www.csplague.com Open in urlscan Pro
172.67.128.64 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.csplague.com/
Effective URL:
https://www.csplague.com/forum.php?s=2b8da5ab27718bd5775888fc7ca84de8
Submission: On January 09 via api (January 9th 2024, 11:13:52 pm UTC) from US — Scanned from DE

Summary HTTP 133 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 15 IPs in 5 countries across 11 domains to perform 133 HTTP transactions. The main IP is 172.67.128.64, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.csplague.com.
TLS certificate: Issued by E1 on December 16th 2023. Valid for: 3 months.

This is the only time www.csplague.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	104.21.0.200 104.21.0.200	13335 (CLOUDFLAR...) (CLOUDFLARENET)
48	172.67.128.64 172.67.128.64	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	2a00:1450:400... 2a00:1450:4001:81c::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE)
4 9	2a02:6b8::1:119 2a02:6b8::1:119	13238 (YANDEX) (YANDEX)
1 3	2a00:1450:400... 2a00:1450:4001:829::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0b::9d	15169 (GOOGLE) (GOOGLE)
3 11	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
27	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
6	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
133	15

1 104.21.0.200 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.csplague.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

48 172.67.128.64 (United States)

ASN13335 (CLOUDFLARENET, US)

www.csplague.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a02:6b8::1:119 (Moscow, Russian Federation) 4 redirects

ASN13238 (YANDEX, RU)

informer.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2008 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0b::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
49	csplague.com 1 redirects www.csplague.com	216 KB
40	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 140 tpc.googlesyndication.com — Cisco Umbrella Rank: 185	590 KB
12	gstatic.com www.gstatic.com fonts.gstatic.com	156 KB
12	doubleclick.net 3 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 184 googleads.g.doubleclick.net — Cisco Umbrella Rank: 68	184 KB
6	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 173
6	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 708 fonts.googleapis.com — Cisco Umbrella Rank: 115	40 KB
5	yandex.com 3 redirects mc.yandex.com — Cisco Umbrella Rank: 6227	3 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 271	260 KB
4	yandex.ru 1 redirects informer.yandex.ru — Cisco Umbrella Rank: 56282 mc.yandex.ru — Cisco Umbrella Rank: 2266	58 KB
3	google-analytics.com 1 redirects ssl.google-analytics.com — Cisco Umbrella Rank: 648	17 KB
2	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 6	1 KB
133	11

	Domain	Requested by
49	www.csplague.com	1 redirects www.csplague.com
27	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
13	pagead2.googlesyndication.com	www.csplague.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
11	googleads.g.doubleclick.net	3 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net
6	www.googleadservices.com	www.csplague.com
6	fonts.gstatic.com	fonts.googleapis.com
6	www.gstatic.com	googleads.g.doubleclick.net
5	fonts.googleapis.com	googleads.g.doubleclick.net
5	mc.yandex.com	3 redirects www.csplague.com
4	www.googletagservices.com	googleads.g.doubleclick.net
3	ssl.google-analytics.com	1 redirects www.csplague.com
3	mc.yandex.ru	1 redirects www.csplague.com
2	www.google.com	1 redirects tpc.googlesyndication.com
1	stats.g.doubleclick.net	www.csplague.com
1	informer.yandex.ru	www.csplague.com
1	ajax.googleapis.com	www.csplague.com
133	16

This site contains links to these domains. Also see Links.

Domain
csplague.com
metrika.yandex.com.tr
www.linkedin.com
haliskilic.com
falloutfits.csplague.com
gif.csplague.com
wallpapers.csplague.com
wallpaper.csplague.com
www.teamspeak3.gen.tr
www.vbulletin.com

Subject Issuer	Validity	Valid
csplague.com E1	`2023-12-16` - `2024-03-15`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2023-12-26` - `2024-06-05`	5 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh

This page contains 15 frames:

Primary Page: https://www.csplague.com/forum.php?s=2b8da5ab27718bd5775888fc7ca84de8
Frame ID: 5A7AB3427F10290526B1D7F00D836F26
Requests: 63 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240108/r20190131/zrt_lookup_fy2021.html?hello=world
Frame ID: E197687431811A849027F0F1DA211072
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2837413570422147&output=html&adk=312923266&adf=3408293436&lmt=1704842027&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.csplague.com%2Fforum.php%3Fs%3D2b8da5ab27718bd5775888fc7ca84de8&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~3~4~6&aslcwct=150&asacwct=25&aslmct=0.8&asamct=0.8&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704842027405&bpp=4&bdt=769&idt=208&shv=r20240108&mjsv=m202401030101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4227252849199&frm=20&pv=2&ga_vid=159196014.1704842027&ga_sid=1704842027&ga_hid=567063201&ga_fc=1&ga_wpids=UA-89439016-3&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079266%2C31079979%2C31080223%2C31080259%2C31080265%2C44809003%2C31080235%2C44807406%2C95320378%2C95320889%2C95321627&oid=2&pvsid=3610776645049472&tmod=1411073478&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=230
Frame ID: 3F6400452D663131F6848CBAA9DB7AB7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2837413570422147&output=html&h=280&slotname=9280141763&adk=545678459&adf=1249838384&pi=t.ma~as.9280141763&w=1200&fwrn=4&fwrnh=100&lmt=1704842027&rafmt=1&format=1200x280&url=https%3A%2F%2Fwww.csplague.com%2Fforum.php%3Fs%3D2b8da5ab27718bd5775888fc7ca84de8&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704842027409&bpp=1&bdt=773&idt=232&shv=r20240108&mjsv=m202401030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4227252849199&frm=20&pv=1&ga_vid=159196014.1704842027&ga_sid=1704842027&ga_hid=567063201&ga_fc=1&ga_wpids=UA-89439016-3&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=277&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079266%2C31079979%2C31080223%2C31080259%2C31080265%2C44809003%2C31080235%2C44807406%2C95320378%2C95320889%2C95321627&oid=2&pvsid=3610776645049472&tmod=1411073478&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&dtd=237
Frame ID: E2CD8F8C91F6F292E9D54D32C351BB2B
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2837413570422147&output=html&h=280&slotname=1317891267&adk=4049665865&adf=477089168&pi=t.ma~as.1317891267&w=1200&fwrn=4&fwrnh=100&lmt=1704842027&rafmt=1&format=1200x280&url=https%3A%2F%2Fwww.csplague.com%2Fforum.php%3Fs%3D2b8da5ab27718bd5775888fc7ca84de8&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704842027410&bpp=1&bdt=775&idt=241&shv=r20240108&mjsv=m202401030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=4227252849199&frm=20&pv=1&ga_vid=159196014.1704842027&ga_sid=1704842027&ga_hid=567063201&ga_fc=1&ga_wpids=UA-89439016-3&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4202&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079266%2C31079979%2C31080223%2C31080259%2C31080265%2C44809003%2C31080235%2C44807406%2C95320378%2C95320889%2C95321627&oid=2&pvsid=3610776645049472&tmod=1411073478&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=244
Frame ID: 914A959BDA4C067ED5A5E28FFC8CAE90
Requests: 14 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Fq6oDGdSocwEj5ustB2bn5Kla54CG7w9cuWyRfTyGJI.js
Frame ID: C13480DB54DE737FBC266208C74CD5A3
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240108/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Frame ID: BED68F09D38299FA927583FDDBADF7DF
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240108/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Frame ID: 6CDA18F78848554CEC9B30AC377C4988
Requests: 15 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Fq6oDGdSocwEj5ustB2bn5Kla54CG7w9cuWyRfTyGJI.js
Frame ID: 37579F4FD787D81EFC25F1A9EE144455
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500%7CGoogle%20Sans%3A400
Frame ID: 17365D1655A6404192F3B026C2A7BF40
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: C34563A1F4769F7674BF0CB9784C5F34
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Fq6oDGdSocwEj5ustB2bn5Kla54CG7w9cuWyRfTyGJI.js
Frame ID: 6D2CFD04B3341B5325200E5FDDA90B30
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Fq6oDGdSocwEj5ustB2bn5Kla54CG7w9cuWyRfTyGJI.js
Frame ID: D490F2361A36613195092F0950AE07AB
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 111A1445BC1714420C8569024F612C85
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: CE5C87B5ACC8380997C8FC7C99894E16
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Türkiyenin Counter Strike Forumu

Page URL History Show full URLs

http://www.csplague.com/ HTTP 303
https://www.csplague.com/forum.php?s=2b8da5ab27718bd5775888fc7ca84de8 Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

YUI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

(?:/yui/|yui\.yahooapis\.com)

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

133
Requests

95 %
HTTPS

80 %
IPv6

11
Domains

16
Subdomains

15
IPs

5
Countries

1521 kB
Transfer

3898 kB
Size

31
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: http://csplague.com/
Title: Counter Strike

Search URL Search Domain Scan URL

URL: https://metrika.yandex.com.tr/stat/?id=44798791&from=informer

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/in/haliskilic/
Title: Halis KILIÇ - Embedded System Developer

Search URL Search Domain Scan URL

URL: https://haliskilic.com/
Title: Halis KILIÇ

Search URL Search Domain Scan URL

URL: https://falloutfits.csplague.com/
Title: Fall Outfits Blog

Search URL Search Domain Scan URL

URL: https://gif.csplague.com/
Title: Blog GIFs

Search URL Search Domain Scan URL

URL: https://wallpapers.csplague.com/
Title: Wallpaper Blog

Search URL Search Domain Scan URL

URL: https://wallpaper.csplague.com/
Title: Wallpaper Blog

Search URL Search Domain Scan URL

URL: https://www.teamspeak3.gen.tr/
Title: Team Speak 3 Server Kiralama

Search URL Search Domain Scan URL

URL: https://www.vbulletin.com/
Title: vBulletin®

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.csplague.com/ HTTP 303
https://www.csplague.com/forum.php?s=2b8da5ab27718bd5775888fc7ca84de8 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 50

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10243.WIPC42J95uJbakoR9hTpQmKzikxYBnTlMB4ucU8Jbt8pSrQUnA_kz4_EHPIx8bpN.i7QSbPmd_t2YBeqffCpKoQ2L5fs%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=10243.cdYNLKu3n2508INcZnRexRvXVpgladR87Fr6JWy86yzEfVAXcmLOw13dPt51o5m6U8e7hQlHTcfmGNToVdhEoFH_6DURxB9jSxGwXtBRH0_uD5nEf5JYlSoDc3LWDYuTCyP_HLFT6xMzvpk0XlAiFuFj1XlmX9Pm9wcQYDoqCIsUDHCWsFaNN3iI8AhiK9AkVdmgUQUdiJl8LEp2nupZ96c1zaLsXfHgxn4NCqs85uM%2C.9SS-_EFbBTKkaQlw0LauLhUdekY%2C HTTP 302
https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10243.5OJDEl1ylapSxKOY_GYvS5Flj6v1LnzeP9B-GxVlc4CQEppdUMyWlvXQO25VwksXQDcUraLc9qKk0m4ey8l35bO685NajcRR4IwDh3HbPzLtS6RBp40VxH4qX-ytY21-_K0uTyaNnDUCPPvGmc6hFRevG8oW_rH-rqOZRsRTg2lU6o8jwNdPlsUG7PFpJosfP-ZVvMnTObpNdjkM_Fic3A%2C%2C.-GZbne5ib786_sUVLMB1l8tV7eA%2C

Request Chain 55

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=2&utmn=724189074&utmhn=www.csplague.com&utmcs=windows-1254&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=T%C3%BCrkiyenin%20Counter%20Strike%20Forumu&utmhid=567063201&utmr=-&utmp=%2Fforum.php%3Fs%3D2b8da5ab27718bd5775888fc7ca84de8&utmht=1704842027343&utmac=UA-89439016-3&utmcc=__utma%3D65603697.159196014.1704842027.1704842027.1704842027.1%3B%2B__utmz%3D65603697.1704842027.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B%2B__utmv%3D65603697.usergroup-1-Misafir%3B&utmjid=2030565254&utmredir=1&utmu=qBAQAAAAAAAAAAAAAAAAAAAE~ HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-89439016-3&cid=159196014.1704842027&jid=2030565254&_v=5.7.2&z=724189074

Request Chain 58

https://mc.yandex.com/watch/44798791?wmode=7&page-url=https%3A%2F%2Fwww.csplague.com%2Fforum.php%3Fs%3D2b8da5ab27718bd5775888fc7ca84de8&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6xnlnf9l49q2dxhnxcbm1hnf%3Afu%3A0%3Aen%3Awindows-1254%3Ala%3Aen-US%3Av%3A1201%3Acn%3A1%3Adp%3A0%3Als%3A1246340881979%3Ahid%3A253314059%3Az%3A60%3Ai%3A20240110001347%3Aet%3A1704842027%3Ac%3A1%3Arn%3A32802625%3Arqn%3A1%3Au%3A1704842027278165129%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A0%2C102%2C491%2C1%2C271%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1704842025769%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1704842028%3At%3AT%C3%BCrkiyenin%20Counter%20Strike%20Forumu&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)ti(1) HTTP 302
https://mc.yandex.com/watch/44798791/1?wmode=7&page-url=https%3A%2F%2Fwww.csplague.com%2Fforum.php%3Fs%3D2b8da5ab27718bd5775888fc7ca84de8&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6xnlnf9l49q2dxhnxcbm1hnf%3Afu%3A0%3Aen%3Awindows-1254%3Ala%3Aen-US%3Av%3A1201%3Acn%3A1%3Adp%3A0%3Als%3A1246340881979%3Ahid%3A253314059%3Az%3A60%3Ai%3A20240110001347%3Aet%3A1704842027%3Ac%3A1%3Arn%3A32802625%3Arqn%3A1%3Au%3A1704842027278165129%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A0%2C102%2C491%2C1%2C271%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1704842025769%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1704842028%3At%3AT%C3%BCrkiyenin%20Counter%20Strike%20Forumu&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29ti%281%29

Request Chain 87

https://googleads.g.doubleclick.net/pagead/adview?ai=C9VPmK9OdZaP1Kcbg1PIP-ayAaKDb5ItqpIqh47ARrgIQASCkzoUkYJWCgICwB6AB3M6WigPIAQmpAuQiJpgBWLI-qAMByAPLBKoEiAJP0GUT8Eb5VT7NSSg8NG55geBjw4UEzcx2cRcslG6rHDpUwJwNKv_F1spkYW0iPIuaF5EbzwnzPkCG7_Ox18oSg15mSmVPTrRLWqAHPiIl5Jfbxw5L3VtlQEivTe3rHgrIuxyvdOA_R-wy2L14_z7BqMOZOHyQggJBp-etGp0c9XDWUcOO5mUhpdwbJXuzN9b6fZj0Eh3W2YwNKiGqh_8-kI6Ovk0oKKo1BZQGXkyhgzjha8pmzhG3F4CyH_tUPtmKNq0h5Z1b4nVGsyeNM6_Ie6RpYVub_vwNmFFW8f4Tk_ERI0xXg6CVW5QVjiKMohY-IE0QKq0TxtAsvPNpIzW3TSZPRJjbYvnABOCOvYjFBIgF3cz55y6gBi6AB4yx6XWoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHBBCQ3gPSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WJec1bu30YMDmglMaHR0cHM6Ly9iaWtlbGVhc2luZy5kZS9ibG9nL2hhZW5kbGVyLXdlcmZlbi1iaWtlbGVhc2luZy1zZXJ2aWNlLWZhaXJuZXNzLXZvcoAKAcgLAaIMDCoKCgisurECu7uxArgT5APYEwOIFAHQFQGYFgGAFwGyFxwKGggAEhRwdWItMjgzNzQxMzU3MDQyMjE0NxgA&sigh=C36lj-MYkY4&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwAvHhf_gAJWMDoeixccOAaBs4c7tYYCEQ3zE6NKVnNAoqcGiDUtunPFlTdTvgY7LaO_1lxIiMh-1pQmT7pUeb3QlABSUTSNtULl8RakK3oYAQ&template_id=484&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%227053266038831068039%22,%22debug_reporting%22:true,%22destination%22:%22https://bikeleasing.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22826648412%22],%2222%22:[%22true%22],%224%22:[%2201-09%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2215646441209455739889%22}&andc=true

Request Chain 91

https://googleads.g.doubleclick.net/pagead/adview?ai=CrDZUK9OdZcC9KYvh1PIPyayskA-g2-SLaqSKoeOwEa4CEAEgpM6FJGCVgoCAsAegAdzOlooDyAEJqQLkIiaYAViyPqgDAcgDywSqBIgCT9AcfWugZVvzS_ibY0qzV-WAsbMiGv18-U8uiWbq5M2tfkYtCFbz7eZe80aPP9_RYnWXsKx1T6ur2rh7WTPf0UCUFnvAaVvzT0wqF2dcdNJ-UBLhpkBcydfQUyBhwvPiwZPqBc7-nsMK0YVtGpMP0alU4y66HySqVYC6hmibxwadYkaZIWidPMNLguSwE09BaHjK5kRRDz26-EQF_vN7JSm7RxJwszLJXJBx48AGbkvXKUJzZfCwbCUHQMq_PGDa5VE0bnYrSEIuyzKmGgxr99VaVMcGQAfXAUk8N71FCFXNIwApYrx8BtgFCELQbLw65Bt8SEmNiQUaHwOsZX_FCvYqv5nw8GvDwATgjr2IxQSIBd3M-ecuoAYugAeMsel1qAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwQQoekU0ggfCIDhgBAQARgfMgKqAjoCgEBIvf3BOliO49S7t9GDA5oJTGh0dHBzOi8vYmlrZWxlYXNpbmcuZGUvYmxvZy9oYWVuZGxlci13ZXJmZW4tYmlrZWxlYXNpbmctc2VydmljZS1mYWlybmVzcy12b3KACgHICwGiDAgqBgoErLqxArgT5APYEwOIFAHQFQGYFgGAFwGyFxwKGggAEhRwdWItMjgzNzQxMzU3MDQyMjE0NxgA&sigh=f883dSRoOSY&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTgAvHhf_IDGO40A37R9JOWyYuwm0WgaSQ0kJOUmSvTrZWnhgMzau53ektE209mVohpOdLdCehZvFpOKo_pSLRD6NjN23nW7RUcxJ-yvFbxgB&template_id=484&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%226856971360816133934%22,%22debug_reporting%22:true,%22destination%22:%22https://bikeleasing.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22826648412%22],%2222%22:[%22true%22],%224%22:[%2201-09%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2216304811685979011121%22}&andc=true

Request Chain 120

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 121

https://googleads.g.doubleclick.net/pagead/adview?ai=Cbhv5K9OdZbuuLaHnn88P89uy2Ayg2-SLaqSKoeOwEa4CEAEgpM6FJGCVgoCAsAegAdzOlooDyAEJqQLkIiaYAViyPqgDAcgDywSqBIgCT9BpWX10j6UQ6vlvIIVgcCmDMygrpoN-ojkFOLRqHStM_5IVZ3r7kIIN1-0D9tIqCgXNkq84YW87QszdoOGajVWCpah7dr-iWPys1MQcj21UBNS_0b4gOANRDW-H0LgMj6RkLxX2gJrKwYhzty5fLnWa2UMp3FbMlo_9Bpo6cu0nIwKM3I6rIeyv42xca36lGfm9SXTVopepKFhd_wXjo26nZuRLDpjik1ami_S9la-U3xDP8WlU-AUvNO7X3EEIR0W4xQLAwxIAaxF1B1pldXC5VZkSpi4-6w2lDZ1X6Cld9Pr-dVVntwWGvBKoQH6Legvy45CuVvvsRkN3Ajm0clq3eXc5e8S7wATgjr2IxQSIBd3M-ecuoAYugAeMsel1qAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwQQl9EV0ggfCIDhgBAQARgfMgKqAjoCgEBIvf3BOljHtdS7t9GDA5oJTGh0dHBzOi8vYmlrZWxlYXNpbmcuZGUvYmxvZy9oYWVuZGxlci13ZXJmZW4tYmlrZWxlYXNpbmctc2VydmljZS1mYWlybmVzcy12b3KACgHICwGiDAgqBgoErLqxArgT5APYEwOIFAHQFQGYFgGAFwGyFxwKGggAEhRwdWItMjgzNzQxMzU3MDQyMjE0NxgA&sigh=zq2QqJQ9H0o&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTgAvHhf_mt6qRgJAzjzzrZV-EviXJdOagr4gU6oRurhR-f8x_jb6-sZiVvkPH3ui1Z1X8QgSBDZEc4mhdTM0JYYmDslFixsfqDWP_izj3BgB&template_id=484&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%226043422347108363232%22,%22debug_reporting%22:true,%22destination%22:%22https://bikeleasing.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22826648412%22],%2222%22:[%22true%22],%224%22:[%2201-09%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%223789797180447913105%22}&andc=true

133 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request forum.php Show response
www.csplague.com/
Redirect Chain

http://www.csplague.com/
https://www.csplague.com/forum.php?s=2b8da5ab27718bd5775888fc7ca84de8

99 KB
15 KB

593ms
491ms

Document
text/html

172.67.128.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.csplague.com/forum.php?s=2b8da5ab27718bd5775888fc7ca84de8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.128.64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e68e651d86a3a60741e5d299fdf0923e31bd052fd0a8f3bbe924e92c29d3b17

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private
cf-cache-status: DYNAMIC
cf-ray: 84305f6789dbf154-CDG
content-encoding: br
content-type: text/html; charset=ISO-8859-9
date: Tue, 09 Jan 2024 23:13:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: private
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ADb%2Fj%2BVbRV7emqH%2F826FQqs7OxGJ3MZ97RwUjpnLlQlgabzHtfEOD%2Fyxj9SW4RhrfRMHCgGr7EINTCD85qlxMr47Us1uOZLLoEWsLkKxiUVxEhubsDxYFEg%2B5sycwo0tqtZx"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed

Redirect headers

CF-Cache-Status: DYNAMIC
CF-RAY: 84305f65a840b724-AMS
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Date: Tue, 09 Jan 2024 23:13:46 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hnZEnm6KaxeXR0OborVY7Uh01%2BX4AXHiSrRnql4ddhnRtRe1xwFnA%2FSF5UwFSKdnpeHoW0IbH%2BiM5axP3nm0eD9i6UUus490tx88fseeNmAe7LOA0u1KVRkZfs8BHV1jDNK3"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
alt-svc: h3=":443"; ma=86400
location: https://www.csplague.com/forum.php?s=2b8da5ab27718bd5775888fc7ca84de8
x-turbo-charged-by: LiteSpeed

GET
H2 404 yuiloader-dom-event.js
www.csplague.com/https://ajax.googleapis.com/ajax/libs/yui/2.9.0/build/yuiloader-dom-event/ 0
0 239ms
236ms Script
text/html 172.67.128.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.csplague.com/https://ajax.googleapis.com/ajax/libs/yui/2.9.0/build/yuiloader-dom-event/yuiloader-dom-event.js
Requested by: Host: www.csplague.com
URL: https://www.csplague.com/forum.php?s=2b8da5ab27718bd5775888fc7ca84de8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.128.64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csplague.com/forum.php?s=2b8da5ab27718bd5775888fc7ca84de8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 23:13:46 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rne5XwvicRUZUQ3nepp5lyPwezPGOWn8LmCUJBJEVvGfwgpAZfOQEtLJ7G3eJ0PnIUcZNbmU5IDOps6aAQHmkvsMAYf5mmZv84%2FHuWP92OJ6SLv4gKY0FwOSxaBYTKMMGhEE"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: max-age=14400
x-turbo-charged-by: LiteSpeed
cf-ray: 84305f6aadbaf154-CDG
alt-svc: h3=":443"; ma=86400

GET
H2 200 vbulletin-core.js Show response
www.csplague.com/clientscript/ 50 KB
15 KB 241ms
239ms Script
text/javascript 172.67.128.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.csplague.com/clientscript/vbulletin-core.js?v=420
Requested by: Host: www.csplague.com
URL: https://www.csplague.com/forum.php?s=2b8da5ab27718bd5775888fc7ca84de8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.128.64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bd2eee6db5b0cefc775a78fed85b40b9ffce811ec56d34e239172228a2bcf696

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csplague.com/forum.php?s=2b8da5ab27718bd5775888fc7ca84de8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 23:13:46 GMT
content-encoding: br
cf-cache-status: REVALIDATED
cf-bgj: minify
last-modified: Tue, 17 Jan 2017 16:57:41 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=51931
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ayR13g3Ggm%2FoAnjSzREyk5cBHLS1kOK4R2DwO0xVPy8Ygko%2FT7suHAVvpqbN5H%2BmYPoZldJcwHcw5d%2FbbIPKBWV31%2BIdCGyYmKz8f%2Bee4nk0KAuKynUX8Y32XQJQLtXQoxuN"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=14400
x-turbo-charged-by: LiteSpeed
cf-ray: 84305f6aadbbf154-CDG
alt-svc: h3=":443"; ma=86400

GET
H2 200 css.php
www.csplague.com/ 89 KB
18 KB 156ms
154ms Stylesheet
text/css 172.67.128.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.csplague.com/css.php?styleid=29&langid=4&d=1639831976&td=ltr&sheet=bbcode.css,editor.css,popupmenu.css,reset-fonts.css,vbulletin.css,vbulletin-chrome.css,vbulletin-formcontrols.css,
Requested by: Host: www.csplague.com
URL: https://www.csplague.com/forum.php?s=2b8da5ab27718bd5775888fc7ca84de8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.128.64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8281f11037bd7cbf83bb7de917fb92f7d61710d944c29e10fb89b83eca40bde2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csplague.com/forum.php?s=2b8da5ab27718bd5775888fc7ca84de8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
date: Tue, 09 Jan 2024 23:13:46 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Sat, 18 Dec 2021 12:52:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SB7%2FPDB0SALkBRDGDUnycHT8nMJOL8kooom4TmIywDd6qVDz9eBDL9t9%2FQ2LIhnnMXyRWt63tyHqXYYpHVPFFbel8%2BshGtqGrXWbdHwbuPBL7NRJzS5Kwn4t0C%2FiZUINOwTj"}],"group":"cf-nel","max_age":604800}
content-type: text/css;charset=UTF-8
cache-control: max-age=31536000
x-turbo-charged-by: LiteSpeed
cf-ray: 84305f6aadb9f154-CDG
alt-svc: h3=":443"; ma=86400
expires: Wed, 08 Jan 2025 23:13:46 GMT

GET
H2 200 converter.js Show response
www.csplague.com/ 27 KB
10 KB 233ms
231ms Script
text/javascript 172.67.128.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.csplague.com/converter.js
Requested by: Host: www.csplague.com
URL: https://www.csplague.com/forum.php?s=2b8da5ab27718bd5775888fc7ca84de8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.128.64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85fc6dd3edb453cd807413b7f2a1bbe9b9c1a5b4128d308cde837bdd8545a6fb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csplague.com/forum.php?s=2b8da5ab27718bd5775888fc7ca84de8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 23:13:46 GMT
content-encoding: br
cf-cache-status: REVALIDATED
cf-bgj: minify
last-modified: Sat, 11 Nov 2017 22:30:17 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=29474
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S%2Fv%2Bpslu%2F53j%2FW5cOc6ea7E88dd3DBtzt%2F1sjLCm7jYbE2Ow9%2FJIiLoOZg%2F01qmobxFb3eKmZyIL93vvNx5c8bkD6igjUCzhoh%2FU5vjhEJc9OSx9lRUK%2FioqdV%2BKO6U%2FubYL"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=14400
x-turbo-charged-by: LiteSpeed
cf-ray: 84305f6aadbdf154-CDG
alt-svc: h3=":443"; ma=86400

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 149 KB
51 KB 188ms
101ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.csplague.com
URL: https://www.csplague.com/forum.php?s=2b8da5ab27718bd5775888fc7ca84de8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f8d4ba93d58e93dbbd63d35fc2957faf6d64fb14615cd0b08a6ab850321a8c4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csplague.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 23:13:47 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51498
x-xss-protection: 0
server: cafe
etag: 6102874869155186360
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 09 Jan 2024 23:13:47 GMT

GET
H2 200 jquery.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.3.2/ 118 KB
35 KB 134ms
39ms Script
text/javascript 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.3.2/jquery.js

Requested by

Host: www.csplague.com
URL: https://www.csplague.com/forum.php?s=2b8da5ab27718bd5775888fc7ca84de8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

233a5d16bee5a64bf3bc19abe3cc812a1e0619435f01c163f628773a469ff719

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csplague.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 17:14:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 107946
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35375
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 07 Jan 2025 17:14:40 GMT

GET
H2 200 vbulletin_read_marker.js Show response
www.csplague.com/clientscript/ 4 KB
2 KB 235ms
233ms Script
text/javascript 172.67.128.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.csplague.com/clientscript/vbulletin_read_marker.js?v=420
Requested by: Host: www.csplague.com
URL: https://www.csplague.com/forum.php?s=2b8da5ab27718bd5775888fc7ca84de8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.128.64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3d2dc665f328e0c828935290078bcb2d3a0df9c5c93b30e2242c78221513e7e7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csplague.com/forum.php?s=2b8da5ab27718bd5775888fc7ca84de8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 23:13:46 GMT
content-encoding: br
cf-cache-status: REVALIDATED
cf-bgj: minify
last-modified: Tue, 17 Jan 2017 16:57:53 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=4446
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4h%2BHQWXV1VWkzcuk%2BJKOJc4ITYAaK7MAE%2BwR9XbbSzhQbZ7adlG%2F2%2Bjk%2FHYbyg6rrIC9HiygC1%2BEYwV%2Bd2RjF42m7Afb01YylgwzWl7LdmrFbfPczuz2sVM7gmRAOTIM3zLz"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=14400
x-turbo-charged-by: LiteSpeed
cf-ray: 84305f6aadc3f154-CDG
alt-svc: h3=":443"; ma=86400

GET
H2 200 css.php
www.csplague.com/ 14 KB
3 KB 276ms
274ms Stylesheet
text/css 172.67.128.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.csplague.com/css.php?styleid=29&langid=4&d=1639831976&td=ltr&sheet=forumbits.css,forumhome.css,options.css
Requested by: Host: www.csplague.com
URL: https://www.csplague.com/forum.php?s=2b8da5ab27718bd5775888fc7ca84de8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.128.64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 90403799c6188fbbba6073533195f94ddf48fc9e63ad735e58742177fa00879b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csplague.com/forum.php?s=2b8da5ab27718bd5775888fc7ca84de8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
date: Tue, 09 Jan 2024 23:13:46 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Sat, 18 Dec 2021 12:52:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Iig8rPtweds2bxUDW9DUAxOuNiaGIXBqV3cW5N8CBfO3%2BglKYMD%2Fg1PtfE1aKtYZ3HTp%2BJjv3ZgNTdNhpLlAWNUYB%2Fj%2FUDIORAI7shj9VXTTiLUCDlvlvBLYkwz0Q6sCZM%2FG"}],"group":"cf-nel","max_age":604800}
content-type: text/css;charset=UTF-8
cache-control: max-age=31536000
x-turbo-charged-by: LiteSpeed
cf-ray: 84305f6aadbef154-CDG
alt-svc: h3=":443"; ma=86400
expires: Wed, 08 Jan 2025 23:13:46 GMT

GET
H2 200 css.php
www.csplague.com/ 22 KB
5 KB 261ms
259ms Stylesheet
text/css 172.67.128.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.csplague.com/css.php?styleid=29&langid=4&d=1639831976&td=ltr&sheet=additional.css
Requested by: Host: www.csplague.com
URL: https://www.csplague.com/forum.php?s=2b8da5ab27718bd5775888fc7ca84de8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.128.64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 63af4ce8f8bcebe69cb3f81f4c253418c326ceb06496b2f7059642204df29875

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csplague.com/forum.php?s=2b8da5ab27718bd5775888fc7ca84de8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
date: Tue, 09 Jan 2024 23:13:46 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Sat, 18 Dec 2021 12:52:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FN%2FFxAoZxq1unk8BZLzaArV6PrBBYgbhbAQBf8oGyU3HfsByPkMV5XqbYybtV5Dyv92fj8%2BG%2FJrLptNALcpRKVztSUuz3v5KjJdtOY9JpDTv%2Bt0aUpy0uVhRi%2BNmjpyCvCgR"}],"group":"cf-nel","max_age":604800}
content-type: text/css;charset=UTF-8
cache-control: max-age=31536000
x-turbo-charged-by: LiteSpeed
cf-ray: 84305f6aadc0f154-CDG
alt-svc: h3=":443"; ma=86400
expires: Wed, 08 Jan 2025 23:13:46 GMT

GET
H2 200 css.php
www.csplague.com/ 2 KB
599 B 284ms
283ms Stylesheet
text/css 172.67.128.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.csplague.com/css.php?styleid=29&langid=4&d=&sheet=forumhome_sub_forum_manager.css
Requested by: Host: www.csplague.com
URL: https://www.csplague.com/forum.php?s=2b8da5ab27718bd5775888fc7ca84de8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.128.64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d068637fee540aa04315632748882690c92d70fe4412966ba3435100d550cad1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csplague.com/forum.php?s=2b8da5ab27718bd5775888fc7ca84de8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
date: Tue, 09 Jan 2024 23:13:46 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Sat, 18 Dec 2021 12:52:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HrMwa9atoFzR5AEaAe%2BtLBKtMyQR8p6QbggyqplrG7OvOUyGYUEjw1on89zEsAEP9KryZkqbmIol5P07UwkI44ZMkhybRlELKcPBL14y5mC1qhFb7F5P6m0bW4BsdZe1BGK%2B"}],"group":"cf-nel","max_age":604800}
content-type: text/css;charset=UTF-8
cache-control: max-age=31536000
x-turbo-charged-by: LiteSpeed
cf-ray: 84305f6aadc2f154-CDG
alt-svc: h3=":443"; ma=86400
expires: Wed, 08 Jan 2025 23:13:46 GMT

GET
H2 200 vbulletin_md5.js Show response
www.csplague.com/clientscript/ 5 KB
2 KB 233ms
232ms Script
text/javascript 172.67.128.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.csplague.com/clientscript/vbulletin_md5.js?v=420
Requested by: Host: www.csplague.com
URL: https://www.csplague.com/forum.php?s=2b8da5ab27718bd5775888fc7ca84de8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.128.64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6e4ed9f4271f22c3bb4405155731f16c131e71d4c752060017496c0bbd2d5c85

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csplague.com/forum.php?s=2b8da5ab27718bd5775888fc7ca84de8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 23:13:46 GMT
content-encoding: br
cf-cache-status: REVALIDATED
cf-bgj: minify
last-modified: Tue, 17 Jan 2017 16:57:50 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xWgfM4%2B5sD4SQZ81yMTWpFoJTEcSBSpjWe5pgxuNcYt5OCem97j2ZpWkfGxfc1ADNxNGQeUy4fYQry0zVZRi8ZQIUu24r11I8hoL9V%2BrtmZDOKcF0Vd7%2FyWmekhfofl%2BxbHh"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=14400
x-turbo-charged-by: LiteSpeed
cf-ray: 84305f6aadc4f154-CDG
alt-svc: h3=":443"; ma=86400

GET
H2 200 logo.png
www.csplague.com/images/primus/blue/misc/ 29 KB
30 KB 58ms
57ms Image
image/png 172.67.128.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.csplague.com/images/primus/blue/misc/logo.png
Requested by: Host: www.csplague.com
URL: https://www.csplague.com/forum.php?s=2b8da5ab27718bd5775888fc7ca84de8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.128.64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e5074ce08145a4fd062816be25171706ceeca58a8f2a4e7ced6935ad620d4121

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csplague.com/forum.php?s=2b8da5ab27718bd5775888fc7ca84de8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 23:13:46 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 198233
alt-svc: h3=":443"; ma=86400
content-length: 29960
last-modified: Tue, 17 Jan 2017 16:41:00 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IJDpAsI29Ty814jvF4lRhdROMg%2BT42JJT9hVJCqlMmyf9%2Fu31xMT%2Flpg0Al72dc9VYJ9DzhHATJhO%2FK4htf1iedKKz365x7s0R7nTE%2BHKQtuOPz%2F7Qa1yrfZHhEr1X1o9X7Q"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 84305f6aadc5f154-CDG
expires: Sun, 14 Jan 2024 16:09:53 GMT

GET
H2 200 navbit-home.png
www.csplague.com/images/primus/blue/misc/ 268 B
596 B 102ms
101ms Image
image/png 172.67.128.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.csplague.com/images/primus/blue/misc/navbit-home.png
Requested by: Host: www.csplague.com
URL: https://www.csplague.com/forum.php?s=2b8da5ab27718bd5775888fc7ca84de8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.128.64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1cf0b64f8cc9169d0158b5432e8e99db70a5c011bcd331015f3d07742eeaa641

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csplague.com/forum.php?s=2b8da5ab27718bd5775888fc7ca84de8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 23:13:46 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 364770
alt-svc: h3=":443"; ma=86400
content-length: 268
last-modified: Tue, 17 Jan 2017 16:41:01 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tYA2uqYx%2Bs2n8UBFEr6ibX1rbtGeSNmE4h4czr2AjHVwZv3YmbBvagc9mxt2dwGzOUehnafVR7bqYXRuoQ2p93zk7ekFLx7P8Uh%2BB4XF%2FhKFPCJPPUf%2FI%2FWWXRtlEuGFo6v3"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 84305f6afe06f154-CDG
expires: Fri, 12 Jan 2024 17:54:16 GMT

GET
H2 200 collapse_40b.png
www.csplague.com/images/primus/blue/buttons/ 917 B
1 KB 56ms
54ms Image
image/png 172.67.128.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.csplague.com/images/primus/blue/buttons/collapse_40b.png
Requested by: Host: www.csplague.com
URL: https://www.csplague.com/forum.php?s=2b8da5ab27718bd5775888fc7ca84de8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.128.64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: df8dd5d913aa3ef7db2b23730fb7535aad1e9e92a20e66114de8bec0ac9739e3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csplague.com/forum.php?s=2b8da5ab27718bd5775888fc7ca84de8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 23:13:46 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 312243
alt-svc: h3=":443"; ma=86400
content-length: 917
last-modified: Tue, 17 Jan 2017 16:40:34 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=taHB%2BonbjGheu%2FAjAZ6l6B5cZvlVh0CWY21cL0FVBULk6R5ueQF7MRdEl2qHhynSM1%2BEs8%2BEUGHexKd8AX65ZXmjfNZMvTTtNZidAVbyxjR8toQaE9IatILVHzDvBx0Zcy4F"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 84305f6b0e10f154-CDG
expires: Sat, 13 Jan 2024 08:29:43 GMT

GET
H3 200 forum_old-48.png
www.csplague.com/images/primus/blue/statusicon/ 3 KB
3 KB 51ms
50ms Image
image/png 172.67.128.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.csplague.com/images/primus/blue/statusicon/forum_old-48.png
Requested by: Host: www.csplague.com
URL: https://www.csplague.com/forum.php?s=2b8da5ab27718bd5775888fc7ca84de8
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.128.64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 476a49b5d8f5c7e06bedd4c39154c10a51d8516a8258126efb6c0dc4a5390d4f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csplague.com/forum.php?s=2b8da5ab27718bd5775888fc7ca84de8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 23:13:46 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 12520
alt-svc: h3=":443"; ma=86400
content-length: 2851
last-modified: Tue, 17 Jan 2017 16:41:26 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zJ3KyB%2Fk%2B5xTZY98cnKVPC0xDukdNTNETyQeOgbFX6dlrvirjNp16vTF4hwbuBIOXpv%2FTvWO1WQjhL2DH3TrkeHZ6qCuxe3o07XJ7pcfApoR4k8QLpoIxHuyCYrkZttUWUBc"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 84305f6b48c76610-AMS
expires: Tue, 16 Jan 2024 19:45:06 GMT

GET
H3 200 subforum_old-48.png
www.csplague.com/images/primus/blue/statusicon/ 254 B
753 B 50ms
49ms Image
image/png 172.67.128.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.csplague.com/images/primus/blue/statusicon/subforum_old-48.png
Requested by: Host: www.csplague.com
URL: https://www.csplague.com/forum.php?s=2b8da5ab27718bd5775888fc7ca84de8
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.128.64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 21050d1e2217b2e12905dfd29b1e064a8615eec49e5c3c78f28d5ef00214bca6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csplague.com/forum.php?s=2b8da5ab27718bd5775888fc7ca84de8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 23:13:46 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 281618
alt-svc: h3=":443"; ma=86400
content-length: 254
last-modified: Tue, 17 Jan 2017 16:41:28 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h0maiofNicNQYWm09O4WDUOx20Mx8%2BfiOXlT3AaWJuqr0jmr%2FnvowEYJeHZAtTGOwfm8lfnlov%2FNoEuN3v6a72iQSkLgMIgf2WO6KMCvN7%2Bs1QYEu%2Bg63bZwQU8wfUgQXlX4"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 84305f6b68fc6610-AMS
expires: Sat, 13 Jan 2024 17:00:08 GMT

GET
H3 200 icon1.png
www.csplague.com/images/icons/ 594 B
1 KB 51ms
50ms Image
image/png 172.67.128.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.csplague.com/images/icons/icon1.png
Requested by: Host: www.csplague.com
URL: https://www.csplague.com/forum.php?s=2b8da5ab27718bd5775888fc7ca84de8
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.128.64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 270b5e8ce16893ddd2004ed6360b62b675136c6b9a667adc286a27df0a326b83

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csplague.com/forum.php?s=2b8da5ab27718bd5775888fc7ca84de8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 23:13:47 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 424329
alt-svc: h3=":443"; ma=86400
content-length: 594
last-modified: Tue, 17 Jan 2017 15:55:10 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ib709sS9JdtsfWm0oBiQvy%2BKvQhFPvRtyDNCWTy9bq8dC5eJNRgpaUAZjcnpHrvLQ1Ea4TqNlap7GX3KpnFEuSXlg8tnlcr%2Bf5wcuyXEYDQ3w7L1k%2Fw22G7x%2F%2Fw0B%2BpgkHDQ"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 84305f6deba46610-AMS
expires: Fri, 12 Jan 2024 01:21:38 GMT

GET
H3 200 lastpost-right.png
www.csplague.com/images/primus/blue/buttons/ 401 B
902 B 95ms
92ms Image
image/png 172.67.128.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.csplague.com/images/primus/blue/buttons/lastpost-right.png
Requested by: Host: www.csplague.com
URL: https://www.csplague.com/forum.php?s=2b8da5ab27718bd5775888fc7ca84de8
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.128.64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85ebcdc2edd25617bf3d095c11aa12809e582afd6674b6b86b383b4d18bd37e3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csplague.com/forum.php?s=2b8da5ab27718bd5775888fc7ca84de8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 23:13:47 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 424329
alt-svc: h3=":443"; ma=86400
content-length: 401
last-modified: Tue, 17 Jan 2017 16:40:38 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zP%2BSkOOTspR6brceX2WdLKzLSgR47h2Bh8PXBsMtO4UnIBKO3Lv%2BfxGRLcDwtTPf3JLo7my4eKmV25Jx9tla%2FzEo%2FteSydFuPtGO%2BNIlOXCavdpXKNp9aPInBslwW8%2Fv3jML"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 84305f6debab6610-AMS
expires: Fri, 12 Jan 2024 01:21:38 GMT

GET
H3 200 tanit.png
www.csplague.com/resim/ 15 KB
15 KB 53ms
49ms Image
image/png 172.67.128.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.csplague.com/resim/tanit.png
Requested by: Host: www.csplague.com
URL: https://www.csplague.com/forum.php?s=2b8da5ab27718bd5775888fc7ca84de8
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.128.64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bcc29375c4f0bff0ab91c83998924394345dd5a85dd4611c3c2504ea112caa0f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csplague.com/forum.php?s=2b8da5ab27718bd5775888fc7ca84de8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 23:13:47 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 281616
alt-svc: h3=":443"; ma=86400
content-length: 15127
last-modified: Tue, 17 Jan 2017 16:51:41 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l5TNBO6I1lV2C3H6WdA2JeLhSGeXzXOCoZg8v2cxPR%2FxuyG52%2FVgaVJffelZvB%2Fpf8lZt%2FcfxqSV4bLZgqHVv0V24GUs3XnQcFsyQN8Ch87X%2F0A254uL1CiES6tlSrmkbvs6"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 84305f6debac6610-AMS
expires: Sat, 13 Jan 2024 17:00:11 GMT

GET
H3 200 icon6.png
www.csplague.com/images/icons/ 804 B
1 KB 54ms
51ms Image
image/png 172.67.128.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.csplague.com/images/icons/icon6.png
Requested by: Host: www.csplague.com
URL: https://www.csplague.com/forum.php?s=2b8da5ab27718bd5775888fc7ca84de8
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.128.64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 494018c616ebbdd5473882a029aab7c72e0d1b76e353314cb68037b7c1472e4b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csplague.com/forum.php?s=2b8da5ab27718bd5775888fc7ca84de8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 23:13:47 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 500507
alt-svc: h3=":443"; ma=86400
content-length: 804
last-modified: Tue, 17 Jan 2017 15:55:13 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=anJDItOn7VkvbwrvObLzMiduDM%2Flrbw9xLcW2j3MG2KBFK%2BBslPaCmcQG%2BdFCo3c3jvKgPg1VhgaGHzL1EdecNPLlY3iVCTiwAIO9CDzbm73BDqOfa22RqsQamvnzHBkN976"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 84305f6debae6610-AMS
expires: Thu, 11 Jan 2024 04:12:00 GMT

GET
H3 200 icon10.png
www.csplague.com/images/icons/ 766 B
1 KB 55ms
52ms Image
image/png 172.67.128.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.csplague.com/images/icons/icon10.png
Requested by: Host: www.csplague.com
URL: https://www.csplague.com/forum.php?s=2b8da5ab27718bd5775888fc7ca84de8
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.128.64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 467db4fa5df25fbb4b47a75961f5ff7474166c3ec35f78b86b8217e51546d61a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csplague.com/forum.php?s=2b8da5ab27718bd5775888fc7ca84de8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 23:13:47 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 281613
alt-svc: h3=":443"; ma=86400
content-length: 766
last-modified: Tue, 17 Jan 2017 15:55:10 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4wiTKb1oINGnkkryz9HMPRxuSLhlx1C7lmmHm7KYeGzx7KypDYeX2hpyTAn%2FkHx6Xh3q6ogQi002JpFWn%2BECnyGA0B8FpLSlg5F%2B0fwSiTm8S3eBFeZe%2Bz7QlI%2FH7TE8GUC1"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 84305f6debb06610-AMS
expires: Sat, 13 Jan 2024 17:00:13 GMT

GET
H3 200 icon14.png
www.csplague.com/images/icons/ 589 B
1 KB 54ms
51ms Image
image/png 172.67.128.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.csplague.com/images/icons/icon14.png
Requested by: Host: www.csplague.com
URL: https://www.csplague.com/forum.php?s=2b8da5ab27718bd5775888fc7ca84de8
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.128.64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ad6278d6108066c2a49c520488a487c94d41efefd1a5dc52efbf132c3292845

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csplague.com/forum.php?s=2b8da5ab27718bd5775888fc7ca84de8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 23:13:47 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 461263
alt-svc: h3=":443"; ma=86400
content-length: 589
last-modified: Tue, 17 Jan 2017 15:55:11 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hIlGEYuAMXX4cXD4TjJQDYjAn3BHsX6IEC6PyYhc98RY1lZlNx0r6JQoi%2FfUZ%2Baw62dgOAS0scX90%2Bvks7iZ6S9sCY25xRPzmKKROG7o51D5LTPUP0tlr1xo5XjEaWpNfKJG"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 84305f6debb16610-AMS
expires: Thu, 11 Jan 2024 15:06:04 GMT

GET
H3 200 icon2.png
www.csplague.com/images/icons/ 549 B
1 KB 55ms
52ms Image
image/png 172.67.128.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.csplague.com/images/icons/icon2.png
Requested by: Host: www.csplague.com
URL: https://www.csplague.com/forum.php?s=2b8da5ab27718bd5775888fc7ca84de8
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.128.64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 80497890550b179159751751c29751798cd794d4740d50a60dea16a8b222070e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csplague.com/forum.php?s=2b8da5ab27718bd5775888fc7ca84de8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 23:13:47 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 358198
alt-svc: h3=":443"; ma=86400
content-length: 549
last-modified: Tue, 17 Jan 2017 15:55:12 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O7A0ZaU7saEXhZkXMExBFpayD90QYkV3w%2Fdq%2BzcCNH5RW4anQvrCLmIgZbDAjciGGnDmID6UDmvUZH%2FNx%2BJEH5ueUngLGFez72hBPyPAPZHNvU3pgXQSpAcTTv2lJXwinkfp"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 84305f6debb36610-AMS
expires: Fri, 12 Jan 2024 19:43:49 GMT

GET
H3 200 icon3.png
www.csplague.com/images/icons/ 729 B
1 KB 55ms
53ms Image
image/png 172.67.128.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.csplague.com/images/icons/icon3.png
Requested by: Host: www.csplague.com
URL: https://www.csplague.com/forum.php?s=2b8da5ab27718bd5775888fc7ca84de8
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.128.64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 474e6699b0b4012e842f29e3c97746b92b77a327106d7dd6ff432f424f2a7172

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csplague.com/forum.php?s=2b8da5ab27718bd5775888fc7ca84de8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 23:13:47 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 348309
alt-svc: h3=":443"; ma=86400
content-length: 729
last-modified: Tue, 17 Jan 2017 15:55:12 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8Xop0zu%2Ffv1gA4igjUS%2BL7qpiP%2B0vWv3gYFbGDGTgK5GjLcOy0N2D2KuxrjNuiNS7klF9H%2F%2FtpLO3lAdBgMQunoENVMPtPiLV8lelRlxqresQn1z0qUrj1zSTzDF2QUMF8x0"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 84305f6debb46610-AMS
expires: Fri, 12 Jan 2024 22:28:38 GMT

GET
H3 200 icon9.png
www.csplague.com/images/icons/ 738 B
1 KB 53ms
50ms Image
image/png 172.67.128.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.csplague.com/images/icons/icon9.png
Requested by: Host: www.csplague.com
URL: https://www.csplague.com/forum.php?s=2b8da5ab27718bd5775888fc7ca84de8
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.128.64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5e1377460306289cbb87404c8c391220e05f39a434d7026e728384321cba1388

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csplague.com/forum.php?s=2b8da5ab27718bd5775888fc7ca84de8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 23:13:47 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 281610
alt-svc: h3=":443"; ma=86400
content-length: 738
last-modified: Tue, 17 Jan 2017 15:55:14 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CiN4GE%2F9Ppb63UmWmwwXIeuOWWZNIfMwRtAwP6vU498rs6GdERCgKRpiPNqDKrOPRuOua7FbQfFSqkD1CSiPyuATDyY8df8U5hPKwOjNXK1FjtonDlm6JX1Ox08UCiRORhbx"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 84305f6debb56610-AMS
expires: Sat, 13 Jan 2024 17:00:17 GMT

GET
H3 200 icon4.png
www.csplague.com/images/icons/ 752 B
1 KB 95ms
93ms Image
image/png 172.67.128.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.csplague.com/images/icons/icon4.png
Requested by: Host: www.csplague.com
URL: https://www.csplague.com/forum.php?s=2b8da5ab27718bd5775888fc7ca84de8
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.128.64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac9c76742a0c13a8c3f028818bbb637635efacf78bcc2f1a642ffd01a7c760e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csplague.com/forum.php?s=2b8da5ab27718bd5775888fc7ca84de8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 23:13:47 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 527743
alt-svc: h3=":443"; ma=86400
content-length: 752
last-modified: Tue, 17 Jan 2017 15:55:12 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PcCnKi4D8ihwL99bm%2FeoqmslqJkjc46%2FikmNlAnePArcr7Zl0rjJjLHGOKIkXhfaiFGY2FXK6Fjw0mUXyD%2BlTSLt1oF%2FbDczBBrl6RyqJaBVH8uHM%2B%2F0JLZs7IuiiDHKnpCs"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 84305f6debb66610-AMS
expires: Wed, 10 Jan 2024 20:38:04 GMT

GET
H3 200 forum_stats.png
www.csplague.com/images/primus/blue/misc/ 323 B
825 B 96ms
93ms Image
image/png 172.67.128.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.csplague.com/images/primus/blue/misc/forum_stats.png
Requested by: Host: www.csplague.com
URL: https://www.csplague.com/forum.php?s=2b8da5ab27718bd5775888fc7ca84de8
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.128.64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f550b71b9d9ec77b8fd2f1d94c74309d9cd778a6c7dafd5f1f47a874fe3d6b76

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csplague.com/forum.php?s=2b8da5ab27718bd5775888fc7ca84de8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 23:13:47 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 281609
alt-svc: h3=":443"; ma=86400
content-length: 323
last-modified: Tue, 17 Jan 2017 16:40:57 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BaogsevO15X%2B%2FYi9fbU12aGAxV3Int44h%2FDjJ%2B3av8zEBUuxzR9LDAIleFtFsr%2Fy%2B8C7IZMizNBgk8fzoipZfBNw9%2BKs1Heqf1SiWKqaLnPxSQdgraXptmab721Gcx6a9nO8"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 84305f6debb76610-AMS
expires: Sat, 13 Jan 2024 17:00:18 GMT

GET
H3 200 legend.png
www.csplague.com/images/primus/blue/misc/ 235 B
737 B 96ms
94ms Image
image/png 172.67.128.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.csplague.com/images/primus/blue/misc/legend.png
Requested by: Host: www.csplague.com
URL: https://www.csplague.com/forum.php?s=2b8da5ab27718bd5775888fc7ca84de8
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.128.64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e77e8e8972fd543094f73cd90f4a7409520dbf1c8e0f228c22813ed6f5b8b34b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csplague.com/forum.php?s=2b8da5ab27718bd5775888fc7ca84de8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 23:13:47 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 281608
alt-svc: h3=":443"; ma=86400
content-length: 235
last-modified: Tue, 17 Jan 2017 16:40:59 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CIJk8QOo88I1m0U05UGj2zEz4TjjXD5i%2BKoldsKC%2FOfHJ6wpvKjonF3AuB%2FUucDYJk9wZVsJsOegchx7Ia8MqIxlujtKLOEkHy0u6T1VY2jkfYR6K5%2BSapvSFD%2BJPczOWaNJ"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 84305f6debb86610-AMS
expires: Sat, 13 Jan 2024 17:00:19 GMT

GET
H3 200 forum_new-16.png
www.csplague.com/images/primus/blue/statusicon/ 591 B
1 KB 96ms
94ms Image
image/png 172.67.128.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.csplague.com/images/primus/blue/statusicon/forum_new-16.png
Requested by: Host: www.csplague.com
URL: https://www.csplague.com/forum.php?s=2b8da5ab27718bd5775888fc7ca84de8
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.128.64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a4d101023d8ad3824d845885dd4d6f995c2502f7dc407920d82fc292aa397afd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csplague.com/forum.php?s=2b8da5ab27718bd5775888fc7ca84de8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 23:13:47 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 281608
alt-svc: h3=":443"; ma=86400
content-length: 591
last-modified: Tue, 17 Jan 2017 16:41:25 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FRZPRhMQQGyY%2BhafVY%2FaJM2W%2FfDl1uReXXFlip1ezqYGNcbkMz3OowfVhOlxyplHp%2BN5jM1cTymCxoq5FTYLWOKysVr6V7Xu86hxQwK6cgR2Mc5ezzLqQCJnt7QrybtUjPTJ"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 84305f6debba6610-AMS
expires: Sat, 13 Jan 2024 17:00:19 GMT

GET
H3 200 forum_old-16.png
www.csplague.com/images/primus/blue/statusicon/ 459 B
951 B 97ms
94ms Image
image/png 172.67.128.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.csplague.com/images/primus/blue/statusicon/forum_old-16.png
Requested by: Host: www.csplague.com
URL: https://www.csplague.com/forum.php?s=2b8da5ab27718bd5775888fc7ca84de8
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.128.64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1583215b5a5ec6136ed35e4a71e76ecf8cedc7d88569644d1871ec6355cdd0af

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csplague.com/forum.php?s=2b8da5ab27718bd5775888fc7ca84de8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 23:13:47 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 281608
alt-svc: h3=":443"; ma=86400
content-length: 459
last-modified: Tue, 17 Jan 2017 16:41:26 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1Jx1E27dSwXUausMEaqx5Ib7lAmpQFrOuSAFyJpoQ3JMz0FCmnAqHPEVfteoUHaYDQg21UOHnymzfkhQ0mrpaCKezADEtq0Ahc7CGqqjZHhJmvBwcTlbOoV5WKeUMVgqRBnh"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 84305f6debbb6610-AMS
expires: Sat, 13 Jan 2024 17:00:19 GMT

GET
H3 200 category-16.png
www.csplague.com/images/primus/blue/statusicon/ 538 B
1 KB 97ms
95ms Image
image/png 172.67.128.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.csplague.com/images/primus/blue/statusicon/category-16.png
Requested by: Host: www.csplague.com
URL: https://www.csplague.com/forum.php?s=2b8da5ab27718bd5775888fc7ca84de8
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.128.64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: df88af128f4db3ea8ef75266da16482eebd63505a7ef4cce72b5d4342d64396e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csplague.com/forum.php?s=2b8da5ab27718bd5775888fc7ca84de8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 23:13:47 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 281608
alt-svc: h3=":443"; ma=86400
content-length: 538
last-modified: Tue, 17 Jan 2017 16:41:23 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LibnfGmnG32RbF1h%2BHmWXgZjBzFHuNt7C0NjeM3NqJJJj6sgfc90usIuM%2B%2Fh2zNTLU6atTtVDxleAXmpz%2FaW9faqwlFhWgDHeufKK166kbwh%2F0fEQyGkJAbMtUGYmNrwcYel"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 84305f6debbc6610-AMS
expires: Sat, 13 Jan 2024 17:00:19 GMT

GET
H3 200 forum_link-16.png
www.csplague.com/images/primus/blue/statusicon/ 499 B
995 B 97ms
95ms Image
image/png 172.67.128.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.csplague.com/images/primus/blue/statusicon/forum_link-16.png
Requested by: Host: www.csplague.com
URL: https://www.csplague.com/forum.php?s=2b8da5ab27718bd5775888fc7ca84de8
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.128.64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 98308bc60e12771ba766f0d0be0a196a6e8cd28d61028f4d6d488a5326ba4229

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csplague.com/forum.php?s=2b8da5ab27718bd5775888fc7ca84de8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 23:13:47 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 281608
alt-svc: h3=":443"; ma=86400
content-length: 499
last-modified: Tue, 17 Jan 2017 16:41:25 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r%2Be1CA3aYmsLTy4Ooo0PL5K2jpdgHUm8RZg4aNv0IKX0c1VZq%2BCx30u0MSFdEDJKTlE7dB8qlzrg7GpxKY7dNHi9sCGfTcrEEvgr8rynPip7yHYPpBVqU2mYJ1cjcdzJWD%2Bb"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 84305f6debbd6610-AMS
expires: Sat, 13 Jan 2024 17:00:19 GMT

GET
H2 200 1_1_FFFFFFFF_EFEFEFFF_0_uniques
informer.yandex.ru/informer/44798791/ 777 B
944 B 114ms
78ms Image
image/png 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://informer.yandex.ru/informer/44798791/1_1_FFFFFFFF_EFEFEFFF_0_uniques

Requested by

Host: www.csplague.com
URL: https://www.csplague.com/forum.php?s=2b8da5ab27718bd5775888fc7ca84de8

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

de0528711561f43cc2d8e841a54f51ff6813fe1daacafe8ec908f040266f128f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csplague.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
last-modified: Tue, 09-Jan-2024 23:13:47 GMT
content-type: image/png
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 777
x-xss-protection: 1; mode=block
expires: Tue, 09-Jan-2024 23:13:47 GMT

GET
H2 200 watch.js Show response
mc.yandex.ru/metrika/ 157 KB
56 KB 322ms
158ms Script
application/javascript 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/watch.js

Requested by

Host: www.csplague.com
URL: https://www.csplague.com/forum.php?s=2b8da5ab27718bd5775888fc7ca84de8

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

fc0b834cbf1da15b1db4164eb42b2378ad6e5539a20f9e946f63b3e2cd0c024d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csplague.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 23:13:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Wed, 27 Dec 2023 07:32:12 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "658bd2fc-dd84"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
timing-allow-origin: *
content-length: 56708
expires: Wed, 10 Jan 2024 00:13:47 GMT

GET
H3 200 yuiloader-dom-event.js Show response
www.csplague.com/clientscript/yui/yuiloader-dom-event/ 60 KB
21 KB 218ms
217ms Script
application/javascript 172.67.128.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.csplague.com/clientscript/yui/yuiloader-dom-event/yuiloader-dom-event.js?v=420
Requested by: Host: www.csplague.com
URL: https://www.csplague.com/forum.php?s=2b8da5ab27718bd5775888fc7ca84de8
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.128.64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0766a3204b8ddb99bf3fe95fca5ea426f5c8fbb19d1cc2ebdcaa29f4702919f0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csplague.com/forum.php?s=2b8da5ab27718bd5775888fc7ca84de8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 23:13:47 GMT
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=61619
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 17 Jan 2017 16:59:01 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HUIYfoPZOtVXdXH625eAiKoYse5XAYPr0rRCaRrAzIEDqdVyZAgzQBJqEJAizZqwAold5VhvG%2Fp0yldPq6BEsos5JYgVyqBOvIRDcvFVdVIsR4XG9uzfXPRTX1QX35YSD%2BOQ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 84305f6c29bc6610-AMS
expires: Sat, 18 Nov 2023 08:14:39 GMT

GET
H3 200 connection-min.js Show response
www.csplague.com/clientscript/yui/connection/ 13 KB
5 KB 260ms
260ms Script
text/javascript 172.67.128.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.csplague.com/clientscript/yui/connection/connection-min.js?v=420
Requested by: Host: www.csplague.com
URL: https://www.csplague.com/forum.php?s=2b8da5ab27718bd5775888fc7ca84de8
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.128.64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c1287adfc1c6761dcb4221e342113981bfcf6067e0f65adbf417674f5e83da4d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csplague.com/forum.php?s=2b8da5ab27718bd5775888fc7ca84de8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 23:13:47 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 17 Jan 2017 16:58:47 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o%2FjXtJ2DMQvtfHkuPlE8zacUfXtNyHLa2KkyaWZ6gcfhpY08mOoxVciYblOgchEOVVBJUjBzpY9p8oFWuV61WXxjkqHBjYdXArmxrvK%2FV6e6d5AGSksT0gzlMFnfcrmYMlBU"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=14400
x-turbo-charged-by: LiteSpeed
cf-ray: 84305f6c29be6610-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 153ms
39ms Script
text/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: www.csplague.com
URL: https://www.csplague.com/forum.php?s=2b8da5ab27718bd5775888fc7ca84de8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csplague.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 09 Jan 2024 21:49:56 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 5031
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17168
expires: Tue, 09 Jan 2024 23:49:56 GMT

GET
H3 200 bg.jpg
www.csplague.com/images/primus/blue/misc/ 2 KB
3 KB 97ms
95ms Image
image/jpeg 172.67.128.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.csplague.com/images/primus/blue/misc/bg.jpg
Requested by: Host: www.csplague.com
URL: https://www.csplague.com/css.php?styleid=29&langid=4&d=1639831976&td=ltr&sheet=additional.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.128.64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 232cc562ae9d3ab2b08128f352e616a66da0c79febaf1194779b4a2525437f8e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csplague.com/css.php?styleid=29&langid=4&d=1639831976&td=ltr&sheet=additional.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 23:13:47 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 93748
alt-svc: h3=":443"; ma=86400
content-length: 2470
last-modified: Tue, 17 Jan 2017 16:40:54 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=APjkGtejvcZXN1LPbC3K6MWCGLdjC1XEWfsmYQ%2BRhzfZVVl8PlVjYMHyX6PftRKJvKeBnErAjPahZe6pybqv7ynu4hE6LdrCzcoOpe%2BAhKc0tX27PvtiR0lVtthNdNr6Gits"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 84305f6debbe6610-AMS
expires: Mon, 15 Jan 2024 21:11:19 GMT

GET
H3 200 top-links-bg.jpg
www.csplague.com/images/primus/blue/misc/ 2 KB
2 KB 87ms
87ms Image
image/jpeg 172.67.128.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.csplague.com/images/primus/blue/misc/top-links-bg.jpg
Requested by: Host: www.csplague.com
URL: https://www.csplague.com/css.php?styleid=29&langid=4&d=1639831976&td=ltr&sheet=bbcode.css,editor.css,popupmenu.css,reset-fonts.css,vbulletin.css,vbulletin-chrome.css,vbulletin-formcontrols.css,
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.128.64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0a0563c39d258abf315bcc33bd76f84b40e8e5bb52c2f144348d9bd94587c85d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csplague.com/css.php?styleid=29&langid=4&d=1639831976&td=ltr&sheet=bbcode.css,editor.css,popupmenu.css,reset-fonts.css,vbulletin.css,vbulletin-chrome.css,vbulletin-formcontrols.css,
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 23:13:47 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 281616
alt-svc: h3=":443"; ma=86400
content-length: 2025
last-modified: Tue, 17 Jan 2017 16:41:07 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EOiK8%2FFemsERbbq9R9XbM1fUPKih83HqRI7uF6SvpX2bqOIVKj70tSNG3TrM2R%2FQ91R0cphvMqAIHj8gXJi86zaYfAB75vZh6YAsc381HUozCJhwuk5Irjy6nqs7rZtXtxzt"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 84305f6dfbc96610-AMS
expires: Sat, 13 Jan 2024 17:00:11 GMT

GET
H3 200 login-form-bg.png
www.csplague.com/images/primus/blue/misc/ 2 KB
3 KB 211ms
211ms Image
image/png 172.67.128.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.csplague.com/images/primus/blue/misc/login-form-bg.png
Requested by: Host: www.csplague.com
URL: https://www.csplague.com/css.php?styleid=29&langid=4&d=1639831976&td=ltr&sheet=additional.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.128.64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c6299da15b98b2e26e1eaaeb7746a54c9d5d3211f456b27c4245e9b97ff6069a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csplague.com/css.php?styleid=29&langid=4&d=1639831976&td=ltr&sheet=additional.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 23:13:47 GMT
cf-cache-status: MISS
last-modified: Tue, 17 Jan 2017 16:40:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cZ1bEI1%2BtDQwUW7YRn2GYst%2Fcwp3A8Boee6rdowRdVnoI1nJjYPQVmHVTqc4PYMDlSZslPdT25ALgRWrwvFHQYoB0YB1%2FFSLj3mFNmTa9IVnHUECqTLAs%2BghuLsyaouQ%2FsKt"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 84305f6dfbca6610-AMS
alt-svc: h3=":443"; ma=86400
content-length: 2098
expires: Tue, 16 Jan 2024 23:13:47 GMT

GET
H3 200 login-button-bg.png
www.csplague.com/images/primus/blue/misc/ 1 KB
2 KB 87ms
87ms Image
image/png 172.67.128.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.csplague.com/images/primus/blue/misc/login-button-bg.png
Requested by: Host: www.csplague.com
URL: https://www.csplague.com/css.php?styleid=29&langid=4&d=1639831976&td=ltr&sheet=additional.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.128.64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a4c01cac7ba6ce8d9908681f0c5896c123944426a45bf436ee670ce2e7e77b19

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csplague.com/css.php?styleid=29&langid=4&d=1639831976&td=ltr&sheet=additional.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 23:13:47 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 93748
alt-svc: h3=":443"; ma=86400
content-length: 1488
last-modified: Tue, 17 Jan 2017 16:40:59 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YlPnkAdGDTRIfjDcUsrkAn5ghetwN1mbCkTTSEwBMGcrb8vObQXyUi5txPCGPtKLkdeyr%2Bjmnf8wockmAoAxOipNJKA0csofkqqrd00RiRdTSmXkyO0TQ%2FjwgQ5NgVU4wO5g"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 84305f6dfbcb6610-AMS
expires: Mon, 15 Jan 2024 21:11:19 GMT

GET
H3 200 hm-bg.jpg
www.csplague.com/images/primus/blue/misc/ 26 KB
26 KB 87ms
87ms Image
image/jpeg 172.67.128.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.csplague.com/images/primus/blue/misc/hm-bg.jpg
Requested by: Host: www.csplague.com
URL: https://www.csplague.com/css.php?styleid=29&langid=4&d=1639831976&td=ltr&sheet=additional.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.128.64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b6226548fe52164f899f9c3a0799b67bd27f58864cf039561f3b8a968ab46fdb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csplague.com/css.php?styleid=29&langid=4&d=1639831976&td=ltr&sheet=additional.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 23:13:47 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 93748
alt-svc: h3=":443"; ma=86400
content-length: 26201
last-modified: Tue, 17 Jan 2017 16:40:58 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u10M7VQeKKbI4aaGzab%2BUqgLpfs3DbCaoLa4LXMpVn8lj126dZocPMW1s49aBBh%2BTmMgSTUtvU8%2Bv3OpPqW1wDQr4rOl1Fjj8jZyhhdabHybffxlBW1YbzZhi6KnppfYLEQn"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 84305f6dfbcc6610-AMS
expires: Mon, 15 Jan 2024 21:11:19 GMT

GET
H3 200 navbar-bg.png
www.csplague.com/images/primus/blue/misc/ 244 B
741 B 124ms
124ms Image
image/png 172.67.128.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.csplague.com/images/primus/blue/misc/navbar-bg.png
Requested by: Host: www.csplague.com
URL: https://www.csplague.com/css.php?styleid=29&langid=4&d=1639831976&td=ltr&sheet=bbcode.css,editor.css,popupmenu.css,reset-fonts.css,vbulletin.css,vbulletin-chrome.css,vbulletin-formcontrols.css,
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.128.64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2307457012eaaf3dc044aef28eaf2faa200d2c052eecfb1f147bd1dd8b5b5faf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csplague.com/css.php?styleid=29&langid=4&d=1639831976&td=ltr&sheet=bbcode.css,editor.css,popupmenu.css,reset-fonts.css,vbulletin.css,vbulletin-chrome.css,vbulletin-formcontrols.css,
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 23:13:47 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 93748
alt-svc: h3=":443"; ma=86400
content-length: 244
last-modified: Tue, 17 Jan 2017 16:41:00 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nZtptKPeqDoOQ0ElSsiWKHIHw869j2mWGErQHiVW3x6Rqqtsq2zpfnEx2hzL%2ByMghR6IoemKQrXAcwHmGwUv%2F4Z%2FBSF3AWqNWXNgNXUtx8G9KH02Nsv2WOhZNIV6DNRds7WL"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 84305f6dfbce6610-AMS
expires: Mon, 15 Jan 2024 21:11:19 GMT

GET
H3 200 selected-tab-gradient-with-top-alpha.png
www.csplague.com/images/primus/blue/gradients/ 166 B
660 B 125ms
124ms Image
image/png 172.67.128.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.csplague.com/images/primus/blue/gradients/selected-tab-gradient-with-top-alpha.png
Requested by: Host: www.csplague.com
URL: https://www.csplague.com/css.php?styleid=29&langid=4&d=1639831976&td=ltr&sheet=bbcode.css,editor.css,popupmenu.css,reset-fonts.css,vbulletin.css,vbulletin-chrome.css,vbulletin-formcontrols.css,
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.128.64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31d6acda3942d761487bd68686baacf467ac20bea549564a0f13e57b99b702a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csplague.com/css.php?styleid=29&langid=4&d=1639831976&td=ltr&sheet=bbcode.css,editor.css,popupmenu.css,reset-fonts.css,vbulletin.css,vbulletin-chrome.css,vbulletin-formcontrols.css,
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 23:13:47 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 547520
alt-svc: h3=":443"; ma=86400
content-length: 166
last-modified: Tue, 17 Jan 2017 16:40:51 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JRWK4MUkv4oNnshJ3cILSmf9a6slzOpAEBXVRP3WacR9h0cXBtySp30hg96Arjt8pQhuNfzZraxTxTE8YHQ4kYX4x%2B0hMu5tuI8iBxWfvoRSGN4wGQc%2Bt7IZ1a9R2m2mAqje"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 84305f6dfbd06610-AMS
expires: Wed, 10 Jan 2024 15:08:27 GMT

GET
H3 200 arrow.png
www.csplague.com/images/primus/blue/misc/ 116 B
614 B 125ms
124ms Image
image/png 172.67.128.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.csplague.com/images/primus/blue/misc/arrow.png
Requested by: Host: www.csplague.com
URL: https://www.csplague.com/css.php?styleid=29&langid=4&d=1639831976&td=ltr&sheet=bbcode.css,editor.css,popupmenu.css,reset-fonts.css,vbulletin.css,vbulletin-chrome.css,vbulletin-formcontrols.css,
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.128.64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7821af474aa928dbf032a1989000c9ded519a5cb2fd1e095d115627c212d7149

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csplague.com/css.php?styleid=29&langid=4&d=1639831976&td=ltr&sheet=bbcode.css,editor.css,popupmenu.css,reset-fonts.css,vbulletin.css,vbulletin-chrome.css,vbulletin-formcontrols.css,
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 23:13:47 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 281605
alt-svc: h3=":443"; ma=86400
content-length: 116
last-modified: Tue, 17 Jan 2017 16:40:54 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=poNcdMPI9beh7T1JvAEA9dbVyOZf3c4LHxKngukfiOYGgUMXzuwHBsLoI09wPXxYXOQSXdc8YzKZmBsfe%2Fb9HH7jILUgq9p72NL0P%2BivCMXABEkqllbkGI7F%2FK0KlxRdzVTS"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 84305f6dfbd16610-AMS
expires: Sat, 13 Jan 2024 17:00:22 GMT

GET
H3 200 navbar-divider.png
www.csplague.com/images/primus/blue/misc/ 136 B
633 B 156ms
155ms Image
image/png 172.67.128.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.csplague.com/images/primus/blue/misc/navbar-divider.png
Requested by: Host: www.csplague.com
URL: https://www.csplague.com/css.php?styleid=29&langid=4&d=1639831976&td=ltr&sheet=additional.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.128.64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c6c63b8f0cced84e5385bb101206373be8667e268a9a727b1b98dc5b3f6e3253

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csplague.com/css.php?styleid=29&langid=4&d=1639831976&td=ltr&sheet=additional.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 23:13:47 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 93748
alt-svc: h3=":443"; ma=86400
content-length: 136
last-modified: Tue, 17 Jan 2017 16:41:01 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eLuDVH8ksaLKjzcaWh38zoF912JlNbfsZumwcav0rj%2BJWcfTE93r6m%2F2gCLB4zU0R%2Bl%2FoYKiNyi%2BzO5a2eksNDP9PpaQmF8Wo849W7qd9vXpiaCRWHrSJHxOz8oKzRm5tIP9"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 84305f6dfbd26610-AMS
expires: Mon, 15 Jan 2024 21:11:19 GMT

GET
H3 200 search-bg.png
www.csplague.com/images/primus/blue/misc/ 1 KB
2 KB 124ms
124ms Image
image/png 172.67.128.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.csplague.com/images/primus/blue/misc/search-bg.png
Requested by: Host: www.csplague.com
URL: https://www.csplague.com/css.php?styleid=29&langid=4&d=1639831976&td=ltr&sheet=bbcode.css,editor.css,popupmenu.css,reset-fonts.css,vbulletin.css,vbulletin-chrome.css,vbulletin-formcontrols.css,
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.128.64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 05db6119f43198291220051bd8a632b71b03aff0f40f1d0e2364dc1907b53580

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csplague.com/css.php?styleid=29&langid=4&d=1639831976&td=ltr&sheet=bbcode.css,editor.css,popupmenu.css,reset-fonts.css,vbulletin.css,vbulletin-chrome.css,vbulletin-formcontrols.css,
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 23:13:47 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 93748
alt-svc: h3=":443"; ma=86400
content-length: 1471
last-modified: Tue, 17 Jan 2017 16:41:04 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vpJY5EQCc%2B6YNAVEYKVEoIn4TslpO9VXKO%2FiEnPR%2BtTHQBC1j5GS7nVKizGxn3wV6VaLgB61y8oWAQkQyDQiP%2Fr6B%2FUKxkAwRMVwStZ85K9BX7uq%2BVd8zSJ7bI58mvu%2FgF5P"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 84305f6dfbd36610-AMS
expires: Mon, 15 Jan 2024 21:11:19 GMT

GET
H3 200 forumhead-bg.jpg
www.csplague.com/images/primus/blue/misc/ 1 KB
2 KB 123ms
123ms Image
image/jpeg 172.67.128.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.csplague.com/images/primus/blue/misc/forumhead-bg.jpg
Requested by: Host: www.csplague.com
URL: https://www.csplague.com/css.php?styleid=29&langid=4&d=1639831976&td=ltr&sheet=forumbits.css,forumhome.css,options.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.128.64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6c989d9963789ced0970bc498b2abf2d99656bc2f791c88f3d5388863a9af372

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csplague.com/css.php?styleid=29&langid=4&d=1639831976&td=ltr&sheet=forumbits.css,forumhome.css,options.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 23:13:47 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 12521
alt-svc: h3=":443"; ma=86400
content-length: 1248
last-modified: Tue, 17 Jan 2017 16:40:57 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8%2Ff40mgjXHsCpB7LywTKiL33AUFKRwpaSgG%2FXYGwusBOsnuUPGDaBPIvhSp8X11b2pzgOcQGi5DxmSi1WA%2FocwvMAFtDhiBIcsGBYIRuA35x8gebavPXgw8WbeqyaIhBgQYt"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 84305f6dfbd76610-AMS
expires: Tue, 16 Jan 2024 19:45:06 GMT

GET
H3 200 rss_40b.png
www.csplague.com/images/primus/blue/misc/ 311 B
808 B 123ms
123ms Image
image/png 172.67.128.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.csplague.com/images/primus/blue/misc/rss_40b.png
Requested by: Host: www.csplague.com
URL: https://www.csplague.com/css.php?styleid=29&langid=4&d=1639831976&td=ltr&sheet=forumbits.css,forumhome.css,options.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.128.64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 554cf827e31a6090ff1ad207cbe5128f11a17cd0a43d793886dfd6304afd7470

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csplague.com/css.php?styleid=29&langid=4&d=1639831976&td=ltr&sheet=forumbits.css,forumhome.css,options.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 23:13:47 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 12521
alt-svc: h3=":443"; ma=86400
content-length: 311
last-modified: Tue, 17 Jan 2017 16:41:04 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w1QKMApcwMb%2FSNrol1Vagv%2FGqjQYrnsTrfHczIt0jq6AfVTxLWnguiITxXhWq%2FaTcvtMTJU0PJ5%2BcsDZ51ry2s3h8KaJH%2BYOOZLSsUPs7TLjSAESP54dwibSCSZf1s2QUkdE"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 84305f6dfbda6610-AMS
expires: Tue, 16 Jan 2024 19:45:06 GMT

GET
H3 200 blockhead-bg.jpg
www.csplague.com/images/primus/blue/misc/ 1 KB
2 KB 119ms
119ms Image
image/jpeg 172.67.128.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.csplague.com/images/primus/blue/misc/blockhead-bg.jpg
Requested by: Host: www.csplague.com
URL: https://www.csplague.com/css.php?styleid=29&langid=4&d=1639831976&td=ltr&sheet=forumbits.css,forumhome.css,options.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.128.64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: be25b77a3b72b7bd26c0ed27e5cbc0bc8d26df240140ac2abcc961d4128670de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csplague.com/css.php?styleid=29&langid=4&d=1639831976&td=ltr&sheet=forumbits.css,forumhome.css,options.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 23:13:47 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 93748
alt-svc: h3=":443"; ma=86400
content-length: 1184
last-modified: Tue, 17 Jan 2017 16:40:54 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4ADLO8lYXps7wZWMDqZjdpChB9oCAiiqUGvkK%2BmcmQvsf35abk7vyoejWfnbWEcpZ1HQOnXS8z57WgBcj40dB6sSbh8jqvECERTo4ZLUH9f7CdbVj1EsCVrPUqSkPnCe%2BWUM"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 84305f6e0be16610-AMS
expires: Mon, 15 Jan 2024 21:11:19 GMT

GET
H2

200

sync_cookie_image_finish
mc.yandex.ru/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10243.WIPC42J95uJbakoR9hTpQmKzikxYBnTlMB4ucU8Jbt8pSrQUnA_kz4_EHPIx8bpN.i7QSbPmd_t2YBeqffCpKoQ2L5fs%2C
https://mc.yandex.com/sync_cookie_image_decide?token=10243.cdYNLKu3n2508INcZnRexRvXVpgladR87Fr6JWy86yzEfVAXcmLOw13dPt51o5m6U8e7hQlHTcfmGNToVdhEoFH_6DURxB9jSxGwXtBRH0_uD5nEf5JYlSoDc3LWDYuTCyP_HLFT6x...
https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10243.5OJDEl1ylapSxKOY_GYvS5Flj6v1LnzeP9B-GxVlc4CQEppdUMyWlvXQO25VwksXQDcUraLc9qKk0m4ey8l35bO685NajcRR4IwDh3HbPzLtS...

43 B
608 B

78ms
78ms

Image
image/gif

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10243.5OJDEl1ylapSxKOY_GYvS5Flj6v1LnzeP9B-GxVlc4CQEppdUMyWlvXQO25VwksXQDcUraLc9qKk0m4ey8l35bO685NajcRR4IwDh3HbPzLtS6RBp40VxH4qX-ytY21-_K0uTyaNnDUCPPvGmc6hFRevG8oW_rH-rqOZRsRTg2lU6o8jwNdPlsUG7PFpJosfP-ZVvMnTObpNdjkM_Fic3A%2C%2C.-GZbne5ib786_sUVLMB1l8tV7eA%2C

Requested by

Host: www.csplague.com
URL: https://www.csplague.com/forum.php?s=2b8da5ab27718bd5775888fc7ca84de8

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csplague.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 23:13:47 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10243.5OJDEl1ylapSxKOY_GYvS5Flj6v1LnzeP9B-GxVlc4CQEppdUMyWlvXQO25VwksXQDcUraLc9qKk0m4ey8l35bO685NajcRR4IwDh3HbPzLtS6RBp40VxH4qX-ytY21-_K0uTyaNnDUCPPvGmc6hFRevG8oW_rH-rqOZRsRTg2lU6o8jwNdPlsUG7PFpJosfP-ZVvMnTObpNdjkM_Fic3A%2C%2C.-GZbne5ib786_sUVLMB1l8tV7eA%2C
date: Tue, 09 Jan 2024 23:13:47 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
500 B 82ms
80ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: www.csplague.com
URL: https://www.csplague.com/forum.php?s=2b8da5ab27718bd5775888fc7ca84de8

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csplague.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 23:13:47 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 25 Dec 2023 13:57:02 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "65898a2e-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Wed, 10 Jan 2024 00:13:47 GMT

GET
H3 200 notice-exclamation.png
www.csplague.com/images/primus/blue/misc/ 2 KB
2 KB 50ms
50ms Image
image/png 172.67.128.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.csplague.com/images/primus/blue/misc/notice-exclamation.png
Requested by: Host: www.csplague.com
URL: https://www.csplague.com/css.php?styleid=29&langid=4&d=1639831976&td=ltr&sheet=bbcode.css,editor.css,popupmenu.css,reset-fonts.css,vbulletin.css,vbulletin-chrome.css,vbulletin-formcontrols.css,
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.128.64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0a96e5d5e42ec7c19922f9708e820239e4476766a8a17d6cbd55c78836fe64ec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csplague.com/css.php?styleid=29&langid=4&d=1639831976&td=ltr&sheet=bbcode.css,editor.css,popupmenu.css,reset-fonts.css,vbulletin.css,vbulletin-chrome.css,vbulletin-formcontrols.css,
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 23:13:47 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 281613
alt-svc: h3=":443"; ma=86400
content-length: 1617
last-modified: Tue, 17 Jan 2017 16:41:01 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZrxlXYgYNCsikKlyAkZmh%2BxoQw0IX%2BaPnIjgsio9kyHQaB%2BZQCG4QkZ9%2B6hOLWK8uw8xKclTXZY0deL7BMkBdbziGdNKHfaqD7sCV3%2FqnqRUhBME202tf9M5SACZGJ5XtduX"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 84305f6e8c6b6610-AMS
expires: Sat, 13 Jan 2024 17:00:13 GMT

GET
H3 200 bottom-bg.jpg
www.csplague.com/images/primus/blue/misc/ 6 KB
6 KB 55ms
55ms Image
image/jpeg 172.67.128.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.csplague.com/images/primus/blue/misc/bottom-bg.jpg
Requested by: Host: www.csplague.com
URL: https://www.csplague.com/css.php?styleid=29&langid=4&d=1639831976&td=ltr&sheet=additional.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.128.64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b70346c091db42d80d5848097d837496efe57b6aa5d260c944adf3babcb74a52

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csplague.com/css.php?styleid=29&langid=4&d=1639831976&td=ltr&sheet=additional.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 23:13:47 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 281605
alt-svc: h3=":443"; ma=86400
content-length: 5666
last-modified: Tue, 17 Jan 2017 16:40:55 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V%2BSB%2FNRyOmmRNvpNN7ekI%2B41Ei5GHMvr82V7FomQEsGQp9%2FfdskvZAhzSxWkqeflwLf13qc63j2BKSuNNWimS9xkRnLiLOtxtNL2VwBYfk1FiD2uscypU1OiwmJ9%2FCvQ2Z3x"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 84305f6e8c6c6610-AMS
expires: Sat, 13 Jan 2024 17:00:22 GMT

GET
H2 200 __utm.gif
ssl.google-analytics.com/ 35 B
194 B 40ms
39ms Image
image/gif 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.google-analytics.com/__utm.gif?utmwv=5.7.2&utms=1&utmn=460856673&utmhn=www.csplague.com&utmt=var&utmht=1704842027341&utmac=UA-89439016-3&utmcc=__utma%3D65603697.159196014.1704842027.1704842027.1704842027.1%3B%2B__utmz%3D65603697.1704842027.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B%2B__utmv%3D65603697.usergroup-1-Misafir%3B&utmjid=&utmu=oBAQAAAAAAAAAAAAAAAAAAAE~

Requested by

Host: www.csplague.com
URL: https://www.csplague.com/forum.php?s=2b8da5ab27718bd5775888fc7ca84de8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csplague.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jan 2024 08:48:57 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 51890
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

collect
stats.g.doubleclick.net/r/
Redirect Chain

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=2&utmn=724189074&utmhn=www.csplague.com&utmcs=windows-1254&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utm...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-89439016-3&cid=159196014.1704842027&jid=2030565254&_v=5.7.2&z=724189074

35 B
337 B

144ms
48ms

Image
image/gif

2a00:1450:400c:c0b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-89439016-3&cid=159196014.1704842027&jid=2030565254&_v=5.7.2&z=724189074

Requested by

Host: www.csplague.com
URL: https://www.csplague.com/forum.php?s=2b8da5ab27718bd5775888fc7ca84de8

Protocol

Server

2a00:1450:400c:c0b::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csplague.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 09 Jan 2024 23:13:47 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 09 Jan 2024 23:13:47 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/html; charset=UTF-8
location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-89439016-3&cid=159196014.1704842027&jid=2030565254&_v=5.7.2&z=724189074
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 369
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401030101/ 401 KB
136 KB 98ms
97ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401030101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2837413570422147&plah=www.csplague.com&bust=31080235

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cae8e06570f9a0f8f6106b2d524a8c5e5113a994847b567871d874be3da64987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csplague.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 23:13:47 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 139117
x-xss-protection: 0
server: cafe
etag: 4956587036810535622
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 09 Jan 2024 23:13:47 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240108/r20190131/ Frame E197 9 KB
4 KB 143ms
39ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240108/r20190131/zrt_lookup_fy2021.html?hello=world

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.csplague.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 14934
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4173
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 09 Jan 2024 19:04:53 GMT
etag: 9219409622527106327
expires: Tue, 23 Jan 2024 19:04:53 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

1 Show response
mc.yandex.com/watch/44798791/
Redirect Chain

https://mc.yandex.com/watch/44798791?wmode=7&page-url=https%3A%2F%2Fwww.csplague.com%2Fforum.php%3Fs%3D2b8da5ab27718bd5775888fc7ca84de8&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6xnln...
https://mc.yandex.com/watch/44798791/1?wmode=7&page-url=https%3A%2F%2Fwww.csplague.com%2Fforum.php%3Fs%3D2b8da5ab27718bd5775888fc7ca84de8&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6xn...

446 B
538 B

78ms
78ms

Fetch
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/44798791/1?wmode=7&page-url=https%3A%2F%2Fwww.csplague.com%2Fforum.php%3Fs%3D2b8da5ab27718bd5775888fc7ca84de8&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6xnlnf9l49q2dxhnxcbm1hnf%3Afu%3A0%3Aen%3Awindows-1254%3Ala%3Aen-US%3Av%3A1201%3Acn%3A1%3Adp%3A0%3Als%3A1246340881979%3Ahid%3A253314059%3Az%3A60%3Ai%3A20240110001347%3Aet%3A1704842027%3Ac%3A1%3Arn%3A32802625%3Arqn%3A1%3Au%3A1704842027278165129%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A0%2C102%2C491%2C1%2C271%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1704842025769%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1704842028%3At%3AT%C3%BCrkiyenin%20Counter%20Strike%20Forumu&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29ti%281%29

Requested by

Host: www.csplague.com
URL: https://www.csplague.com/forum.php?s=2b8da5ab27718bd5775888fc7ca84de8

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

b4cb7512a5b4c85d6ecc2ca77ad447491b6e24f012246bc4d9601e58b2d3457d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csplague.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jan 2024 23:13:47 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Tue, 09-Jan-2024 23:13:47 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.csplague.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 446
x-xss-protection: 1; mode=block
expires: Tue, 09-Jan-2024 23:13:47 GMT

Redirect headers

pragma: no-cache
date: Tue, 09 Jan 2024 23:13:47 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 09-Jan-2024 23:13:47 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location: /watch/44798791/1?wmode=7&page-url=https%3A%2F%2Fwww.csplague.com%2Fforum.php%3Fs%3D2b8da5ab27718bd5775888fc7ca84de8&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6xnlnf9l49q2dxhnxcbm1hnf%3Afu%3A0%3Aen%3Awindows-1254%3Ala%3Aen-US%3Av%3A1201%3Acn%3A1%3Adp%3A0%3Als%3A1246340881979%3Ahid%3A253314059%3Az%3A60%3Ai%3A20240110001347%3Aet%3A1704842027%3Ac%3A1%3Arn%3A32802625%3Arqn%3A1%3Au%3A1704842027278165129%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A0%2C102%2C491%2C1%2C271%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1704842025769%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1704842028%3At%3AT%C3%BCrkiyenin%20Counter%20Strike%20Forumu&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29ti%281%29
access-control-allow-origin: https://www.csplague.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Tue, 09-Jan-2024 23:13:47 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3F64 352 KB
84 KB 632ms
631ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2837413570422147&output=html&adk=312923266&adf=3408293436&lmt=1704842027&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.csplague.com%2Fforum.php%3Fs%3D2b8da5ab27718bd5775888fc7ca84de8&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~3~4~6&aslcwct=150&asacwct=25&aslmct=0.8&asamct=0.8&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704842027405&bpp=4&bdt=769&idt=208&shv=r20240108&mjsv=m202401030101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4227252849199&frm=20&pv=2&ga_vid=159196014.1704842027&ga_sid=1704842027&ga_hid=567063201&ga_fc=1&ga_wpids=UA-89439016-3&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079266%2C31079979%2C31080223%2C31080259%2C31080265%2C44809003%2C31080235%2C44807406%2C95320378%2C95320889%2C95321627&oid=2&pvsid=3610776645049472&tmod=1411073478&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=230

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401030101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2837413570422147&plah=www.csplague.com&bust=31080235

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8b9041aeb52a2e7ab150b8513da2a3d9676229a9abc3b20fa938124e1b134d14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.csplague.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 86195
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 09 Jan 2024 23:13:48 GMT
expires: Tue, 09 Jan 2024 23:13:48 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E2CD 129 KB
43 KB 412ms
412ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2837413570422147&output=html&h=280&slotname=9280141763&adk=545678459&adf=1249838384&pi=t.ma~as.9280141763&w=1200&fwrn=4&fwrnh=100&lmt=1704842027&rafmt=1&format=1200x280&url=https%3A%2F%2Fwww.csplague.com%2Fforum.php%3Fs%3D2b8da5ab27718bd5775888fc7ca84de8&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704842027409&bpp=1&bdt=773&idt=232&shv=r20240108&mjsv=m202401030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4227252849199&frm=20&pv=1&ga_vid=159196014.1704842027&ga_sid=1704842027&ga_hid=567063201&ga_fc=1&ga_wpids=UA-89439016-3&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=277&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079266%2C31079979%2C31080223%2C31080259%2C31080265%2C44809003%2C31080235%2C44807406%2C95320378%2C95320889%2C95321627&oid=2&pvsid=3610776645049472&tmod=1411073478&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&dtd=237

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dbaae16862656454d80a5bbbb706aea5a1de56feca53967f11c20be80744b344

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.csplague.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 44069
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 09 Jan 2024 23:13:48 GMT
expires: Tue, 09 Jan 2024 23:13:48 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 914A 129 KB
43 KB 357ms
357ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2837413570422147&output=html&h=280&slotname=1317891267&adk=4049665865&adf=477089168&pi=t.ma~as.1317891267&w=1200&fwrn=4&fwrnh=100&lmt=1704842027&rafmt=1&format=1200x280&url=https%3A%2F%2Fwww.csplague.com%2Fforum.php%3Fs%3D2b8da5ab27718bd5775888fc7ca84de8&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704842027410&bpp=1&bdt=775&idt=241&shv=r20240108&mjsv=m202401030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=4227252849199&frm=20&pv=1&ga_vid=159196014.1704842027&ga_sid=1704842027&ga_hid=567063201&ga_fc=1&ga_wpids=UA-89439016-3&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4202&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079266%2C31079979%2C31080223%2C31080259%2C31080265%2C44809003%2C31080235%2C44807406%2C95320378%2C95320889%2C95321627&oid=2&pvsid=3610776645049472&tmod=1411073478&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=244

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a6054a1a208fe6eb3f20fbbcd6e6d31c42bd0b4479be20c19bce3ccc7c6f51f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.csplague.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 44107
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 09 Jan 2024 23:13:47 GMT
expires: Tue, 09 Jan 2024 23:13:47 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame 914A 4 KB
1 KB 134ms
47ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2837413570422147&output=html&h=280&slotname=1317891267&adk=4049665865&adf=477089168&pi=t.ma~as.1317891267&w=1200&fwrn=4&fwrnh=100&lmt=1704842027&rafmt=1&format=1200x280&url=https%3A%2F%2Fwww.csplague.com%2Fforum.php%3Fs%3D2b8da5ab27718bd5775888fc7ca84de8&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704842027410&bpp=1&bdt=775&idt=241&shv=r20240108&mjsv=m202401030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=4227252849199&frm=20&pv=1&ga_vid=159196014.1704842027&ga_sid=1704842027&ga_hid=567063201&ga_fc=1&ga_wpids=UA-89439016-3&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4202&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079266%2C31079979%2C31080223%2C31080259%2C31080265%2C44809003%2C31080235%2C44807406%2C95320378%2C95320889%2C95321627&oid=2&pvsid=3610776645049472&tmod=1411073478&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=244

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 09 Jan 2024 23:13:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 09 Jan 2024 22:45:34 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 09 Jan 2024 23:13:48 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/ Frame 914A 2 KB
903 B 241ms
144ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 09:02:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51083
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 Jan 2024 09:02:25 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/11962270293989656775/ Frame 914A 56 KB
56 KB 179ms
84ms Image
image/jpeg 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11962270293989656775/14763004658117789537?w=600&h=314&tw=1&q=75

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8888dfd71fcd7c091a3b458e2c449c36cbd311e1f783aebfb5ab01fa6c29378b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Wed, 08 Jan 2025 14:55:11 GMT
date: Tue, 09 Jan 2024 14:55:11 GMT
x-content-type-options: nosniff
age: 29917
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57498
x-xss-protection: 0
last-modified: Mon, 21 Nov 2022 10:36:11 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/6413472338702876933/ Frame 914A 1 KB
2 KB 178ms
83ms Image
image/jpeg 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6413472338702876933/14763004658117789537?w=100&h=100&tw=1&q=75

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c7840c15e068442e3080a0361242a14486ea10f5152baa9a5fdc0be0db9ce3a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Wed, 08 Jan 2025 15:42:00 GMT
date: Tue, 09 Jan 2024 15:42:00 GMT
x-content-type-options: nosniff
age: 27108
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1343
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 07:47:59 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/ Frame 914A 23 KB
9 KB 233ms
145ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 08:50:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51824
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9276
x-xss-protection: 0
server: cafe
etag: 3558958386372919956
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 Jan 2024 08:50:04 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/ Frame 914A 3 KB
1 KB 231ms
143ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 18:12:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18055
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 Jan 2024 18:12:53 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/ Frame 914A 20 KB
9 KB 127ms
39ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 18:12:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18055
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 Jan 2024 18:12:53 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 914A 205 KB
65 KB 161ms
47ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

daab8a66fad84e54d32b62c10a996179c4d17efc15fc7aa77a5927dbb6cd10a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 23:13:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66227
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1704717871404979"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 09 Jan 2024 23:13:48 GMT

GET
H2 200 f9d9b65dbd646119ce96bad0f484d579.js Show response
www.gstatic.com/mysidia/ Frame 914A 37 KB
16 KB 127ms
39ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 09:13:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 568815
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15460
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 22:13:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 02 Apr 2024 09:13:33 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame E2CD 4 KB
728 B 89ms
48ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2837413570422147&output=html&h=280&slotname=9280141763&adk=545678459&adf=1249838384&pi=t.ma~as.9280141763&w=1200&fwrn=4&fwrnh=100&lmt=1704842027&rafmt=1&format=1200x280&url=https%3A%2F%2Fwww.csplague.com%2Fforum.php%3Fs%3D2b8da5ab27718bd5775888fc7ca84de8&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704842027409&bpp=1&bdt=773&idt=232&shv=r20240108&mjsv=m202401030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4227252849199&frm=20&pv=1&ga_vid=159196014.1704842027&ga_sid=1704842027&ga_hid=567063201&ga_fc=1&ga_wpids=UA-89439016-3&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=277&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079266%2C31079979%2C31080223%2C31080259%2C31080265%2C44809003%2C31080235%2C44807406%2C95320378%2C95320889%2C95321627&oid=2&pvsid=3610776645049472&tmod=1411073478&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&dtd=237

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 09 Jan 2024 23:13:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 09 Jan 2024 22:26:43 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 09 Jan 2024 23:13:48 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/15702360409396199743/ Frame E2CD 33 KB
33 KB 174ms
112ms Image
image/jpeg 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15702360409396199743/14763004658117789537?w=600&h=314&tw=1&q=75

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d560f400b652452ce816d912766f9b7bd52f9c24a8d30eaabcc907b6a1cddd13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Wed, 08 Jan 2025 14:55:04 GMT
date: Tue, 09 Jan 2024 14:55:04 GMT
x-content-type-options: nosniff
age: 29924
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33687
x-xss-protection: 0
last-modified: Mon, 21 Nov 2022 10:36:09 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/ Frame E2CD 2 KB
856 B 209ms
149ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 09:02:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51083
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 Jan 2024 09:02:25 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/ Frame E2CD 23 KB
9 KB 106ms
51ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 08:50:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51824
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9276
x-xss-protection: 0
server: cafe
etag: 3558958386372919956
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 Jan 2024 08:50:04 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/ Frame E2CD 3 KB
1 KB 135ms
79ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 18:12:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18055
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 Jan 2024 18:12:53 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/ Frame E2CD 20 KB
8 KB 99ms
44ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 18:12:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18055
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 Jan 2024 18:12:53 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame E2CD 205 KB
65 KB 198ms
117ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

daab8a66fad84e54d32b62c10a996179c4d17efc15fc7aa77a5927dbb6cd10a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 23:13:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66227
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1704717871404979"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 09 Jan 2024 23:13:48 GMT

GET
H2 200 f9d9b65dbd646119ce96bad0f484d579.js Show response
www.gstatic.com/mysidia/ Frame E2CD 37 KB
15 KB 104ms
49ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 09:13:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 568815
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15460
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 22:13:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 02 Apr 2024 09:13:33 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/6413472338702876933/ Frame E2CD 1 KB
1 KB 128ms
84ms Image
image/jpeg 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6413472338702876933/14763004658117789537?w=100&h=100&tw=1&q=75

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c7840c15e068442e3080a0361242a14486ea10f5152baa9a5fdc0be0db9ce3a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Wed, 08 Jan 2025 15:42:00 GMT
date: Tue, 09 Jan 2024 15:42:00 GMT
x-content-type-options: nosniff
age: 27108
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1343
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 07:47:59 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
DATA 200
OK truncated
/ Frame E2CD 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e046e38d0c1a85864724c894073420f4ec14404528ec61dba81343321a6f34bc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 914A 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 03959c985a177161968328e7e73170cfd81d6b1291ae13ae5c2ee92f227088ae

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 914A 16 KB
16 KB 136ms
49ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 17:38:05 GMT
x-content-type-options: nosniff
age: 106543
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 07 Jan 2025 17:38:05 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 914A 15 KB
16 KB 125ms
39ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 08:47:28 GMT
x-content-type-options: nosniff
age: 51980
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Jan 2025 08:47:28 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401030101/ 161 KB
55 KB 85ms
85ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401030101/reactive_library_fy2021.js?bust=31080235

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b0c35998d2c6b2c3fbfa9fb7f8c483b9556b763b66c1a10afb9807dc78d23a40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csplague.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 23:13:48 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56077
x-xss-protection: 0
server: cafe
etag: 11566320268353008304
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 09 Jan 2024 23:13:48 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame E2CD 16 KB
16 KB 82ms
82ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 17:38:05 GMT
x-content-type-options: nosniff
age: 106543
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 07 Jan 2025 17:38:05 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame E2CD 15 KB
15 KB 96ms
96ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 08:47:28 GMT
x-content-type-options: nosniff
age: 51980
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Jan 2025 08:47:28 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 914A
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=C9VPmK9OdZaP1Kcbg1PIP-ayAaKDb5ItqpIqh47ARrgIQASCkzoUkYJWCgICwB6AB3M6WigPIAQmpAuQiJpgBWLI-qAMByAPLBKoEiAJP0GUT8Eb5VT7NSSg8NG55geBjw4UEzcx2cRcslG6...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%227053266038831068039%22,%22debug_reporting%22:true,%22destination%22:%22https://bikeleasing.de%22,%22event_report_window%22...

0
0

156ms
76ms

Fetch
text/css

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%227053266038831068039%22,%22debug_reporting%22:true,%22destination%22:%22https://bikeleasing.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22826648412%22],%2222%22:[%22true%22],%224%22:[%2201-09%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2215646441209455739889%22}&andc=true

Requested by

Host: www.csplague.com
URL: https://www.csplague.com/forum.php?s=2b8da5ab27718bd5775888fc7ca84de8

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 23:13:48 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"7053266038831068039","debug_reporting":true,"destination":"https://bikeleasing.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["826648412"],"22":["true"],"4":["01-09"],"6":["true"]},"priority":"500","source_event_id":"15646441209455739889"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 09 Jan 2024 23:13:48 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 09 Jan 2024 23:13:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"7053266038831068039","debug_reporting":true,"destination":"https://bikeleasing.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["826648412"],"22":["true"],"4":["01-09"],"6":["true"]},"priority":"500","source_event_id":"15646441209455739889"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 Fq6oDGdSocwEj5ustB2bn5Kla54CG7w9cuWyRfTyGJI.js Show response
pagead2.googlesyndication.com/bg/ Frame C134 50 KB
19 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Fq6oDGdSocwEj5ustB2bn5Kla54CG7w9cuWyRfTyGJI.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

16aea80c6752a1cc048f9bacb41d9b9f92a56b9e021bbc3d72e5b245f4f21892

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 08:44:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52138
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19690
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 08 Jan 2025 08:44:50 GMT

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240108/r20110914/ Frame BED6 9 KB
4 KB 40ms
40ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240108/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.csplague.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 12791
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4173
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 09 Jan 2024 19:40:37 GMT
etag: 9219409622527106327
expires: Tue, 23 Jan 2024 19:40:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240108/r20110914/ Frame 6CDA 9 KB
4 KB 41ms
40ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240108/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.csplague.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 12791
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4173
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 09 Jan 2024 19:40:37 GMT
etag: 9219409622527106327
expires: Tue, 23 Jan 2024 19:40:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame E2CD
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CrDZUK9OdZcC9KYvh1PIPyayskA-g2-SLaqSKoeOwEa4CEAEgpM6FJGCVgoCAsAegAdzOlooDyAEJqQLkIiaYAViyPqgDAcgDywSqBIgCT9AcfWugZVvzS_ibY0qzV-WAsbMiGv18-U8uiWb...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%226856971360816133934%22,%22debug_reporting%22:true,%22destination%22:%22https://bikeleasing.de%22,%22event_report_window%22...

0
0

154ms
75ms

Fetch
text/css

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%226856971360816133934%22,%22debug_reporting%22:true,%22destination%22:%22https://bikeleasing.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22826648412%22],%2222%22:[%22true%22],%224%22:[%2201-09%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2216304811685979011121%22}&andc=true

Requested by

Host: www.csplague.com
URL: https://www.csplague.com/forum.php?s=2b8da5ab27718bd5775888fc7ca84de8

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 23:13:48 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"6856971360816133934","debug_reporting":true,"destination":"https://bikeleasing.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["826648412"],"22":["true"],"4":["01-09"],"6":["true"]},"priority":"500","source_event_id":"16304811685979011121"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 09 Jan 2024 23:13:48 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 09 Jan 2024 23:13:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"6856971360816133934","debug_reporting":true,"destination":"https://bikeleasing.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["826648412"],"22":["true"],"4":["01-09"],"6":["true"]},"priority":"500","source_event_id":"16304811685979011121"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 Fq6oDGdSocwEj5ustB2bn5Kla54CG7w9cuWyRfTyGJI.js Show response
pagead2.googlesyndication.com/bg/ Frame 3757 50 KB
19 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Fq6oDGdSocwEj5ustB2bn5Kla54CG7w9cuWyRfTyGJI.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

16aea80c6752a1cc048f9bacb41d9b9f92a56b9e021bbc3d72e5b245f4f21892

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 08:44:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52138
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19690
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 08 Jan 2025 08:44:50 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 177ms
74ms Preflight
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 09 Jan 2024 23:13:48 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame BED6 4 KB
744 B 48ms
47ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240108/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 09 Jan 2024 23:13:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 09 Jan 2024 23:08:22 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 09 Jan 2024 23:13:48 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame BED6 205 B
519 B 40ms
38ms Image
image/png 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240108/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 08:57:59 GMT
x-content-type-options: nosniff
age: 51349
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 08 Jan 2025 08:57:59 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame BED6 604 B
695 B 40ms
39ms Image
image/png 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240108/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 08:48:28 GMT
x-content-type-options: nosniff
age: 51920
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 08 Jan 2025 08:48:28 GMT

GET
H2 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/elements/html/ Frame BED6 16 KB
7 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240108/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

972f7a26f860f2f122dcf2a4c5cae616df3a4a83e0c8318a1afb824c766fb651

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 20:22:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10250
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6823
x-xss-protection: 0
server: cafe
etag: 11129212757755515379
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 Jan 2024 20:22:58 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/elements/html/ Frame BED6 22 KB
9 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240108/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a519c62e734157227e61ce5209158e1b7b484b5f2b68e3ccaed1ffe444de36d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 20:22:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10250
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9422
x-xss-protection: 0
server: cafe
etag: 10624764489894593518
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 Jan 2024 20:22:58 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 6CDA 4 KB
728 B 47ms
47ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240108/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3d2b34675fd418a1b23c652fa791f4875ccc12860d9b4b6ec8ae4aa09d51ec1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 09 Jan 2024 23:13:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 09 Jan 2024 22:09:46 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 09 Jan 2024 23:13:48 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/ Frame 6CDA 2 KB
856 B 39ms
39ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240108/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 09:02:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51083
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 Jan 2024 09:02:25 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/ Frame 6CDA 23 KB
9 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240108/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 08:50:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51824
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9276
x-xss-protection: 0
server: cafe
etag: 3558958386372919956
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 Jan 2024 08:50:04 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/ Frame 6CDA 3 KB
1 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240108/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 18:12:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18055
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 Jan 2024 18:12:53 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/ Frame 6CDA 20 KB
8 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240108/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 18:12:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18055
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 Jan 2024 18:12:53 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6CDA 205 KB
65 KB 51ms
49ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240108/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

daab8a66fad84e54d32b62c10a996179c4d17efc15fc7aa77a5927dbb6cd10a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 23:13:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66227
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1704717871404979"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 09 Jan 2024 23:13:48 GMT

GET
H2 200 f9d9b65dbd646119ce96bad0f484d579.js Show response
www.gstatic.com/mysidia/ Frame 6CDA 37 KB
15 KB 41ms
39ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240108/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 09:13:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 568815
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15460
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 22:13:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 02 Apr 2024 09:13:33 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 157ms
74ms Preflight
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 09 Jan 2024 23:13:48 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 6592766407814317453
tpc.googlesyndication.com/simgad/15702360409396199743/ Frame 6CDA 45 KB
45 KB 41ms
41ms Image
image/jpeg 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15702360409396199743/6592766407814317453

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240108/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08450e3531b9c0a273c94d236ce77a5a765b46547cb1e1b6e228e00ddc19847f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Wed, 08 Jan 2025 14:55:02 GMT
date: Tue, 09 Jan 2024 14:55:02 GMT
x-content-type-options: nosniff
age: 29926
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45785
x-xss-protection: 0
last-modified: Mon, 21 Nov 2022 10:36:07 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/6413472338702876933/ Frame 6CDA 1 KB
1 KB 40ms
40ms Image
image/jpeg 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6413472338702876933/14763004658117789537?w=100&h=100&tw=1&q=75

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240108/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c7840c15e068442e3080a0361242a14486ea10f5152baa9a5fdc0be0db9ce3a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Wed, 08 Jan 2025 15:42:00 GMT
date: Tue, 09 Jan 2024 15:42:00 GMT
x-content-type-options: nosniff
age: 27108
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1343
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 07:47:59 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 css
fonts.googleapis.com/ Frame 1736 11 KB
1 KB 47ms
47ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500%7CGoogle%20Sans%3A400

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240108/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cdcaa771e7265ff69e374f9fef053fd9ae91567074983aa1a61bf74a3001490b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 09 Jan 2024 23:13:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 09 Jan 2024 23:10:38 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 09 Jan 2024 23:13:48 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/ Frame 1736 2 KB
822 B 39ms
39ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240108/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 09:02:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51083
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 Jan 2024 09:02:25 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/ Frame 1736 23 KB
9 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240108/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 08:50:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51824
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9276
x-xss-protection: 0
server: cafe
etag: 3558958386372919956
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 Jan 2024 08:50:04 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame C345 143 B
166 B 39ms
39ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240108/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20240108/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2124
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 09 Jan 2024 22:38:24 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/ Frame 1736 3 KB
1 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240108/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 18:12:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18055
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 Jan 2024 18:12:53 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/ Frame 1736 20 KB
8 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240108/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 18:12:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18055
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 Jan 2024 18:12:53 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1736 205 KB
65 KB 47ms
46ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240108/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

daab8a66fad84e54d32b62c10a996179c4d17efc15fc7aa77a5927dbb6cd10a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 23:13:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66227
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1704717871404979"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 09 Jan 2024 23:13:48 GMT

GET
H3 200 f9d9b65dbd646119ce96bad0f484d579.js Show response
www.gstatic.com/mysidia/ Frame 1736 37 KB
15 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240108/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 09:13:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 568815
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15460
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 22:13:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 02 Apr 2024 09:13:33 GMT

GET
DATA 200
OK truncated
/ Frame 6CDA 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2c076f0de724e3f51172e6f54a5bce2d31af3b158922926700ff73f1a15e36e7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 6CDA 15 KB
16 KB 39ms
39ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 16:39:21 GMT
x-content-type-options: nosniff
age: 369267
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 04 Jan 2025 16:39:21 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 6CDA 15 KB
15 KB 45ms
45ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 08:47:28 GMT
x-content-type-options: nosniff
age: 51980
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Jan 2025 08:47:28 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame C345
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

77ms
76ms

Document
text/html

2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240108/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 09 Jan 2024 23:13:49 GMT
expires: Tue, 09 Jan 2024 23:13:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 09 Jan 2024 23:13:48 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 6CDA
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=Cbhv5K9OdZbuuLaHnn88P89uy2Ayg2-SLaqSKoeOwEa4CEAEgpM6FJGCVgoCAsAegAdzOlooDyAEJqQLkIiaYAViyPqgDAcgDywSqBIgCT9BpWX10j6UQ6vlvIIVgcCmDMygrpoN-ojkFOLR...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%226043422347108363232%22,%22debug_reporting%22:true,%22destination%22:%22https://bikeleasing.de%22,%22event_report_window%22...

0
0

80ms
79ms

Fetch
text/css

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%226043422347108363232%22,%22debug_reporting%22:true,%22destination%22:%22https://bikeleasing.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22826648412%22],%2222%22:[%22true%22],%224%22:[%2201-09%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%223789797180447913105%22}&andc=true

Requested by

Host: www.csplague.com
URL: https://www.csplague.com/forum.php?s=2b8da5ab27718bd5775888fc7ca84de8

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 23:13:49 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"6043422347108363232","debug_reporting":true,"destination":"https://bikeleasing.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["826648412"],"22":["true"],"4":["01-09"],"6":["true"]},"priority":"500","source_event_id":"3789797180447913105"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 09 Jan 2024 23:13:49 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 09 Jan 2024 23:13:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"6043422347108363232","debug_reporting":true,"destination":"https://bikeleasing.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["826648412"],"22":["true"],"4":["01-09"],"6":["true"]},"priority":"500","source_event_id":"3789797180447913105"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 Fq6oDGdSocwEj5ustB2bn5Kla54CG7w9cuWyRfTyGJI.js Show response
pagead2.googlesyndication.com/bg/ Frame 6D2C 50 KB
19 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Fq6oDGdSocwEj5ustB2bn5Kla54CG7w9cuWyRfTyGJI.js

Requested by

Host: www.csplague.com
URL: https://www.csplague.com/forum.php?s=2b8da5ab27718bd5775888fc7ca84de8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

16aea80c6752a1cc048f9bacb41d9b9f92a56b9e021bbc3d72e5b245f4f21892

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 08:44:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52138
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19690
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 08 Jan 2025 08:44:50 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 74ms
74ms Preflight
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 09 Jan 2024 23:13:48 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 171ms
89ms XHR
application/json 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240108&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ec849651e046657ea25b86b176ed889ad483aeea21d859c19207deb33cfbd407

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csplague.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 23:13:49 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12242
x-xss-protection: 0

GET
H3 200 Fq6oDGdSocwEj5ustB2bn5Kla54CG7w9cuWyRfTyGJI.js Show response
pagead2.googlesyndication.com/bg/ Frame D490 50 KB
19 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Fq6oDGdSocwEj5ustB2bn5Kla54CG7w9cuWyRfTyGJI.js

Requested by

Host: www.csplague.com
URL: https://www.csplague.com/forum.php?s=2b8da5ab27718bd5775888fc7ca84de8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

16aea80c6752a1cc048f9bacb41d9b9f92a56b9e021bbc3d72e5b245f4f21892

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 08:44:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52139
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19690
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 08 Jan 2025 08:44:50 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 51ms
51ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csplague.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 23:13:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 09 Jan 2024 23:13:49 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 111A 13 KB
5 KB 40ms
39ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.csplague.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 14828
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 09 Jan 2024 19:06:41 GMT
expires: Wed, 08 Jan 2025 19:06:41 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame CE5C 829 B
996 B 50ms
49ms Document
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

45124d8cfbafc56f626d4034fc7af4921867c35af021c6145f8d080a5ff1099b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-SpA1tuvnjUtEUpcNyWChwg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.csplague.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-SpA1tuvnjUtEUpcNyWChwg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 09 Jan 2024 23:13:49 GMT
expires: Tue, 09 Jan 2024 23:13:49 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js Show response
pagead2.googlesyndication.com/bg/ Frame 111A 39 KB
15 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 16:20:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24770
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15229
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 08 Jan 2025 16:20:59 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame CE5C 0
0 73ms
73ms Image
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240108&jk=3610776645049472&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 111A 0
10 B 39ms
39ms Image
text/plain 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?pdt2sg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 23:13:49 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame E2CD 42 B
64 B 77ms
76ms Fetch
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssj8Oy9p1HFOd71iLofhg-SpqNUuUNya3m5PpLDFPSGmIxY5iUSVsOW5PIaZ0EtX8vHCdilbIOdY1sD25MjmkVmtHnLPlUuqin-Lt0KoNd8MP7sF0U53UrAlmxiLREPXZZ9GtZBLjEHYhMHqRkWd1TavX_NsxVmA6tEHfBPiSbcmi_YM4p3JyzbVKL0pc5YxKmQsMUTU89QxgcoglEsCUui-R_X_308uCBghE98Ud0vhqLCfrGOftahkqQielQhljAxMWawCGaUzoaXdDVxqP3If-whZfNhC3EKQEd59EbIjDR3KMcyNd0Xbbar13qBrWHaIzpMF8A3Iv_fmSoHdDtDZsiT1ZaCaAct2AbM_lRaWQO3ecCppt-SXakbwqbsyX6kHVD7pzw7kJS-ZhEUpMRDW06qLhhL3P6nWMcfM16_DoFtP7Ci8yAmVUeggq2xH5hxv_gOk7djEoAR4wcC-yPnUSPf5kCiQZin_Yq5CHlR5M6ier23zvf28z-3xYkuNjHC0W1zbHB0c0YbxF9m3VYvxJBiugqfUCDvRQfFMu7RXATbGcFb1zAAjWRNRUPxzdeK0AP1ASmdQKKDQksuNkN-S0U1RoeEGeEqxHDobJ-EsZ_H6C16yhtpl9TOCCZxnQuVD74G_XKbk7S8JeD3Qh0ANz_28MRb6XK4Ou2SuCAdx-63aAsdUnTX9BGqislngCPwlyMKPTt3KL4hbaaGRGP36HwotlH8Nma_YDqGJy5IlVe4ZiwbrNrRQDVkcSa75J44mDIiYvL6BLwdNCrYYdEsZ5zYKD5axazMFK-fjtxrme39n_GzSAFqK3cRTHjvAk9vxW2k-oGcWE5W0ptu_DSjEdlHM9OHzyFfm15Spi_YiY6EerZr0yHw_ttV1S477Ux0bzKbf9mZpWwfPtNf8XHB411letQTaRO9Y1yLnOxbMTv-5ch4bBf59wLqtDdkh0thSCuFDZNALEdnvZK3NSuPJADT2RKm3NlqIcasmf7ANmX3YO6n0ii2GWG7j3wpSn3tCytciYcnAnnQEGS-dLb12lIggK8I5QQ62bl4YH8dTEuInXt-g0MxOkiGu6sSPQvnKHfTLf2UatNgXLaRrjJTu0cPqytsCsYeSMO1wxgtr7AcuWftke7X_DpFW_c85dEh15YbFBEYqw0wkxPQWfFWWwyIsL6NxpeONRbanel0R0jFR5leEI4QFLB6Y7ZRH0--mee8cOPlgewhBLy2CgNe2UMumbHl24vHvTkk_77M7Xi7M74Jm9R88-rPrgttik66zg3_Eh5gxk2B3aKZrtTC0kWy6Hg&sai=AMfl-YT_E3NoIkZei9i6uMG5esX9Ra3kwF_XzXp7tSTRTRo_v0BPe8KX-29WfM_xxlkDq87rjnh24McLSRTmJwFW3TlfITyfYiF5R6n0NTopfWo9w8vxzItyVEF6Psx_1d_ug-6mJ8E9TvX3ttWRWZNE8xp-61ektKR-RFryUw&sig=Cg0ArKJSzCOA_7shWNV3EAE&cid=CAQSTgAvHhf_IDGO40A37R9JOWyYuwm0WgaSQ0kJOUmSvTrZWnhgMzau53ektE209mVohpOdLdCehZvFpOKo_pSLRD6NjN23nW7RUcxJ-yvFbxgB&id=lidar2&mcvt=1000&p=0,0,280,1200&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240108&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=545678459&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1704842027647&rpt=953&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jan 2024 23:13:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 6CDA 42 B
64 B 77ms
76ms Fetch
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvf-j0bw4aFO70lZnpadg_Ln6DXPSEbt4q9-c4828ta3gtHsrux2hd-l7fiWeuwb1BWmc365dQBEuu7wRUiBblDMnygZZlZPRSnvE2SicvegNzGwoOX7MBnmy390FBDjb-gsQpy0XWHN_Eofqo0WFioZLoZZBbQHZEXDo8NpjNn1ulMS5EKvWrO7RdbErkmZhwWYWlZrTqC9b2Ih34kWnmrX-tihkABfjuhcpReJa1D_XtyKfqBSMAT2knVkxLibi8uDDswr0lwBiNx0WR0cls1fkTDCn_4I08geoOVb7UYQ9chr9Hx5qzzZvS_4--4iXXN5yFu2MQkb7RPJDGvWB4Ja_ZJqDL4bqlThc1kHWUFSIh78CfpbgFkukHhIT7nuyHS02KyJOLvAsZfvEIEdFvYCgJlSZsianI_J3IH4r6K03Iiif8Pbek72wkuwDSqOhTaHYs6S4PL2q5ctifossYHI06NtmIBDPPsBHSbVCf5P5HxHfmZuUvSRgLlwEfab_Ywe09QQJIrL7jL4wjiM8BHAElZY7Qdj3GjpgZgn5uR4ilUkpOVvhln94CAK1vsAXx0ZergyrvByNlvOih-47QmSxsp_49ewxb5OwsAu64x953maTQpis62Nkq31ic3aWpwi4fXTFo_IO7MfaZg3LoDZha5H7UN44aTzh1pd7RYU-1tTPUXBoMhoXaTTCW_bIHgucWy8TXbZC-9wFgJZfvTEu6Pg6URMFy6TQPFK2-WUOqxIMVcLhOUAqTCvFd2nIKGICO8CAkuhr2ExxSRUjk1G6vTZZ2a0zqAEiSid4BVE7LFeYUZWnOUKPRck5WVzYJMYVyjP7DD-m7GIOJ8KFsLlrB8kmrjlIxZO-NmnmIDIYwdqcZvYUdM9wfjrrFLQcCgXN0MIfTbwACJFiMjxmkpFkTrcpJ1w4X0988mgOkOanqp1c-nSCS-zN5QUlhIVxfDzAY7OdFCuMFgZx1l_Fvcwlz526HVem_pzuaQNag1Pzki86qrqKYx-893wJXdasWkJe7IYuoLktG7dh8RGsVRhPhSMHI5sL2n4X2FbS32k_LunVKF_yvF5cUzqCz7KnGeP7_eqoaZuBatueiqZZdFF3Ja1UhfMZs5FrAyKhXmcRxyRf_2Im623Vzh96WvtUkgrEwxTLmyUWtortiPBzQ7fdwakBc0Jfdk9ysU71BZNsvpPPopo1bwDGL-zxLYZEmLT9TMUnPk1hoKkRYKv-nwQiwHEWybeMmsA9btI4BzonVYHD1pltoIZY_vtrHaRzH1KU4nn3DL0rZXY4jfu46Vc1kFtqg&sai=AMfl-YQHCyaYrtRhWsKFerPMlGWpz1B52cZedIb-YefahhJIf1069Wz04VcJ0x3TdP19WEy2DctxykcDagH7wZCbIMxCsbZ88hOBnw08WOVCwX3WQ_GDiiXHLwXx2HzIMoNAUcKgPtEqYBiwb3YTDuYi-Fl5SDozVn4xuLz7zw&sig=Cg0ArKJSzIjwNOidoedmEAE&cid=CAQSTgAvHhf_mt6qRgJAzjzzrZV-EviXJdOagr4gU6oRurhR-f8x_jb6-sZiVvkPH3ui1Z1X8QgSBDZEc4mhdTM0JYYmDslFixsfqDWP_izj3BgB&id=lidar2&mcvt=1002&p=0,0,124,1005&mtos=89,706,1002,1085,1085&tos=89,617,296,83,0&v=20240108&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=312923261&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1704842028579&rpt=294&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jan 2024 23:13:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 76ms
76ms Image
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240108&jk=3610776645049472&bg=!FhWlFVrNAAaumcC-jpk7ADQBe5WfOB1gkkHK5zufLnCqOhFOgROiTn4fdTgU81qS5bKBv2gTns_OdizQSOH4RFRlc1RjAgAAAD9SAAAAC2gBBwoAkaEpX1BqafqRpcrJujV5XNtxOlGZOeAbzCd8yahaQT9H9zf1ul8Ltuat_rU0HRKiWtsxPxneJjwNLTabe7SGKfa5eZl7idpPtmFDmtFyZQR-DzID0HDyRXZRNPOt3Bj8wwtDyvlo5qNDu0QKIBThQynrMWjMPDLpNG_ueUAEHGzOF_n2Mr2yhnt3PvQWkqDLEI-ZArV2lMMjQ9a8S_F8INiZVBYccm0eHffQDXOQMpbyffG69W0DRiX6bpeKVDxg6AhRPBm3PLhsfy24vpt-1Lr5SO9K1mNfUuXtRiP-rJnzltLaQ4AI2l_pgzbfT8ILOnECfjanc6xnfQmDQ3Fam_TUCwCuSfdZ9oAJA1GBt_K0LCmf3FjOIMOr1cFzhjB2fRvzjFgAjBVLA8l6DTHEG4Zr6BoMm1-ay5HnTO9VJERmWgf0TRKiER8hGthXBDKyKFa9kuaLJTj5x1ogfB0zRS1toOtmjcf0LjnE7mfiEL_QMSbUhRpj0zuUXjyjA9hKJYzTmGphb1M9dHDNmQ93Py8FAaQds1-xsyo2xH9ywfsoOGdF8gg_Te5-i1RtQ9LjQAEm83ttaro3imyKUswKmnM4ngp_eZ7y6vyGHn4Lr7Ow0z7dBr4Bv5wBeslJEasGJNePPn79ahdatHfgU0XI1p3CTIHN7z-YQrTQgl1iKHtNHwDCMdOAYL0Mmt6_1xZEluRQVRWtSdmnJ1vtUAhTCcfmtwrmq3pwWbaS9TLz_knuT_pPnpUdJWXx4JR1nCscotOU48M7T7ksQj7cvN9zvIZ8Ixm9EdNF1TVmjGqrz4jrOj4cA0_sdoMZC_DYrMarW4XLaiwhOiMm3miGp2kCArFOHqLIKzjDFRIJNHEbplZPVWoOIWoy2bFQC6WzS4Re4gUm2j6PfNZoyPM7IYKaJQRMshL-ailiWP9FLryNJw7YrG-LuqQZt3eUJMBXVuc7SrdVF6S4Y4zxNobv66dCMgRDqYAMW2qkCQWRb9ylf9q1bytswzU5uNfrs6mAcInKhv8s_9qCU4rTwygVgzGeWEEPXusDVcsXmuXmo-ms4FPL8D4Fw_D4c-4KlCNPjYgpmDYkMvRwN2ls_DzFR0vrFla1jQgdF5gTyGA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csplague.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

229 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

31 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.csplague.com/	1969-12-31 23:59:59	Name: bb_sessionhash Value: 2b8da5ab27718bd5775888fc7ca84de8
.csplague.com/	1970-01-21 02:19:38	Name: bb_lastvisit Value: 1704842025
.csplague.com/	1970-01-21 02:19:38	Name: bb_lastactivity Value: 0
.csplague.com/	1970-01-21 02:19:38	Name: _ym_uid Value: 1704842027278165129
.csplague.com/	1970-01-21 02:19:38	Name: _ym_d Value: 1704842027
.yandex.com/	1970-01-21 03:10:02	Name: i Value: p9twzbXzbiebBwMyuCp9aQ7RDhW7UEjmmK3gyuAHE79R9pqCwzsEBvEaEPgBNtUYxOQiR9DvrAWXIthsRzJrrDqv9M0=
.yandex.com/	1970-01-21 02:19:38	Name: yandexuid Value: 1213048221704842027
.mc.yandex.com/	1970-01-20 17:34:02	Name: sync_cookie_csrf Value: 1642989097fake
.csplague.com/	1970-01-21 03:10:02	Name: __utma Value: 65603697.159196014.1704842027.1704842027.1704842027.1
.csplague.com/	1969-12-31 23:59:59	Name: __utmc Value: 65603697
.csplague.com/	1970-01-20 21:56:50	Name: __utmz Value: 65603697.1704842027.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.csplague.com/	1970-01-21 03:10:02	Name: __utmv Value: 65603697.usergroup-1-Misafir
.csplague.com/	1970-01-20 17:34:02	Name: __utmt Value: 1
.csplague.com/	1970-01-20 17:34:03	Name: __utmb Value: 65603697.2.10.1704842027
.csplague.com/	1970-01-20 17:35:14	Name: _ym_isad Value: 2
.mc.yandex.ru/	1970-01-20 17:34:02	Name: sync_cookie_csrf Value: 2810245760fake
.mc.yandex.com/	1970-01-20 17:35:28	Name: sync_cookie_ok Value: synced
.yandex.ru/	1970-01-21 03:10:02	Name: yandexuid Value: 1213048221704842027
.yandex.ru/	1970-01-21 03:10:02	Name: yuidss Value: 1213048221704842027
.yandex.ru/	1970-01-21 03:10:02	Name: i Value: p9twzbXzbiebBwMyuCp9aQ7RDhW7UEjmmK3gyuAHE79R9pqCwzsEBvEaEPgBNtUYxOQiR9DvrAWXIthsRzJrrDqv9M0=
.yandex.ru/	1970-01-21 03:10:02	Name: yp Value: 1704928427.yu.61027491704842027
.yandex.ru/	1970-01-21 02:19:38	Name: ymex Value: 1707434027.oyu.61027491704842027
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 1163237671704842027
.yandex.com/	1970-01-21 02:19:38	Name: yuidss Value: 1213048221704842027
.yandex.com/	1970-01-21 02:19:38	Name: ymex Value: 1736378027.yrts.1704842027
.yandex.com/	1970-01-21 02:19:38	Name: bh Value: KgI/MA==
.csplague.com/	1970-01-21 02:55:38	Name: __gads Value: ID=cafa5fce93e8f675:T=1704842027:RT=1704842027:S=ALNI_MY9HK13-xFTk1Bg-TiVv0iV1qsSSw
.csplague.com/	1970-01-21 02:55:38	Name: __gpi Value: UID=00000d3ef89a8831:T=1704842027:RT=1704842027:S=ALNI_Mbhl6TdWvA6cUi0-lnJZd_E256YRA
.doubleclick.net/	1970-01-21 02:55:38	Name: IDE Value: AHWqTUlfAgRdqHjVR7nEpEf6pIgjIsGdgOaDT36gARG7YaUwe09IiYaiGefHwvWHfxI
.googleadservices.com/	1970-01-20 19:43:38	Name: ar_debug Value: 1
.doubleclick.net/	1970-01-20 17:34:05	Name: DSID Value: NO_DATA

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.csplague.com/https://ajax.googleapis.com/ajax/libs/yui/2.9.0/build/yuiloader-dom-event/yuiloader-dom-event.js Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
informer.yandex.ru
mc.yandex.com
mc.yandex.ru
pagead2.googlesyndication.com
ssl.google-analytics.com
stats.g.doubleclick.net
tpc.googlesyndication.com
www.csplague.com
www.google.com
www.googleadservices.com
www.googletagservices.com
www.gstatic.com
104.21.0.200
142.250.185.98
172.67.128.64
2a00:1450:4001:806::2002
2a00:1450:4001:806::200a
2a00:1450:4001:813::2003
2a00:1450:4001:813::200a
2a00:1450:4001:81c::2002
2a00:1450:4001:827::2002
2a00:1450:4001:829::2008
2a00:1450:4001:82f::2001
2a00:1450:4001:82f::2003
2a00:1450:4001:831::2004
2a00:1450:400c:c0b::9d
2a02:6b8::1:119
03959c985a177161968328e7e73170cfd81d6b1291ae13ae5c2ee92f227088ae
05db6119f43198291220051bd8a632b71b03aff0f40f1d0e2364dc1907b53580
0766a3204b8ddb99bf3fe95fca5ea426f5c8fbb19d1cc2ebdcaa29f4702919f0
08450e3531b9c0a273c94d236ce77a5a765b46547cb1e1b6e228e00ddc19847f
0a0563c39d258abf315bcc33bd76f84b40e8e5bb52c2f144348d9bd94587c85d
0a96e5d5e42ec7c19922f9708e820239e4476766a8a17d6cbd55c78836fe64ec
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
1583215b5a5ec6136ed35e4a71e76ecf8cedc7d88569644d1871ec6355cdd0af
16aea80c6752a1cc048f9bacb41d9b9f92a56b9e021bbc3d72e5b245f4f21892
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1cf0b64f8cc9169d0158b5432e8e99db70a5c011bcd331015f3d07742eeaa641
21050d1e2217b2e12905dfd29b1e064a8615eec49e5c3c78f28d5ef00214bca6
2307457012eaaf3dc044aef28eaf2faa200d2c052eecfb1f147bd1dd8b5b5faf
232cc562ae9d3ab2b08128f352e616a66da0c79febaf1194779b4a2525437f8e
233a5d16bee5a64bf3bc19abe3cc812a1e0619435f01c163f628773a469ff719
270b5e8ce16893ddd2004ed6360b62b675136c6b9a667adc286a27df0a326b83
2c076f0de724e3f51172e6f54a5bce2d31af3b158922926700ff73f1a15e36e7
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2e68e651d86a3a60741e5d299fdf0923e31bd052fd0a8f3bbe924e92c29d3b17
30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31d6acda3942d761487bd68686baacf467ac20bea549564a0f13e57b99b702a3
3d2b34675fd418a1b23c652fa791f4875ccc12860d9b4b6ec8ae4aa09d51ec1e
3d2dc665f328e0c828935290078bcb2d3a0df9c5c93b30e2242c78221513e7e7
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
45124d8cfbafc56f626d4034fc7af4921867c35af021c6145f8d080a5ff1099b
457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d
467db4fa5df25fbb4b47a75961f5ff7474166c3ec35f78b86b8217e51546d61a
474e6699b0b4012e842f29e3c97746b92b77a327106d7dd6ff432f424f2a7172
476a49b5d8f5c7e06bedd4c39154c10a51d8516a8258126efb6c0dc4a5390d4f
494018c616ebbdd5473882a029aab7c72e0d1b76e353314cb68037b7c1472e4b
4ad6278d6108066c2a49c520488a487c94d41efefd1a5dc52efbf132c3292845
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
554cf827e31a6090ff1ad207cbe5128f11a17cd0a43d793886dfd6304afd7470
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5e1377460306289cbb87404c8c391220e05f39a434d7026e728384321cba1388
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63af4ce8f8bcebe69cb3f81f4c253418c326ceb06496b2f7059642204df29875
6c989d9963789ced0970bc498b2abf2d99656bc2f791c88f3d5388863a9af372
6e4ed9f4271f22c3bb4405155731f16c131e71d4c752060017496c0bbd2d5c85
7821af474aa928dbf032a1989000c9ded519a5cb2fd1e095d115627c212d7149
7a519c62e734157227e61ce5209158e1b7b484b5f2b68e3ccaed1ffe444de36d
80497890550b179159751751c29751798cd794d4740d50a60dea16a8b222070e
8281f11037bd7cbf83bb7de917fb92f7d61710d944c29e10fb89b83eca40bde2
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85ebcdc2edd25617bf3d095c11aa12809e582afd6674b6b86b383b4d18bd37e3
85fc6dd3edb453cd807413b7f2a1bbe9b9c1a5b4128d308cde837bdd8545a6fb
8888dfd71fcd7c091a3b458e2c449c36cbd311e1f783aebfb5ab01fa6c29378b
8b9041aeb52a2e7ab150b8513da2a3d9676229a9abc3b20fa938124e1b134d14
90403799c6188fbbba6073533195f94ddf48fc9e63ad735e58742177fa00879b
972f7a26f860f2f122dcf2a4c5cae616df3a4a83e0c8318a1afb824c766fb651
98308bc60e12771ba766f0d0be0a196a6e8cd28d61028f4d6d488a5326ba4229
a4c01cac7ba6ce8d9908681f0c5896c123944426a45bf436ee670ce2e7e77b19
a4d101023d8ad3824d845885dd4d6f995c2502f7dc407920d82fc292aa397afd
a6054a1a208fe6eb3f20fbbcd6e6d31c42bd0b4479be20c19bce3ccc7c6f51f1
ac9c76742a0c13a8c3f028818bbb637635efacf78bcc2f1a642ffd01a7c760e4
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b0c35998d2c6b2c3fbfa9fb7f8c483b9556b763b66c1a10afb9807dc78d23a40
b4cb7512a5b4c85d6ecc2ca77ad447491b6e24f012246bc4d9601e58b2d3457d
b6226548fe52164f899f9c3a0799b67bd27f58864cf039561f3b8a968ab46fdb
b70346c091db42d80d5848097d837496efe57b6aa5d260c944adf3babcb74a52
bcc29375c4f0bff0ab91c83998924394345dd5a85dd4611c3c2504ea112caa0f
bd2eee6db5b0cefc775a78fed85b40b9ffce811ec56d34e239172228a2bcf696
be25b77a3b72b7bd26c0ed27e5cbc0bc8d26df240140ac2abcc961d4128670de
c1287adfc1c6761dcb4221e342113981bfcf6067e0f65adbf417674f5e83da4d
c6299da15b98b2e26e1eaaeb7746a54c9d5d3211f456b27c4245e9b97ff6069a
c6c63b8f0cced84e5385bb101206373be8667e268a9a727b1b98dc5b3f6e3253
c7840c15e068442e3080a0361242a14486ea10f5152baa9a5fdc0be0db9ce3a5
cae8e06570f9a0f8f6106b2d524a8c5e5113a994847b567871d874be3da64987
cdcaa771e7265ff69e374f9fef053fd9ae91567074983aa1a61bf74a3001490b
d068637fee540aa04315632748882690c92d70fe4412966ba3435100d550cad1
d560f400b652452ce816d912766f9b7bd52f9c24a8d30eaabcc907b6a1cddd13
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
daab8a66fad84e54d32b62c10a996179c4d17efc15fc7aa77a5927dbb6cd10a8
dbaae16862656454d80a5bbbb706aea5a1de56feca53967f11c20be80744b344
de0528711561f43cc2d8e841a54f51ff6813fe1daacafe8ec908f040266f128f
df88af128f4db3ea8ef75266da16482eebd63505a7ef4cce72b5d4342d64396e
df8dd5d913aa3ef7db2b23730fb7535aad1e9e92a20e66114de8bec0ac9739e3
e046e38d0c1a85864724c894073420f4ec14404528ec61dba81343321a6f34bc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5074ce08145a4fd062816be25171706ceeca58a8f2a4e7ced6935ad620d4121
e77e8e8972fd543094f73cd90f4a7409520dbf1c8e0f228c22813ed6f5b8b34b
e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197
ec849651e046657ea25b86b176ed889ad483aeea21d859c19207deb33cfbd407
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f550b71b9d9ec77b8fd2f1d94c74309d9cd778a6c7dafd5f1f47a874fe3d6b76
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390
f8d4ba93d58e93dbbd63d35fc2957faf6d64fb14615cd0b08a6ab850321a8c4f
fc0b834cbf1da15b1db4164eb42b2378ad6e5539a20f9e946f63b3e2cd0c024d

www.csplague.com Open in urlscan Pro 172.67.128.64 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

133 Requests

95 %HTTPS

80 %IPv6

11 Domains

16 Subdomains

15 IPs

5 Countries

1521 kBTransfer

3898 kBSize

31 Cookies

10 Outgoing links

Page URL History

Redirected requests

133 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.csplague.com Open in urlscan Pro
172.67.128.64 Public Scan

Screenshot
Live screenshot

Full Image

133
Requests

95 %
HTTPS

80 %
IPv6

11
Domains

16
Subdomains

15
IPs

5
Countries

1521 kB
Transfer

3898 kB
Size

31
Cookies

133 HTTP transactions
3 data transactions