
64.64.249.2.16clouds.com
Software
nginx/1.12.2 /
Resource Hash
91e8044a4b1bfce3c131d5579965a9808b42cdb9a350a53928d54cd35d6c1451

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://playcs.yikm.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Tue, 25 Apr 2023 04:46:04 GMT
Content-Encoding
gzip
Last-Modified
Mon, 26 Sep 2022 12:39:14 GMT
Server
nginx/1.12.2
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
application/javascript
index.min.js
playcs.yikm.net/js/ 		42 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://playcs.yikm.net/js/index.min.js?v=2
Requested by
Host: playcs.yikm.net
URL: https://playcs.yikm.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.64.249.2 Los Angeles, United States, ASN25820 (IT7NET, CA),
Reverse DNS
64.64.249.2.16clouds.com
Software
nginx/1.12.2 /
Resource Hash
f2b86ea7fb021e6b7da9cc39318dd778729f975df7c16c46d03fcd7568a959ff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://playcs.yikm.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Tue, 25 Apr 2023 04:46:04 GMT
Content-Encoding
gzip
Last-Modified
Thu, 02 Mar 2023 06:16:48 GMT
Server
nginx/1.12.2
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
application/javascript
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304190101/ 		354 KB
119 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304190101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2537602355535235&plah=playcs.yikm.net
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2537602355535235
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3a69ce02fd5678856cbfa2570fb4a61396ed3ffe900bd1c5f778e7672b2e2aee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://playcs.yikm.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 04:46:04 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
121803
x-xss-protection
0
server
cafe
etag
3137897709118094594
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 25 Apr 2023 04:46:04 GMT
fontawesome-webfont.woff2
cdn.staticfile.org/font-awesome/4.7.0/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.staticfile.org/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: cdn.staticfile.org
URL: https://cdn.staticfile.org/font-awesome/4.7.0/css/font-awesome.min.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
163.181.56.170 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer
https://cdn.staticfile.org/font-awesome/4.7.0/css/font-awesome.min.css
Origin
https://playcs.yikm.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

X-Log
X-Log
Date
Mon, 24 Apr 2023 13:02:58 GMT
Via
cache17.l2de2[0,0,304-0,H], cache11.l2de2[0,0], ens-cache9.de4[2,2,200-0,H], ens-cache8.de4[4,0]
X-Svr
IO
X-Reqid
hjoAAAAMwAGS4FgX
Age
56585
X-Swift-CacheTime
29815
X-Cache
HIT TCP_REFRESH_HIT dirn:9:94379676
Content-Transfer-Encoding
binary
Content-Disposition
inline; filename="fontawesome-webfont.woff2"; filename*=utf-8''fontawesome-webfont.woff2
Connection
keep-alive
X-Swift-SaveTime
Tue, 25 Apr 2023 04:46:03 GMT
Content-Length
77160
Last-Modified
Tue, 25 Oct 2016 16:32:06 GMT
Server
Tengine
Etag
"Ftb0jLp9B2-28v1rqZOnW53B7L8M"
Vary
Origin
Access-Control-Max-Age
2592000
Content-Type
application/font-woff2
Access-Control-Allow-Origin
*
Ali-Swift-Global-Savetime
1682341378
Access-Control-Expose-Headers
X-Log, X-Reqid
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
X-Qiniu-Zone
0
Timing-Allow-Origin
*
EagleId
2ff62b2016823979639583103e
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230420/r20190131/ Frame 9883 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230420/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2537602355535235
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://playcs.yikm.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
41118
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4549
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 24 Apr 2023 17:20:46 GMT
etag
2378337311435320485
expires
Mon, 08 May 2023 17:20:46 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cookie.js
partner.googleadservices.com/gampad/ 		383 B
601 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=playcs.yikm.net&callback=_gfp_s_&client=ca-pub-2537602355535235
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304190101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2537602355535235&plah=playcs.yikm.net
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2a5a01c98c568988b5ea986cfbd3c34d8f3e5a0462606ea745808de7812da215
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://playcs.yikm.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 04:46:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
250
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
531 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=playcs.yikm.net
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304190101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2537602355535235&plah=playcs.yikm.net
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://playcs.yikm.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 04:46:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
456 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=playcs.yikm.net
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304190101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2537602355535235&plah=playcs.yikm.net
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://playcs.yikm.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 04:46:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&cls=menu-backdrop&ign=false&pw=1600&ph=1200&x=0&y=1060.8
Requested by
Host: playcs.yikm.net
URL: https://playcs.yikm.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://playcs.yikm.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Apr 2023 04:46:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&cls=menu-backdrop&ign=false&pw=1600&ph=1200&x=0&y=0
Requested by
Host: playcs.yikm.net
URL: https://playcs.yikm.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://playcs.yikm.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Apr 2023 04:46:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 51C3 		139 KB
36 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2537602355535235&output=html&adk=1812271804&adf=3025194257&lmt=1682397964&plat=1%3A16777216%2C2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fplaycs.yikm.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682397963970&bpp=5&bdt=253&idt=333&shv=r20230420&mjsv=m202304190101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3394176573630&frm=20&pv=2&ga_vid=956803091.1682397964&ga_sid=1682397964&ga_hid=752941124&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44773810%2C44759837%2C44782466%2C44789761&oid=2&pvsid=1054746855367859&tmod=2037838673&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=369
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304190101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2537602355535235&plah=playcs.yikm.net
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0e0de2bf4ac15ebd99d82e34bfaa144ecb3e6d71c181690a3a2ca1b2a6679417
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://playcs.yikm.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
36312
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 25 Apr 2023 04:46:05 GMT
expires
Tue, 25 Apr 2023 04:46:05 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
hm.js
hm.baidu.com/ 		29 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hm.baidu.com/hm.js?0ff039a569d6695a2ce69332cd833f32
Requested by
Host: playcs.yikm.net
URL: https://playcs.yikm.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
e0f691861b0a191f0b8e557a342b05de89a3c81cf9e17033413895d808f5c802
Security Headers
Name Value
Strict-Transport-Security max-age=172800

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://playcs.yikm.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Tue, 25 Apr 2023 04:46:05 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=172800
Server
apache
Etag
627646224db11b24e1896597ee9c3ae0
P3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type
application/javascript
Cache-Control
max-age=0, must-revalidate
Content-Length
11263
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304190101/ 		149 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304190101/reactive_library_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304190101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2537602355535235&plah=playcs.yikm.net
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1b41a8f0b959a5d258e344b05783338f1286caa3d9e83c34478ea36084dd18cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://playcs.yikm.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 04:46:05 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51689
x-xss-protection
0
server
cafe
etag
3010576233274607633
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Tue, 25 Apr 2023 04:46:05 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=playcs.yikm.net
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304190101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2537602355535235&plah=playcs.yikm.net
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://playcs.yikm.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 04:46:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=playcs.yikm.net
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304190101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2537602355535235&plah=playcs.yikm.net
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://playcs.yikm.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 04:46:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230420/r20110914/ Frame 4EB3 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230420/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304190101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2537602355535235&plah=playcs.yikm.net
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://playcs.yikm.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
31747
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4549
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 24 Apr 2023 19:56:58 GMT
etag
2378337311435320485
expires
Mon, 08 May 2023 19:56:58 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
css2
fonts.googleapis.com/ Frame 4EB3 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230420/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
831997ce334905a4fc3c7f0673c30bd34701f9810d87b19335aea228804ae38a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 25 Apr 2023 04:46:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 25 Apr 2023 03:57:54 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 25 Apr 2023 04:46:05 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 4EB3 		205 B
650 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230420/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 22:21:29 GMT
x-content-type-options
nosniff
age
23076
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
205
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Tue, 23 Apr 2024 22:21:29 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 4EB3 		604 B
695 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230420/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 23:04:47 GMT
x-content-type-options
nosniff
age
20478
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
604
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Tue, 23 Apr 2024 23:04:47 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230420/r20110914/elements/html/ Frame 4EB3 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230420/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230420/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c5663a1ab2a975aedc88dbbf644d92980a966b614286321a39baac756077b738
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 21:35:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
25845
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8167
x-xss-protection
0
server
cafe
etag
3140062999518874537
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 08 May 2023 21:35:20 GMT
css
fonts.googleapis.com/ Frame 7155 		9 KB
994 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230420/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
400fabe35a47597142482001174f415493a18dc7e1d35f2f66385013b7dd1e02
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 25 Apr 2023 04:46:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 25 Apr 2023 04:04:42 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 25 Apr 2023 04:46:05 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230420/r20110914/client/ Frame 7155 		2 KB
846 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230420/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230420/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 17:25:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
40850
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
738
x-xss-protection
0
server
cafe
etag
1394486882873449110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 08 May 2023 17:25:15 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230420/r20110914/ Frame 7155 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230420/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230420/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
85f5fa4e4e018f353a57795fac053b8440905db9cda4a7d18147d48e8d77e233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 22:41:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
21878
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8535
x-xss-protection
0
server
cafe
etag
13968503839060854674
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 08 May 2023 22:41:27 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230420/r20110914/client/ Frame 7155 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230420/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230420/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 19:45:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
32435
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 08 May 2023 19:45:30 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230420/r20110914/client/ Frame 7155 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230420/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230420/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2db6489d44c93f3301f1969a58df60a3d7e36c3c892fc0976dadf1f761d569cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 16:42:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
43401
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8104
x-xss-protection
0
server
cafe
etag
11444945707709536616
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 08 May 2023 16:42:44 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7155 		159 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230420/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bae059fd5774acd8c940c02acd1708b584696f2511ef5ffec8be01f1b2fd8776
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 04:46:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49672
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1681929791789681"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 25 Apr 2023 04:46:05 GMT
f8970ecc2196f374e9d99027c476dd6b.js
www.gstatic.com/mysidia/ Frame 7155 		32 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/f8970ecc2196f374e9d99027c476dd6b.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230420/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
56cb66844b6e4806082b345cc9bf870b3e2493a6f4e277b865d85666f0fac439
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 22 Apr 2023 05:50:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
255344
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13747
x-xss-protection
0
last-modified
Tue, 18 Apr 2023 02:08:12 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Fri, 21 Jul 2023 05:50:21 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame ABA4 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230420/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20230420/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
2966
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 25 Apr 2023 03:56:39 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame ABA4
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230420/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 25 Apr 2023 04:46:05 GMT
expires
Tue, 25 Apr 2023 04:46:05 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 25 Apr 2023 04:46:05 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7155 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=jca&jc=26&version=r20230420&sample=0.01
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/js/r20230420/r20110914/client/load_preloaded_resource_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Apr 2023 04:46:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
hm.gif
hm.baidu.com/ 		43 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=284384207&si=0ff039a569d6695a2ce69332cd833f32&v=1.3.0&lv=1&sn=48981&r=0&ww=1600&u=https%3A%2F%2Fplaycs.yikm.net%2F&tt=%E5%9C%A8%E7%BA%BF%E7%8E%A9cs1.6%2C%E6%97%A0%E9%9C%80%E4%B8%8B%E8%BD%BD%E5%AE%A2%E6%88%B7%E7%AB%AF
Requested by
Host: playcs.yikm.net
URL: https://playcs.yikm.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=172800
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://playcs.yikm.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 25 Apr 2023 04:46:06 GMT
Strict-Transport-Security
max-age=172800
X-Content-Type-Options
nosniff
Server
apache
Content-Type
image/gif
Cache-Control
private, max-age=0, no-cache
Content-Length
43
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230420&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304190101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2537602355535235&plah=playcs.yikm.net
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a9b51739ae5c677539894f2daf0f8aea0e8e497c258702782e03a28fb941d546
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://playcs.yikm.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 04:46:06 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11238
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304190101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2537602355535235&plah=playcs.yikm.net
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://playcs.yikm.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 04:46:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 25 Apr 2023 04:46:06 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame ED91 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://playcs.yikm.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
32258
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 24 Apr 2023 19:48:28 GMT
expires
Tue, 23 Apr 2024 19:48:28 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 1AAC 		783 B
970 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
410d70158530be648ec258902f2b81d81d331c61eac5107c74c8ce6195a22695
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Iyv4l1aUk6NPDagJI7m7XA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://playcs.yikm.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-Iyv4l1aUk6NPDagJI7m7XA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 25 Apr 2023 04:46:06 GMT
expires
Tue, 25 Apr 2023 04:46:06 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
FeZxK-xMU0bDCjOMbokEaZjg6vU8xaS24bySLDd5teM.js
pagead2.googlesyndication.com/bg/ Frame ED91 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/FeZxK-xMU0bDCjOMbokEaZjg6vU8xaS24bySLDd5teM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
15e6712bec4c5346c30a338c6e89046998e0eaf53cc5a4b6e1bc922c3779b5e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 22:51:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
21297
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14264
x-xss-protection
0
last-modified
Mon, 17 Apr 2023 14:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 23 Apr 2024 22:51:10 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 1AAC 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230420&jk=1054746855367859&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame ED91 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?s9yeEQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 04:46:07 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230420&jk=1054746855367859&bg=!w8ClwJTNAAYfNdXmPzU7ADkAdvg8WrTzzQN6WoktFdeUzO37visfRkfB6hjv3PknU7fmZbclOOzGUVRe3mc9lbor6Vp8sNpDD4ECAAAAR1IAAAACaAEHCgBex347RbDi-jjjWuKOEFfzq2vQrQsLxdrUgiPsZU6LcZ-8QssWFS1Qyl76ArryGsUOv66VmNfTWveRPF_R68iWpFN02PZSwXB277lEIhVo_n84c1FZcDanTFj8WVsdjJkC7J0TQTIw2KPA1Jm21j16ztfVcPKRWOfRbBg6qcOrV285P_qeMJajsfrC4nrNtBiOVElTl5OEcen-qYcfATakUUBAUfbcEySTOoKRXcIw3jQfPEmhMsbi2jKTQ6rH_49AWV_p_hozRS_TXBwZAaym7O6akk2D_m1dR117Zf9mHKN9CHBtX6-5USqjc-QrI_iQQ_-CnLZ7-33sv90JdWjKGzSCEWaBln1dMY8rzNoM522Bzvov9v6np7xSUuamcJqp9b4QAT1QASlcn1bPNqooqaWBFX1fAyOwkZLaBq_jGOcp0h55AKGo5lH-dJ2Es0crBuqzM2I9QrFuY9VMrXF9LWYTr2XtJhUMml2FVKyLBJS0xAHPiJUI3O886jrSoUQW-66V0aX-1gALeVoIsfdkHWQsLcblOn0X8IXh2SXRPqYHTzBJ05ucK_O-iNc8UxkMNPU0vy2zwEyqt9yXttJ3dfoIZe15fiqEBdPQRweGuSAPp7OyMb-8cYUPx4Groa4qPSENOmYm4eECkXeOX8Y-4EWERAgGLAObLasfoAgUuESaAG0a1MLk9RujV2CvSXN0m-EK6kRgSvIXViqY3BV26kW1jk83o9X-1yPRBiqzPDBfYhRwcc9qTXJLeNbqz54O6DccldoTKqbXizQNafZosBlkssQcktPVy1kP7XzVNVlf-VDh2H0-P7JNznAHaeUEpUHaK1tB1g7BcOkWiIP_xhDYGvXU5uqTb5Rdi5BxenO5VYBpxRGs7hIhu7HrlUcyI1soeGBSWsWgwsksAiKa14cI7Vn_PLLpAl5oy3cvIgYWbfIKJ9GPZXUPPbI0GZFbdBSF03kYDOJ3DzIN47ZhqFHn6u9F2QFbX20RUCt626qvdyG-iw0dgK3_oafxnLkcd-lWI-vR6FPt-rzjJRNNjooi8B4nLc2RQGdfHWp8bQgFDrTuIRbzz5Gox3_deuktuZsa4Me7Nv_Pf59ugHxEWQrNRxrGqIAlWv2oTWY
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://playcs.yikm.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

54 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 boolean| credentialless object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ object| google_image_requests function| processGoogleToken number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages function| $ function| jQuery function| _0x5721 function| _0x1da683 function| _0x551b7c function| _0x198127 function| _0x1e5898 function| _0xa57a9c function| _0x4fb5 function| _0xf671e function| _0x176c70 function| getusers function| kickUser object| _hmt object| google_llp number| google_lpabyc object| googletag boolean| _bdhm_loaded_0ff039a569d6695a2ce69332cd833f32 object| mini_tangram_log_jpqkbj object| GoogleGcLKhOms

7 Cookies

Domain/Path Name / Value
.yikm.net/ Name: __gads
Value: ID=7fcd8334314894ba-2293961cacdd00cb:T=1682397964:RT=1682397964:S=ALNI_MYi_vL6ZNratsxMZEaAv0YNCHy0Cg
.yikm.net/ Name: __gpi
Value: UID=00000bef91fe053e:T=1682397964:RT=1682397964:S=ALNI_MZbPhBPmw6DCVaHXhR-GrmB3EwPxw
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.hm.baidu.com/ Name: HMACCOUNT_BFESS
Value: 4519ACAB80887E86
.doubleclick.net/ Name: DSID
Value: NO_DATA
.playcs.yikm.net/ Name: Hm_lvt_0ff039a569d6695a2ce69332cd833f32
Value: 1682397966
.playcs.yikm.net/ Name: Hm_lpvt_0ff039a569d6695a2ce69332cd833f32
Value: 1682397966

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
cdn.staticfile.org
fonts.googleapis.com
googleads.g.doubleclick.net
hm.baidu.com
img.1990i.com
pagead2.googlesyndication.com
partner.googleadservices.com
playcs.yikm.net
playcsol.com
tpc.googlesyndication.com
www.google.com
www.googletagservices.com
www.gstatic.com
103.235.46.191
163.181.56.170
2a00:1450:4001:809::2002
2a00:1450:4001:80b::2003
2a00:1450:4001:80e::2004
2a00:1450:4001:812::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::200a
2a00:1450:4001:830::2001
2a00:1450:4001:831::2002
61.160.236.93
64.64.249.2
0e0de2bf4ac15ebd99d82e34bfaa144ecb3e6d71c181690a3a2ca1b2a6679417
124896d0d7067498bb9c7eaf4065fffe65a18d69cb47f8ebc12710810be970b5
15e6712bec4c5346c30a338c6e89046998e0eaf53cc5a4b6e1bc922c3779b5e3
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1b41a8f0b959a5d258e344b05783338f1286caa3d9e83c34478ea36084dd18cd
2a5a01c98c568988b5ea986cfbd3c34d8f3e5a0462606ea745808de7812da215
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2db6489d44c93f3301f1969a58df60a3d7e36c3c892fc0976dadf1f761d569cc
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
34a2a91df1ea246a4b9c235a36b39be41aa88900231625a54052830986a8e26f
3a69ce02fd5678856cbfa2570fb4a61396ed3ffe900bd1c5f778e7672b2e2aee
400fabe35a47597142482001174f415493a18dc7e1d35f2f66385013b7dd1e02
410d70158530be648ec258902f2b81d81d331c61eac5107c74c8ce6195a22695
471a52e9ddb5b3b9e7d584857d60f65cc3050fcf4add327a9eeb93dee940db4e
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56cb66844b6e4806082b345cc9bf870b3e2493a6f4e277b865d85666f0fac439
5c1110a5c13872734b494c7c9b589e30b01b99f779d16aee311ab828cb4e1df6
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6e51e2b45543acd28b12fa04a3e98708a7524b187162c2dc638198a092924c8d
7764969e552b83982e6388316606211ce35735bcd2dae7b82509fc8c6858a031
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7c4dac3aeec35ebe83e584037539b4414022295489192f91412138bc0d8696c7
7f3119b2807e3158f5e0db81344c9fc84fde61fa830860c5d8b1e2dbd6ac4842
801a3dbc629d8a7dcd6831945958766f4a29cbf6c76dbada68da0380175e9be6
808f8bc48b32aed870131d6778213ef8243bb9ff73c803ac193da27613f94573
831997ce334905a4fc3c7f0673c30bd34701f9810d87b19335aea228804ae38a
85f5fa4e4e018f353a57795fac053b8440905db9cda4a7d18147d48e8d77e233
91e8044a4b1bfce3c131d5579965a9808b42cdb9a350a53928d54cd35d6c1451
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a9b51739ae5c677539894f2daf0f8aea0e8e497c258702782e03a28fb941d546
abaf03545a14e06ddbed45661810f90c00e836fcc5aa904f79c8880456ab874e
bae059fd5774acd8c940c02acd1708b584696f2511ef5ffec8be01f1b2fd8776
bf007abacad91883025987c075279b565fa51e1990992da742e64d9b464d28ae
c5663a1ab2a975aedc88dbbf644d92980a966b614286321a39baac756077b738
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
cc20714fb078dae243e4a4e563fc06ed133efb3ce9836929bb31abcbde1660d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
db5307fdda9a09e78038fcdcdc7041672cb97e2b6aced6cdc9fdd25d3601330e
e0f691861b0a191f0b8e557a342b05de89a3c81cf9e17033413895d808f5c802
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6021642bf72a21003c1478df64d6006d68c7a239f06c26a0a7224fa94186b8f
ef4656ed5c8833a35c6160e384b77a2de4c8462da2fb86b68e432a78c67b0530
f2b86ea7fb021e6b7da9cc39318dd778729f975df7c16c46d03fcd7568a959ff
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f7b285dad3a08b17accaeb3edda2c0663a7e9fc8a09bd040e80c09b5cc14df2c
fb1763b59f9f5764294b5af9fa5250835ae608282fe6f2f2213a5952aacf1fbf