www.csgowinner.com Open in urlscan Pro
81.169.142.103 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://csgowinner.com/
Effective URL:
https://www.csgowinner.com/
Submission Tags: phishingrod
Submission: On January 11 via api (January 11th 2024, 12:30:55 pm UTC) from DE — Scanned from DE

Summary HTTP 216 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 23 IPs in 6 countries across 20 domains to perform 216 HTTP transactions. The main IP is 81.169.142.103, located in Lalendorf, Germany and belongs to STRATO STRATO AG, DE. The main domain is www.csgowinner.com.
TLS certificate: Issued by R3 on January 11th 2024. Valid for: 3 months.

This is the only time www.csgowinner.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 58	81.169.142.103 81.169.142.103	6724 (STRATO ST...) (STRATO STRATO AG)
1	95.101.54.195 95.101.54.195	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
29	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
4 17	2a00:1450:400... 2a00:1450:4001:81c::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2008	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
43	2a00:1450:400... 2a00:1450:4001:80b::2001	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
8	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
4 11	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
2 4	104.18.36.155 104.18.36.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 4	185.89.211.116 185.89.211.116	29990 (ASN-APPNEX) (ASN-APPNEX)
17	2a00:1450:400... 2a00:1450:4001:808::2006	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
1 3	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
2	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
2 2	18.197.162.124 18.197.162.124	16509 (AMAZON-02) (AMAZON-02)
1 1	34.150.170.96 34.150.170.96	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4 4	37.157.5.84 37.157.5.84	198622 (ADFORM) (ADFORM)
2 2	213.155.156.167 213.155.156.167	1299 (TWELVE99 ...) (TWELVE99 Arelion)
1	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 2	2.16.97.41 2.16.97.41	16625 (AKAMAI-AS) (AKAMAI-AS)
1	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
216	23

58 81.169.142.103 (Lalendorf, Germany) 1 redirects

ASN6724 (STRATO STRATO AG, DE)
PTR: h2887616.stratoserver.net

csgowinner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.csgowinner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.101.54.195 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a95-101-54-195.deploy.static.akamaitechnologies.com

steamcommunity-a.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany) 4 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

43 2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 142.250.186.98 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.18.36.155 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.89.211.116 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:808::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.197.162.124 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-162-124.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.150.170.96 (Washington, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 96.170.150.34.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.157.5.84 (Denmark) 4 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.167 (Sweden) 2 redirects

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.16.97.41 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-16-97-41.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
73	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 140 tpc.googlesyndication.com — Cisco Umbrella Rank: 185 ade.googlesyndication.com — Cisco Umbrella Rank: 360	810 KB
58	csgowinner.com 1 redirects csgowinner.com www.csgowinner.com	1 MB
30	doubleclick.net 8 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 68 cm.g.doubleclick.net — Cisco Umbrella Rank: 338 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 677	252 KB
17	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 407	5 MB
16	gstatic.com www.gstatic.com fonts.gstatic.com	214 KB
8	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 173
6	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 271	389 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 115	5 KB
4	adform.net 4 redirects c1.adform.net — Cisco Umbrella Rank: 1001	3 KB
4	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 356	4 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 1194	2 KB
3	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 6	817 B
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 101 region1.google-analytics.com — Cisco Umbrella Rank: 1695	21 KB
2	teads.tv 1 redirects sync.teads.tv — Cisco Umbrella Rank: 2019	451 B
2	de17a.com 2 redirects d5p.de17a.com — Cisco Umbrella Rank: 7787	653 B
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 1620	2 KB
1	criteo.com dis.criteo.com — Cisco Umbrella Rank: 943	363 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 1428	714 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 114	82 KB
1	akamaihd.net steamcommunity-a.akamaihd.net — Cisco Umbrella Rank: 8614	2 KB
216	20

	Domain	Requested by
57	www.csgowinner.com	www.csgowinner.com
43	tpc.googlesyndication.com	googleads.g.doubleclick.net www.csgowinner.com www.gstatic.com tpc.googlesyndication.com s0.2mdn.net pagead2.googlesyndication.com
29	pagead2.googlesyndication.com	www.csgowinner.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com s0.2mdn.net www.googletagservices.com
17	s0.2mdn.net	tpc.googlesyndication.com www.csgowinner.com s0.2mdn.net
17	googleads.g.doubleclick.net	4 redirects pagead2.googlesyndication.com www.csgowinner.com googleads.g.doubleclick.net
12	www.gstatic.com	googleads.g.doubleclick.net www.csgowinner.com
11	cm.g.doubleclick.net	4 redirects googleads.g.doubleclick.net
8	www.googleadservices.com	www.csgowinner.com
6	www.googletagservices.com	googleads.g.doubleclick.net www.csgowinner.com
5	fonts.googleapis.com	googleads.g.doubleclick.net
4	c1.adform.net	4 redirects
4	fonts.gstatic.com	fonts.googleapis.com
4	ib.adnxs.com	3 redirects googleads.g.doubleclick.net
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
3	www.google.com	1 redirects googleads.g.doubleclick.net tpc.googlesyndication.com
2	sync.teads.tv	1 redirects
2	d5p.de17a.com	2 redirects
2	pm.w55c.net	2 redirects
2	googleads4.g.doubleclick.net	www.csgowinner.com
2	www.google-analytics.com	www.csgowinner.com www.google-analytics.com
1	ade.googlesyndication.com
1	dis.criteo.com	googleads.g.doubleclick.net
1	um.simpli.fi	1 redirects
1	region1.google-analytics.com	www.googletagmanager.com
1	www.googletagmanager.com	www.google-analytics.com
1	steamcommunity-a.akamaihd.net	www.csgowinner.com
1	csgowinner.com	1 redirects
216	27

This site contains links to these domains. Also see Links.

Domain
www.youtube.com
www.facebook.com
www.twitter.com
steamcommunity.com

Subject Issuer	Validity	Valid
csgowinner.com R3	`2024-01-11` - `2024-04-10`	3 months	crt.sh
a248.e.akamai.net DigiCert TLS RSA SHA256 2020 CA1	`2023-05-16` - `2024-05-15`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-01` - `2024-03-01`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh

This page contains 27 frames:

Primary Page: https://www.csgowinner.com/
Frame ID: 5FD8E0F717E4226143764E88F190A092
Requests: 68 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20190131/zrt_lookup_fy2021.html?hello=world
Frame ID: CE44D0C30D8268B472D787170126851A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1702866763462916&output=html&h=280&slotname=9683034901&adk=2356769020&adf=536986986&pi=t.ma~as.9683034901&w=1000&fwrn=4&fwrnh=100&lmt=1704976250&rafmt=1&format=1000x280&url=https%3A%2F%2Fwww.csgowinner.com%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704976250374&bpp=2&bdt=160&idt=174&shv=r20240109&mjsv=m202401020101&ptt=9&saldr=aa&abxe=1&correlator=3895014691616&frm=20&pv=2&ga_vid=87196440.1704976251&ga_sid=1704976251&ga_hid=864668929&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=300&ady=464&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079438%2C31080261%2C44809003%2C31080217%2C44807406%2C95320869%2C95320893&oid=2&pvsid=3579955393326667&tmod=1694812098&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&dtd=193
Frame ID: 47023C4167C78DE537347EC2EF3D0718
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1702866763462916&output=html&adk=1812271804&adf=3025194257&lmt=1704976250&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x675_l%7C188x675_r&format=0x0&url=https%3A%2F%2Fwww.csgowinner.com%2F&ea=0&pra=7&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&aslmct=0.8&asamct=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704976250490&bpp=2&bdt=276&idt=93&shv=r20240109&mjsv=m202401020101&ptt=9&saldr=aa&abxe=1&prev_fmts=1000x280&nras=1&correlator=3895014691616&frm=20&pv=1&ga_vid=87196440.1704976251&ga_sid=1704976251&ga_hid=864668929&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079438%2C31080261%2C44809003%2C31080217%2C44807406%2C95320869%2C95320893&oid=2&pvsid=3579955393326667&tmod=1694812098&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=104
Frame ID: 27FC3AD0BF68E21D036646834FA8CE6E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1702866763462916&output=html&h=280&adk=258842709&adf=2518345730&pi=t.aa~a.11033437~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1704976251&rafmt=1&to=qs&pwprc=9300450939&format=1200x280&url=https%3A%2F%2Fwww.csgowinner.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704976251991&bpp=1&bdt=1776&idt=-M&shv=r20240109&mjsv=m202401020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfe104226049cfe71%3AT%3D1704976250%3ART%3D1704976250%3AS%3DALNI_MZrGnYr6EWZqiO4Q1PtfY-sS12yHw&gpic=UID%3D00000d3f715d7af0%3AT%3D1704976250%3ART%3D1704976250%3AS%3DALNI_Mbed9QxZLpoY48oIrz3XlkK43V5Zw&prev_fmts=1000x280%2C0x0&nras=2&correlator=3895014691616&frm=20&pv=1&ga_vid=87196440.1704976251&ga_sid=1704976251&ga_hid=864668929&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1511&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079438%2C31080261%2C44809003%2C31080217%2C44807406%2C95320869%2C95320893&oid=2&psts=AOrYGsn3JqZ8_a_i7ZUt9PQ41sD1BwlJmQhfQv5rFpcwwD3LoDQKf0Ta2RN-Ev5qP5_1VHWHLaArZGSswvI9Iijfv1CiXg&pvsid=3579955393326667&tmod=1694812098&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=2
Frame ID: 52D9487A9050FE8EF69E659575EA0326
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1702866763462916&output=html&h=90&adk=236785816&adf=3348424040&pi=t.aa~a.236152423~rp.4&w=1180&fwrn=4&fwrnh=100&lmt=1704976251&rafmt=1&to=qs&pwprc=9300450939&format=1180x90&url=https%3A%2F%2Fwww.csgowinner.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704976251991&bpp=1&bdt=1776&idt=0&shv=r20240109&mjsv=m202401020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfe104226049cfe71%3AT%3D1704976250%3ART%3D1704976250%3AS%3DALNI_MZrGnYr6EWZqiO4Q1PtfY-sS12yHw&gpic=UID%3D00000d3f715d7af0%3AT%3D1704976250%3ART%3D1704976250%3AS%3DALNI_Mbed9QxZLpoY48oIrz3XlkK43V5Zw&prev_fmts=1000x280%2C0x0%2C1200x280&nras=3&correlator=3895014691616&frm=20&pv=1&ga_vid=87196440.1704976251&ga_sid=1704976251&ga_hid=864668929&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=210&ady=2196&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079438%2C31080261%2C44809003%2C31080217%2C44807406%2C95320869%2C95320893&oid=2&psts=AOrYGsn3JqZ8_a_i7ZUt9PQ41sD1BwlJmQhfQv5rFpcwwD3LoDQKf0Ta2RN-Ev5qP5_1VHWHLaArZGSswvI9Iijfv1CiXg&pvsid=3579955393326667&tmod=1694812098&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=4
Frame ID: D91267DD248A37AA134C326C15EDE75D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Frame ID: DED541347BF973EE11DF3236EA83D5A4
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Frame ID: 0ECD9A2E0F96E14230E1D5E4EDB0D097
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Frame ID: 34F1B91A7F86E2C0FBB5A27922C8DF9E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Frame ID: EB5811C5D0B8173DDE5E139CF6A15FEE
Requests: 15 HTTP requests in this frame

Frame: https://www.gstatic.com/mysidia/4b0ef9dfa83525e0607f42119c034d23.js?tag=client_fast_engine_2019
Frame ID: 77C2719DF63C0C311D4C22895D648EC5
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsY-dzjwAEwAQ&v=APEucNXxiczpvrEhk5OBdk5spZSoNg82LzWjw09ttHM_VxaT5RzsXzUaK7uXwzuVYdLqOkn-LAYqcQENN8SAgc4G9eBLHP_yfAf-CjWPpDjkcwiSD-njwphcPK_7HPUacExHDv8PS3BX0C8CFEjQh2vHfkFJCB3mu-6BC5tu1DEysFqRdQCnaFs
Frame ID: D7F088BCC77BFDFC33C029B45C6623AA
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: F88AC910BB7F100BE0D81AA32D8956C2
Requests: 18 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 14E90407AF60789415D5F2FDE24E1535
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: D9CC9886A01B55EE94EB7CD9D8C7BD14
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Fq6oDGdSocwEj5ustB2bn5Kla54CG7w9cuWyRfTyGJI.js
Frame ID: DE8FB355408321DEBB54498956E05152
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3226380807570132306/160x600-S4-Banner-Design%26Creative-Flexible/index.html
Frame ID: E90F2B49794C0AA11446E49A87DE57DF
Requests: 11 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Fq6oDGdSocwEj5ustB2bn5Kla54CG7w9cuWyRfTyGJI.js
Frame ID: 926C6AAD12B815112E27189F741A5C7B
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Fq6oDGdSocwEj5ustB2bn5Kla54CG7w9cuWyRfTyGJI.js
Frame ID: 6F44FE306364BD18FEEDEEB9FD1F8B21
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 3B07B030CA40B2C028D74E4DCBC9A1ED
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/6984646504748768363/index.html?e=69&leftOffset=0&topOffset=0&c=jCOXHjg1oY&t=1&renderingType=2&ev=01_250
Frame ID: 22F438FA067E7A28395282C8B5772BD8
Requests: 17 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: EC892CB9FC5ACF898A27D3F66AD52F9B
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Fq6oDGdSocwEj5ustB2bn5Kla54CG7w9cuWyRfTyGJI.js
Frame ID: 4446FAE0E4E63BF94EB28ED6F40CC3FA
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Fq6oDGdSocwEj5ustB2bn5Kla54CG7w9cuWyRfTyGJI.js
Frame ID: BDCF3F9563F95421E94C977206BB3CE8
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js
Frame ID: 6798DFA85A7B8E9999F13AC646C5379F
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: DA53F0F9CDB1AD429832CBCD5AF01BAB
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: DB1454FC5252E5C02BEBEB4A2802CBCC
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

The biggest CS:GO gamble sites listing | CSGOWinner.com

Page URL History Show full URLs

https://csgowinner.com/ HTTP 301
https://www.csgowinner.com/ Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

216
Requests

94 %
HTTPS

46 %
IPv6

20
Domains

27
Subdomains

23
IPs

6
Countries

8220 kB
Transfer

11628 kB
Size

23
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://www.youtube.com/channel/UCrysyrTFQcD2e9XOxP2_S7w

Search URL Search Domain Scan URL

URL: https://www.facebook.com/csgowinner

Search URL Search Domain Scan URL

URL: https://www.twitter.com/csgowinner_com

Search URL Search Domain Scan URL

URL: http://steamcommunity.com/groups/csgowinner_com

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://csgowinner.com/ HTTP 301
https://www.csgowinner.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 125

https://googleads.g.doubleclick.net/pagead/adview?ai=CZ13xet-fZdbOJcWv9fgPyomcqASZlJ-HdZ2H9rnmEcGyiaTHPBABIJnv7xFglYq2gsQHoAHf1-LPA8gBCagDAcgDSKoEhAJP0JzUxz4bVVsAiERkBuUT0gPZPqGVLxIZ5sbfEPLmc5BWnn3S_7i9W5ORhm7qBWgYBRiqct-XDGyeeBWWdBzNIsApped2BpiRyJi7kQ_rlxKungw_bnY6iD9zcURXEPPa29NPsjFL4BdT6gdRxknGfpPWwcNJBzC1zk9vuULgYwoK-uzoEeqR8KwNhKS3TRcnf1kp9EP5FO9aMcJIbTyddQRKseUPyvoV2ak9iKON7yZ7ak8qKQUND7KJ9ExsbSZ649StAjVqnjy0AfiipasS3DeS-1g-SfdZ2ss12vLTo_AzT8TP7hiBsuqLMvFf6eT97KbBVjFA--8KIkbNnIvqrCX7fMAEvPumj7MEiAWditKaS5IFBAgEGAGSBQQIBRgEoAYugAemwZvQAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcA8gcEEK-aBtIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpYirWSvqvVgwOaCeQBaHR0cHM6Ly93d3cudXB3b3JrLmNvbS9oaXJlL2xhbmRpbmcvP3V0bV9zb3VyY2U9R0ROJnV0bV9tZWRpdW09RGlzcGxheSZ1dG1fY2FtcGFpZ249RGlzcGxheV9HRE5fSU5UTF9NYXJrZXRwbGFjZV9Qcm9zcGVjdGluZ19TQitfQWZmaW5pdHkmdXRtX2NvbnRlbnQ9QWZmaW5pdHkmdXRtX3Rlcm09NjY5NDAzNTk5NTc0JnV0bV9jcmVhdGl2ZT1TNC1CYW5uZXItRGVzaWduJkNyZWF0aXZlLUZsZXhpYmxlgAoByAsB2BMN0BUBgBcBshccChoIABIUcHViLTE3MDI4NjY3NjM0NjI5MTYYAA&sigh=On_Gg4GKWQ4&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwAvHhf_vaHcz1NmyTsv2YZzLgcZzALxOEgSBgVMoUQp0iwHcKL39MYDoSzBJcJzFs5RSbMad6lQbTHwngPaNwLVwNda02zWh7dprZfSpLsYAQ&template_id=419&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2211689732638749131566%22,%22debug_reporting%22:true,%22destination%22:%22https://upwork.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22972598239%22],%2222%22:[%22true%22],%224%22:[%2201-11%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%228023851575820274433%22}&andc=true

Request Chain 126

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA1G78WEDWUrVFUyknpDO2k&google_cver=1

Request Chain 127

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZZ-ffE-rEtHhh8QymUIJ8QAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENe4U-PQllFHzc3WEKjnbIw&google_cver=1

Request Chain 128

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEFgQrCQyMNp7wnYVHgl9KPs&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEFgQrCQyMNp7wnYVHgl9KPs%26google_cver%3D1

Request Chain 129

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTMzNzM2MzQ3NDE4NzU0NDY5NA%3D%3D

Request Chain 144

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 150

https://googleads.g.doubleclick.net/pagead/adview?ai=CNsjhet-fZdjOJcWv9fgPyomcqASGpKOSdZzk88PeEGQQASCZ7-8RYJWKtoLEB6AB_9uKyAPIAQGoAwHIA8sEqgSFAk_QEzNAqX-sBemcMqHC_qIUXUehS7Ym_kO9tZ56AU0KNan_tkq1_RnzCMC24WZuWdMeB8HAwk0QH4UWNPA6Gh2aZ9quuRaFyYcfBRM0NZctbcwQ2WvsPScoHMRPob36c7j8RHuJB-ojDaysktrHuwws85bnQNcMHZvuOy7tJPcvS6QKDAURspCL2uQGM9Z0BAYYz5WnepMysSV0CdENmVXdn-_vMJxFEBr0RDTEKLIdo2g73ubB_1r97HRr0qXiYkMoeQD1kwFj6PGYXogUfk5tYjlvdi95mV4k92dZkWnNAyLrPi08_CmrETk3Jvss1ZFCq1HyWSGNNd7gDTbq7987UNwvtcAEwvW2tJ0DiAXx84TCLJIFBAgEGAGSBQQIBRgEgAfw7qyiAqgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcEEMi2EdIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpYirWSvqvVgwOaCZABaHR0cHM6Ly93d3cuZ3JhbW1hcmx5LmNvbS9hP3V0bV9tZWRpdW09Y3BjJnV0bV9zb3VyY2U9Z2RuJnV0bV9jYW1wYWlnbj0xMTk0OTY1MjQ2NSZ1dG1fY29udGVudD02Mjk5NzI3MDg3ODImdXRtX3Rlcm09d3d3LmNzZ293aW5uZXIuY29tJmRldmljZT1jgAoByAsB2BMLiBQC0BUBgBcBshccChoIABIUcHViLTE3MDI4NjY3NjM0NjI5MTYYAA&sigh=6qUz2pQ2f4w&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwAvHhf_vaHcz1NmyTsv2YZzLgcZzALxOEgSBgVMoUQp0iwHcKL39MYDoSzBJcJzFs5RSbMad6lQbTHwngPaNwLVwNda02zWh7dprZfSpLsYAQ&template_id=5001&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2217556072658701059734%22,%22debug_reporting%22:true,%22destination%22:%22https://grammarly.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22956476927%22],%2222%22:[%22true%22],%224%22:[%2201-11%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%226394485654784437089%22}&andc=true

Request Chain 175

https://googleads.g.doubleclick.net/pagead/adview?ai=ChIPeet-fZaeTJKmT9fgP0s-D2AnL6OrNbayDp7SuEsXbibyFKhABIJnv7xFglYq2gsQHoAHz08vTA8gBCakCy-cgq6ttsj6oAwHIA8sEqgSCAk_Q1Gst7Xi4ONoVmjV3Q53ibD0E44ku75ApQbinirkFqMH6q03kFze6IA8lmwU11GulmLj8BUZH1MVF239tMco6x0r4JMEmE1RQ4hB7Id2dEgt3kFx7_BiS1ANZoRVmfCFAD_tq6JS133us8TxKN96B53RT5SkFbFCe3r5057UUa8pRTYAcYooXN2_cOproZnP2VBvNys5nSSpC00akSmc-jLdqLWoWgk8p4NyGm6gj4nUkY8QkpNrEQu4Tc8woa0YzimEg3AqaUj905_AYIfJafrkjATxlI0e15rTAjMC2sqdT9ZccFxaFW5gZHvdR9SPfURtgbIFiC63mEBhuvZbossAE4MmP7pkEiAXtq8rvRpIFBAgEGAGSBQQIBRgEoAYugAfPl7ovqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwQQ6Lof0ggfCIDhgBAQARgfMgKqAjoCgEBIvf3BOljj95C-q9WDA5oJFmh0dHA6Ly93YXJ0aHVuZGVyLmNvbS-ACgHICwG4E-QD2BMM0BUBgBcBshccChoIABIUcHViLTE3MDI4NjY3NjM0NjI5MTYYALIYBRguIgEA&sigh=Jdxgvj8N04A&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwAvHhf_FeZ4eT9wj3YK1wUlJsrfN_zSGGIyFjWIeMgmdqhIgRPn9Y7YKaANlYguxdC63Yssh76gwPe9QZY6F3A09gcPvpJ-UUJK0ejAk5AYAQ&template_id=484&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%228853990773378149669%22,%22debug_reporting%22:true,%22destination%22:%22https://warthunder.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22980609523%22],%2222%22:[%22true%22],%224%22:[%2201-11%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2212341781001955422945%22}&andc=true

Request Chain 177

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEOuj_eKou2l9CgOeHsY2a8A&google_cver=1&google_push=AXcoOmRHrgpdHxmpFjEkijYQPR1c27TpRXTjiILYsY0MUXKsPjeMgA4XQfs-k8vmKNH7VzaAZLfqIPBwkqeWw2t8V33veSQBdFhdE4s HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEOuj_eKou2l9CgOeHsY2a8A&google_cver=1&google_push=AXcoOmRHrgpdHxmpFjEkijYQPR1c27TpRXTjiILYsY0MUXKsPjeMgA4XQfs-k8vmKNH7VzaAZLfqIPBwkqeWw2t8V33veSQBdFhdE4s HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=QllFZmhVenkxUm5VY1k1&google_gid=CAESEOuj_eKou2l9CgOeHsY2a8A&google_cver=1&google_push=AXcoOmRHrgpdHxmpFjEkijYQPR1c27TpRXTjiILYsY0MUXKsPjeMgA4XQfs-k8vmKNH7VzaAZLfqIPBwkqeWw2t8V33veSQBdFhdE4s

Request Chain 178

https://um.simpli.fi/gp_match?google_gid=CAESEBX4d0guxa5uL5vjNjFtKmc&google_cver=1&google_push=AXcoOmTuHQg4qZvogmnseZlt0TZdqP-1ViHRkLo1yLPIPedzhHnhGg7tYzfVH0xIeGEFBSu-WmeJXm3F9QJKaw5I7jh4iUhWXA5Lp1c HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=9534B0BCF99C4A468E610B0F224F66F4&google_push=AXcoOmTuHQg4qZvogmnseZlt0TZdqP-1ViHRkLo1yLPIPedzhHnhGg7tYzfVH0xIeGEFBSu-WmeJXm3F9QJKaw5I7jh4iUhWXA5Lp1c

Request Chain 179

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESENiN9Gh6Ij423ZQlx_L1W2M&google_cver=1&google_push=AXcoOmT4NcUr92kE8ncv8Bj5WLDNXyakkCd5hCXn2wupo6xU9sZZPIjRpYO2wTMYi8qIouHTp22G0aGVpuUKb2mCdOjLaOn-_-U5T0U HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESENiN9Gh6Ij423ZQlx_L1W2M&google_cver=1&google_push=AXcoOmT4NcUr92kE8ncv8Bj5WLDNXyakkCd5hCXn2wupo6xU9sZZPIjRpYO2wTMYi8qIouHTp22G0aGVpuUKb2mCdOjLaOn-_-U5T0U HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTI4NTk2NzE2NjQwNzEzNzYzNg&google_push=AXcoOmT4NcUr92kE8ncv8Bj5WLDNXyakkCd5hCXn2wupo6xU9sZZPIjRpYO2wTMYi8qIouHTp22G0aGVpuUKb2mCdOjLaOn-_-U5T0U

Request Chain 180

https://d5p.de17a.com/cookies/google?google_gid=CAESEM4vU5BYJK_EuJ-tFnRTlbc&google_cver=1&google_push=AXcoOmSWTVbm7gQ9JF0L5QMKYyA6bZkTI8MTDjkatktBfKYp33Krtw41Ay06rc13kgV6WtU-fN30ZlJhTv5IUt4WqT2yZlYYXvj7_Xg HTTP 302
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEM4vU5BYJK_EuJ-tFnRTlbc&google_cver=1&google_push=AXcoOmSWTVbm7gQ9JF0L5QMKYyA6bZkTI8MTDjkatktBfKYp33Krtw41Ay06rc13kgV6WtU-fN30ZlJhTv5IUt4WqT2yZlYYXvj7_Xg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmSWTVbm7gQ9JF0L5QMKYyA6bZkTI8MTDjkatktBfKYp33Krtw41Ay06rc13kgV6WtU-fN30ZlJhTv5IUt4WqT2yZlYYXvj7_Xg

Request Chain 182

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESENiN9Gh6Ij423ZQlx_L1W2M&google_cver=1&google_push=AXcoOmRRAhceqV_bXG16jPluAIXozID0eskC0sT6E2-i8--tKjIhuPfehRk5hpkf5rK5KsA89IBlKZzEKD1Dj-_8l2_5UDl0-7b8_eU HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESENiN9Gh6Ij423ZQlx_L1W2M&google_cver=1&google_push=AXcoOmRRAhceqV_bXG16jPluAIXozID0eskC0sT6E2-i8--tKjIhuPfehRk5hpkf5rK5KsA89IBlKZzEKD1Dj-_8l2_5UDl0-7b8_eU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTQ4MDQyMDA3MjU1NzExOTIzNg&google_push=AXcoOmRRAhceqV_bXG16jPluAIXozID0eskC0sT6E2-i8--tKjIhuPfehRk5hpkf5rK5KsA89IBlKZzEKD1Dj-_8l2_5UDl0-7b8_eU

Request Chain 183

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEIWu0IxRMHWHlrPmVoLIFJ4&google_cver=1&google_push=AXcoOmRz6tM142yF987C24W4ritbDjH3LXBFm7_kGnHF5E06LvgDZz7pjg2wJ5PVgY-L-ESY0hXXrp7Cl4-2YYcNhll9H-b9UN2bRwQu HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmRz6tM142yF987C24W4ritbDjH3LXBFm7_kGnHF5E06LvgDZz7pjg2wJ5PVgY-L-ESY0hXXrp7Cl4-2YYcNhll9H-b9UN2bRwQu HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 189

https://googleads.g.doubleclick.net/pagead/adview?ai=C0a_rfN-fZah414z1-A-Y0IpYy-jqzW3Ug6e0rhLF24m8hSoQASCZ7-8RYJWKtoLEB6AB89PL0wPIAQmpAsvnIKurbbI-qAMByAPLBKoEiwJP0M9RHEAvQRMHHztMAfdkXnXbCX0SYPnj52htwIe5RHO73bh1nt3JhUuCT7FgMaUQloH5cDpySo_61MePugaUE1b94tsBtTNiuJa87CZz6IS1EvyKqKAqzMLeevhIWbyDofqje3fYSNdXc5n2kIZTmrHBC9syEOE13hlTe0IYoOTu6GAb1x8iV8JaG9bMU-rrEUG9ppc6aAHvEvE25UCxZwTTtJ8lCQ9SeDirEBl_I2Fi2XOM_JfKq5K-7MVmAx-q0LgBwAgnkfOoTRiSdlLV2TkAeGUritCgUypYD0RCUHaN2gbsLHloWU16FypTpeEM9jG7OQoTRaj6pqBp0Tmq8oaG0Fyr8qutJHnABODJj-6ZBIgF7avK70aSBQQIBBgBkgUECAUYBKAGLoAHz5e6L6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcA8gcEEOf1CNIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpYnuHnvqvVgwOaCRZodHRwOi8vd2FydGh1bmRlci5jb20vgAoByAsBogwIKgYKBKy6sQLYEwzQFQGAFwGyFxwKGggAEhRwdWItMTcwMjg2Njc2MzQ2MjkxNhgA&sigh=57AciR3eh2Q&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSPAAvHhf_AGvvJmLxn3gRUfg2Ie1AOyPdXl0OXG4Opi3duznGupyJxbzYz4gYC33KTmUEsIGNZ-9amfpNKBgB&template_id=5000&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2214717448298529642889%22,%22debug_reporting%22:true,%22destination%22:%22https://warthunder.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22980609523%22],%2222%22:[%22true%22],%224%22:[%2201-11%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%229524867499648371905%22}&andc=true

216 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
www.csgowinner.com/
Redirect Chain

https://csgowinner.com/
https://www.csgowinner.com/

25 KB
5 KB

122ms
53ms

Document
text/html

81.169.142.103
STRATO STRATO AG

General

Check archive.org

Show headers Download Go to

Full URL: https://www.csgowinner.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.169.142.103 Lalendorf, Germany, ASN6724 (STRATO STRATO AG, DE),
Reverse DNS: h2887616.stratoserver.net
Software: Apache / PleskLin
Resource Hash: cb3116def1a116ef898d8832dae3977d186806688e27d0f2272810d362da509c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 4303
Content-Type: text/html; charset=UTF-8
Date: Thu, 11 Jan 2024 12:30:50 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
X-Powered-By: PleskLin

Redirect headers

Connection: Keep-Alive
Content-Length: 300
Content-Type: text/html; charset=iso-8859-1
Date: Thu, 11 Jan 2024 12:30:50 GMT
Keep-Alive: timeout=5, max=100
Location: https://www.csgowinner.com/
Server: Apache

GET
H/1.1 200
OK style.min.css
www.csgowinner.com/css/ 18 KB
4 KB 27ms
27ms Stylesheet
text/css 81.169.142.103
STRATO STRATO AG

General

Check archive.org

Show headers Download Go to

Full URL: https://www.csgowinner.com/css/style.min.css
Requested by: Host: www.csgowinner.com
URL: https://www.csgowinner.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.169.142.103 Lalendorf, Germany, ASN6724 (STRATO STRATO AG, DE),
Reverse DNS: h2887616.stratoserver.net
Software: Apache / PleskLin
Resource Hash: 5d79022f45ec1f26e7482de77a0b71e28b1be1085b4162284af65ee787f7d53c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csgowinner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Thu, 11 Jan 2024 12:30:50 GMT
Content-Encoding: gzip
Last-Modified: Thu, 21 Jan 2021 16:41:23 GMT
Server: Apache
ETag: "4669-5b96bbdf2d2c0-gzip"
X-Powered-By: PleskLin
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 3795
Expires: Thu, 15 Apr 2010 20:00:00 GMT

GET
H/1.1 200
OK font-awesome.min.css
www.csgowinner.com/css/ 28 KB
7 KB 55ms
27ms Stylesheet
text/css 81.169.142.103
STRATO STRATO AG

General

Check archive.org

Show headers Download Go to

Full URL: https://www.csgowinner.com/css/font-awesome.min.css
Requested by: Host: www.csgowinner.com
URL: https://www.csgowinner.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.169.142.103 Lalendorf, Germany, ASN6724 (STRATO STRATO AG, DE),
Reverse DNS: h2887616.stratoserver.net
Software: Apache / PleskLin
Resource Hash: 008a1d103902f15fdb1c191fcb1ce8954330e7b8de43d09abb08555ba609f420

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csgowinner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Thu, 11 Jan 2024 12:30:50 GMT
Content-Encoding: gzip
Last-Modified: Fri, 13 May 2016 09:44:28 GMT
Server: Apache
ETag: "7187-532b61eef7700-gzip"
X-Powered-By: PleskLin
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 6666
Expires: Thu, 15 Apr 2010 20:00:00 GMT

GET
H/1.1 200
OK Germany.png
www.csgowinner.com/img/lang/ 292 B
602 B 77ms
26ms Image
image/png 81.169.142.103
STRATO STRATO AG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.csgowinner.com/img/lang/Germany.png
Requested by: Host: www.csgowinner.com
URL: https://www.csgowinner.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.169.142.103 Lalendorf, Germany, ASN6724 (STRATO STRATO AG, DE),
Reverse DNS: h2887616.stratoserver.net
Software: Apache / PleskLin
Resource Hash: d38352829ca38502cc18ecfaf0cf1e8a902b254ffaf17cc4ce4a678e89c830fa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csgowinner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Thu, 11 Jan 2024 12:30:50 GMT
Server: Apache
ETag: "124-4d76956a47900"
X-Powered-By: PleskLin
Content-Type: image/png
Cache-Control: public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 292
Expires: Thu, 15 Apr 2010 20:00:00 GMT

GET
H/1.1 200
OK United-States.png
www.csgowinner.com/img/lang/ 389 B
699 B 79ms
27ms Image
image/png 81.169.142.103
STRATO STRATO AG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.csgowinner.com/img/lang/United-States.png
Requested by: Host: www.csgowinner.com
URL: https://www.csgowinner.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.169.142.103 Lalendorf, Germany, ASN6724 (STRATO STRATO AG, DE),
Reverse DNS: h2887616.stratoserver.net
Software: Apache / PleskLin
Resource Hash: 1590f871a620b6f171f4a03b2f9b06cf25c21101d71b8a3905eb0f02f7bf86bd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csgowinner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Thu, 11 Jan 2024 12:30:50 GMT
Server: Apache
ETag: "185-4d7695a750900"
X-Powered-By: PleskLin
Content-Type: image/png
Cache-Control: public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 389
Expires: Thu, 15 Apr 2010 20:00:00 GMT

GET
H/1.1 200
OK Turkey.png
www.csgowinner.com/img/lang/ 489 B
799 B 76ms
26ms Image
image/png 81.169.142.103
STRATO STRATO AG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.csgowinner.com/img/lang/Turkey.png
Requested by: Host: www.csgowinner.com
URL: https://www.csgowinner.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.169.142.103 Lalendorf, Germany, ASN6724 (STRATO STRATO AG, DE),
Reverse DNS: h2887616.stratoserver.net
Software: Apache / PleskLin
Resource Hash: a3eb96eb32ba1e63c6c8e6931e50260c38c12d0ee0a36157144fc527c6a0b46c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csgowinner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Thu, 11 Jan 2024 12:30:50 GMT
Server: Apache
ETag: "1e9-4d7695a380000"
X-Powered-By: PleskLin
Content-Type: image/png
Cache-Control: public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 489
Expires: Thu, 15 Apr 2010 20:00:00 GMT

GET
H/1.1 200
OK Russia.png
www.csgowinner.com/img/lang/ 287 B
597 B 77ms
26ms Image
image/png 81.169.142.103
STRATO STRATO AG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.csgowinner.com/img/lang/Russia.png
Requested by: Host: www.csgowinner.com
URL: https://www.csgowinner.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.169.142.103 Lalendorf, Germany, ASN6724 (STRATO STRATO AG, DE),
Reverse DNS: h2887616.stratoserver.net
Software: Apache / PleskLin
Resource Hash: 4bfa891ddc3786bc6ad204bb6e25cfa3f70d4e2a2bd9a47d5d1354d1d13ea492

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csgowinner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Thu, 11 Jan 2024 12:30:50 GMT
Server: Apache
ETag: "11f-4d7695906d300"
X-Powered-By: PleskLin
Content-Type: image/png
Cache-Control: public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 287
Expires: Thu, 15 Apr 2010 20:00:00 GMT

GET
H/1.1 200
OK Poland.png
www.csgowinner.com/img/lang/ 290 B
600 B 53ms
27ms Image
image/png 81.169.142.103
STRATO STRATO AG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.csgowinner.com/img/lang/Poland.png
Requested by: Host: www.csgowinner.com
URL: https://www.csgowinner.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.169.142.103 Lalendorf, Germany, ASN6724 (STRATO STRATO AG, DE),
Reverse DNS: h2887616.stratoserver.net
Software: Apache / PleskLin
Resource Hash: 02eb4635a154110cef52f4b19949630a4caa6065dfae9b4eb4c2ed5f6ad017f7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csgowinner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Thu, 11 Jan 2024 12:30:50 GMT
Server: Apache
ETag: "122-4d76958e84e80"
X-Powered-By: PleskLin
Content-Type: image/png
Cache-Control: public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 290
Expires: Thu, 15 Apr 2010 20:00:00 GMT

GET
H/1.1 200
OK Netherlands.png
www.csgowinner.com/img/lang/ 295 B
604 B 46ms
26ms Image
image/png 81.169.142.103
STRATO STRATO AG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.csgowinner.com/img/lang/Netherlands.png
Requested by: Host: www.csgowinner.com
URL: https://www.csgowinner.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.169.142.103 Lalendorf, Germany, ASN6724 (STRATO STRATO AG, DE),
Reverse DNS: h2887616.stratoserver.net
Software: Apache / PleskLin
Resource Hash: 44df7cfc5c2ac696735be3dc6868464527d7532ba27c1b457bb5c8475dcc3917

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csgowinner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Thu, 11 Jan 2024 12:30:50 GMT
Server: Apache
ETag: "127-4d769584fb800"
X-Powered-By: PleskLin
Content-Type: image/png
Cache-Control: public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 295
Expires: Thu, 15 Apr 2010 20:00:00 GMT

GET
H/1.1 200
OK logo.png
www.csgowinner.com/img/ 3 KB
3 KB 47ms
27ms Image
image/png 81.169.142.103
STRATO STRATO AG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.csgowinner.com/img/logo.png
Requested by: Host: www.csgowinner.com
URL: https://www.csgowinner.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.169.142.103 Lalendorf, Germany, ASN6724 (STRATO STRATO AG, DE),
Reverse DNS: h2887616.stratoserver.net
Software: Apache / PleskLin
Resource Hash: 6ebc15f291d34f9c00142d250aeed6adbfb0c23a60766d5619d7e7488814d570

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csgowinner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Thu, 11 Jan 2024 12:30:50 GMT
Server: Apache
ETag: "c92-5359179c46f40"
X-Powered-By: PleskLin
Content-Type: image/png
Cache-Control: public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 3218
Expires: Thu, 15 Apr 2010 20:00:00 GMT

GET
H/1.1 200
OK csgoempire.png
www.csgowinner.com/img/supporter/ 7 KB
7 KB 48ms
28ms Image
image/png 81.169.142.103
STRATO STRATO AG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.csgowinner.com/img/supporter/csgoempire.png
Requested by: Host: www.csgowinner.com
URL: https://www.csgowinner.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.169.142.103 Lalendorf, Germany, ASN6724 (STRATO STRATO AG, DE),
Reverse DNS: h2887616.stratoserver.net
Software: Apache / PleskLin
Resource Hash: 9a6ba8e7f261b6df6ee177bd8acd88a5998e7b9372e25ee82f05abd02d1dffb6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csgowinner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Thu, 11 Jan 2024 12:30:50 GMT
Server: Apache
ETag: "1b30-59be76f250100"
X-Powered-By: PleskLin
Content-Type: image/png
Cache-Control: public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 6960
Expires: Thu, 15 Apr 2010 20:00:00 GMT

GET
H/1.1 200
OK csgofast.png
www.csgowinner.com/img/supporter/ 21 KB
21 KB 82ms
31ms Image
image/png 81.169.142.103
STRATO STRATO AG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.csgowinner.com/img/supporter/csgofast.png
Requested by: Host: www.csgowinner.com
URL: https://www.csgowinner.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.169.142.103 Lalendorf, Germany, ASN6724 (STRATO STRATO AG, DE),
Reverse DNS: h2887616.stratoserver.net
Software: Apache / PleskLin
Resource Hash: ffd64ed138a4765a5e50d9b4f3e1741bc96b54711f2ac6c47ba5f6ac881bae29

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csgowinner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Thu, 11 Jan 2024 12:30:50 GMT
Server: Apache
ETag: "5432-553e145011880"
X-Powered-By: PleskLin
Content-Type: image/png
Cache-Control: public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 21554
Expires: Thu, 15 Apr 2010 20:00:00 GMT

GET
H/1.1 404
Not Found 96fx96f
steamcommunity-a.akamaihd.net/economy/image// 0
2 KB 256ms
197ms Image
text/html 95.101.54.195
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://steamcommunity-a.akamaihd.net/economy/image//96fx96f

Requested by

Host: www.csgowinner.com
URL: https://www.csgowinner.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

95.101.54.195 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-54-195.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name

Value

Content-Security-Policy

default-src blob: data: https: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://community.akamai.steamstatic.com/ https://cdn.akamai.steamstatic.com/steamcommunity/public/assets/ https://api.steampowered.com/ https://recaptcha.net https://www.google.com/recaptcha/ https://www.gstatic.cn/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.youtube.com/ https://s.ytimg.com; object-src 'none'; connect-src 'self' https://community.akamai.steamstatic.com/ https://store.steampowered.com/ https://checkout.steampowered.com/ wss://community.steam-api.com/websocket/ https://api.steampowered.com/ https://login.steampowered.com/ https://help.steampowered.com/ https://*.valvesoftware.com https://*.steambeta.net https://*.steamcontent.com https://steambroadcast.akamaized.net https://steambroadcast-test.akamaized.net https://broadcast.st.dl.eccdnx.com https://lv.queniujq.cn https://steambroadcastchat.akamaized.net http://127.0.0.1:27060 ws://127.0.0.1:27060; frame-src 'self' steam: https://store.steampowered.com/ https://help.steampowered.com/ https://login.steampowered.com/ https://www.youtube.com https://www.google.com https://sketchfab.com https://player.vimeo.com https://medal.tv https://www.google.com/recaptcha/ https://recaptcha.net/recaptcha/; frame-ancestors 'self' https://steamloopback.host ;

X-Frame-Options

SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csgowinner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Security-Policy: default-src blob: data: https: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://community.akamai.steamstatic.com/ https://cdn.akamai.steamstatic.com/steamcommunity/public/assets/ https://api.steampowered.com/ https://recaptcha.net https://www.google.com/recaptcha/ https://www.gstatic.cn/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.youtube.com/ https://s.ytimg.com; object-src 'none'; connect-src 'self' https://community.akamai.steamstatic.com/ https://store.steampowered.com/ https://checkout.steampowered.com/ wss://community.steam-api.com/websocket/ https://api.steampowered.com/ https://login.steampowered.com/ https://help.steampowered.com/ https://*.valvesoftware.com https://*.steambeta.net https://*.steamcontent.com https://steambroadcast.akamaized.net https://steambroadcast-test.akamaized.net https://broadcast.st.dl.eccdnx.com https://lv.queniujq.cn https://steambroadcastchat.akamaized.net http://127.0.0.1:27060 ws://127.0.0.1:27060; frame-src 'self' steam: https://store.steampowered.com/ https://help.steampowered.com/ https://login.steampowered.com/ https://www.youtube.com https://www.google.com https://sketchfab.com https://player.vimeo.com https://medal.tv https://www.google.com/recaptcha/ https://recaptcha.net/recaptcha/; frame-ancestors 'self' https://steamloopback.host ;
Content-Encoding: gzip
Date: Thu, 11 Jan 2024 12:30:50 GMT
Last-Modified: Fri, 01 Jan 2010 00:00:00 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=60
Connection: keep-alive
Content-Length: 20
Expires: Thu, 11 Jan 2024 12:31:50 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 149 KB
51 KB 130ms
108ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.csgowinner.com
URL: https://www.csgowinner.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3a1ad5ad2b168fb2aa8a1b871e1b7cfc08905ff7a7d92bbeb5399642858421e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csgowinner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 12:30:50 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51596
x-xss-protection: 0
server: cafe
etag: 8720704727041180108
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 11 Jan 2024 12:30:50 GMT

GET
H/1.1 200
OK csgoempire_logo.png
www.csgowinner.com/images/logo/ 7 KB
7 KB 74ms
29ms Image
image/png 81.169.142.103
STRATO STRATO AG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.csgowinner.com/images/logo/csgoempire_logo.png
Requested by: Host: www.csgowinner.com
URL: https://www.csgowinner.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.169.142.103 Lalendorf, Germany, ASN6724 (STRATO STRATO AG, DE),
Reverse DNS: h2887616.stratoserver.net
Software: Apache / PleskLin
Resource Hash: 0f38d474df76c934e63f0795a86afc2c0f43fa7f68f71f0a8dbecde5cc407fde

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csgowinner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Thu, 11 Jan 2024 12:30:50 GMT
Server: Apache
ETag: "1a70-5b9081706a62d"
X-Powered-By: PleskLin
Content-Type: image/png
Cache-Control: public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 6768
Expires: Thu, 15 Apr 2010 20:00:00 GMT

GET
H/1.1 200
OK csgoempire_com_screenshot.png
www.csgowinner.com/images/preview/ 48 KB
48 KB 27ms
27ms Image
image/png 81.169.142.103
STRATO STRATO AG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.csgowinner.com/images/preview/csgoempire_com_screenshot.png
Requested by: Host: www.csgowinner.com
URL: https://www.csgowinner.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.169.142.103 Lalendorf, Germany, ASN6724 (STRATO STRATO AG, DE),
Reverse DNS: h2887616.stratoserver.net
Software: Apache / PleskLin
Resource Hash: 46fca5bc03de756ba3e8dd391fbc426e997ad3e4ec25b5d4d558097fb36fd6c8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csgowinner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Thu, 11 Jan 2024 12:30:50 GMT
Server: Apache
ETag: "bfd0-5b908170824fd"
X-Powered-By: PleskLin
Content-Type: image/png
Cache-Control: public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 49104
Expires: Thu, 15 Apr 2010 20:00:00 GMT

GET
H/1.1 200
OK csgofast.png
www.csgowinner.com/images/logo/ 6 KB
6 KB 182ms
26ms Image
image/png 81.169.142.103
STRATO STRATO AG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.csgowinner.com/images/logo/csgofast.png
Requested by: Host: www.csgowinner.com
URL: https://www.csgowinner.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.169.142.103 Lalendorf, Germany, ASN6724 (STRATO STRATO AG, DE),
Reverse DNS: h2887616.stratoserver.net
Software: Apache / PleskLin
Resource Hash: 8c287fb55c8e47837e5db868c506af289a781e0e23e26542a54bab953fc1ffb2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csgowinner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Thu, 11 Jan 2024 12:30:50 GMT
Server: Apache
ETag: "1653-54c0464c89380"
X-Powered-By: PleskLin
Content-Type: image/png
Cache-Control: public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 5715
Expires: Thu, 15 Apr 2010 20:00:00 GMT

GET
H/1.1 200
OK csgofast_match_betting_classic_jackpot.png
www.csgowinner.com/images/preview/ 52 KB
52 KB 27ms
27ms Image
image/png 81.169.142.103
STRATO STRATO AG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.csgowinner.com/images/preview/csgofast_match_betting_classic_jackpot.png
Requested by: Host: www.csgowinner.com
URL: https://www.csgowinner.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.169.142.103 Lalendorf, Germany, ASN6724 (STRATO STRATO AG, DE),
Reverse DNS: h2887616.stratoserver.net
Software: Apache / PleskLin
Resource Hash: f6b74ce0132ebbc0b21b93fd3e33e3654d4b6c64d77a8ed8eb972a823c9f3595

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csgowinner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Thu, 11 Jan 2024 12:30:50 GMT
Server: Apache
ETag: "d066-540427f75d080"
X-Powered-By: PleskLin
Content-Type: image/png
Cache-Control: public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 53350
Expires: Thu, 15 Apr 2010 20:00:00 GMT

GET
H/1.1 200
OK csgoroll_com.png
www.csgowinner.com/images/logo/ 27 KB
28 KB 105ms
29ms Image
image/png 81.169.142.103
STRATO STRATO AG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.csgowinner.com/images/logo/csgoroll_com.png
Requested by: Host: www.csgowinner.com
URL: https://www.csgowinner.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.169.142.103 Lalendorf, Germany, ASN6724 (STRATO STRATO AG, DE),
Reverse DNS: h2887616.stratoserver.net
Software: Apache / PleskLin
Resource Hash: 03dc6d2ed3949907c7c3a4e9bec2450fe8f54fcd4e809e5b9f52ad10e63f4899

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csgowinner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Thu, 11 Jan 2024 12:30:50 GMT
Server: Apache
ETag: "6da4-54042803c2dc0"
X-Powered-By: PleskLin
Content-Type: image/png
Cache-Control: public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 28068
Expires: Thu, 15 Apr 2010 20:00:00 GMT

GET
H/1.1 200
OK CS_GO_Roll_crash_game.png
www.csgowinner.com/images/preview/ 35 KB
35 KB 26ms
26ms Image
image/png 81.169.142.103
STRATO STRATO AG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.csgowinner.com/images/preview/CS_GO_Roll_crash_game.png
Requested by: Host: www.csgowinner.com
URL: https://www.csgowinner.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.169.142.103 Lalendorf, Germany, ASN6724 (STRATO STRATO AG, DE),
Reverse DNS: h2887616.stratoserver.net
Software: Apache / PleskLin
Resource Hash: b27e8bedcc2d6768e063b1e560eac8588c5289b386f0044957d7f9b4e0dee063

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csgowinner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Thu, 11 Jan 2024 12:30:50 GMT
Server: Apache
ETag: "8a62-54044bf00ae80"
X-Powered-By: PleskLin
Content-Type: image/png
Cache-Control: public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 35426
Expires: Thu, 15 Apr 2010 20:00:00 GMT

GET
H/1.1 200
OK csgo500com.png
www.csgowinner.com/images/logo/ 2 KB
2 KB 105ms
28ms Image
image/png 81.169.142.103
STRATO STRATO AG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.csgowinner.com/images/logo/csgo500com.png
Requested by: Host: www.csgowinner.com
URL: https://www.csgowinner.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.169.142.103 Lalendorf, Germany, ASN6724 (STRATO STRATO AG, DE),
Reverse DNS: h2887616.stratoserver.net
Software: Apache / PleskLin
Resource Hash: fb95b15a656443132dc0d73391a091f5226fda25d4f196708f5d6387b4dedf96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csgowinner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Thu, 11 Jan 2024 12:30:50 GMT
Server: Apache
ETag: "665-54c0464c89380"
X-Powered-By: PleskLin
Content-Type: image/png
Cache-Control: public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 1637
Expires: Thu, 15 Apr 2010 20:00:00 GMT

GET
H/1.1 200
OK csgo500_com.png
www.csgowinner.com/images/preview/ 26 KB
26 KB 27ms
27ms Image
image/png 81.169.142.103
STRATO STRATO AG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.csgowinner.com/images/preview/csgo500_com.png
Requested by: Host: www.csgowinner.com
URL: https://www.csgowinner.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.169.142.103 Lalendorf, Germany, ASN6724 (STRATO STRATO AG, DE),
Reverse DNS: h2887616.stratoserver.net
Software: Apache / PleskLin
Resource Hash: 8cbbe56157eeb0b9eb02e18ac9a725364a4e49507f9097f3be666ddc608cae2f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csgowinner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Thu, 11 Jan 2024 12:30:50 GMT
Server: Apache
ETag: "68c3-54044bc42c700"
X-Powered-By: PleskLin
Content-Type: image/png
Cache-Control: public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=91
Content-Length: 26819
Expires: Thu, 15 Apr 2010 20:00:00 GMT

GET
H/1.1 200
OK csgopositive_com.png
www.csgowinner.com/images/logo/ 34 KB
34 KB 161ms
26ms Image
image/png 81.169.142.103
STRATO STRATO AG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.csgowinner.com/images/logo/csgopositive_com.png
Requested by: Host: www.csgowinner.com
URL: https://www.csgowinner.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.169.142.103 Lalendorf, Germany, ASN6724 (STRATO STRATO AG, DE),
Reverse DNS: h2887616.stratoserver.net
Software: Apache / PleskLin
Resource Hash: d77952a0a550490748d0a1fd6d8678f55d975c49393036e0383cdda47de30115

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csgowinner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Thu, 11 Jan 2024 12:30:50 GMT
Server: Apache
ETag: "87b4-5546392af22c0"
X-Powered-By: PleskLin
Content-Type: image/png
Cache-Control: public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Content-Length: 34740
Expires: Thu, 15 Apr 2010 20:00:00 GMT

GET
H/1.1 200
OK csgopositive_com.png
www.csgowinner.com/images/preview/ 33 KB
33 KB 27ms
26ms Image
image/png 81.169.142.103
STRATO STRATO AG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.csgowinner.com/images/preview/csgopositive_com.png
Requested by: Host: www.csgowinner.com
URL: https://www.csgowinner.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.169.142.103 Lalendorf, Germany, ASN6724 (STRATO STRATO AG, DE),
Reverse DNS: h2887616.stratoserver.net
Software: Apache / PleskLin
Resource Hash: b4320212081e66aa38a7db937e407fb3a160f0facde884ac6b4edac60e01c581

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csgowinner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Thu, 11 Jan 2024 12:30:50 GMT
Server: Apache
ETag: "8422-554708987c500"
X-Powered-By: PleskLin
Content-Type: image/png
Cache-Control: public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 33826
Expires: Thu, 15 Apr 2010 20:00:00 GMT

GET
H/1.1 200
OK csgopolygoncom.png
www.csgowinner.com/images/logo/ 7 KB
7 KB 186ms
26ms Image
image/png 81.169.142.103
STRATO STRATO AG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.csgowinner.com/images/logo/csgopolygoncom.png
Requested by: Host: www.csgowinner.com
URL: https://www.csgowinner.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.169.142.103 Lalendorf, Germany, ASN6724 (STRATO STRATO AG, DE),
Reverse DNS: h2887616.stratoserver.net
Software: Apache / PleskLin
Resource Hash: b3e6114f446c5024498df5f4d31c11906c1f544fd345a952b48c947f1340d7e7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csgowinner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Thu, 11 Jan 2024 12:30:50 GMT
Server: Apache
ETag: "1bc9-540427f668e40"
X-Powered-By: PleskLin
Content-Type: image/png
Cache-Control: public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 7113
Expires: Thu, 15 Apr 2010 20:00:00 GMT

GET
H/1.1 200
OK csgopolygon_com_screenshot_2020.png
www.csgowinner.com/images/preview/ 39 KB
39 KB 27ms
27ms Image
image/png 81.169.142.103
STRATO STRATO AG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.csgowinner.com/images/preview/csgopolygon_com_screenshot_2020.png
Requested by: Host: www.csgowinner.com
URL: https://www.csgowinner.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.169.142.103 Lalendorf, Germany, ASN6724 (STRATO STRATO AG, DE),
Reverse DNS: h2887616.stratoserver.net
Software: Apache / PleskLin
Resource Hash: 5d19ee104570129d5d62a2abe03a575e24fb2065f47e397e1cac255ce9a705e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csgowinner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Thu, 11 Jan 2024 12:30:50 GMT
Server: Apache
ETag: "9bf4-5b908120452cd"
X-Powered-By: PleskLin
Content-Type: image/png
Cache-Control: public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 39924
Expires: Thu, 15 Apr 2010 20:00:00 GMT

GET
H/1.1 200
OK csgohowlus.png
www.csgowinner.com/images/logo/ 2 KB
3 KB 74ms
30ms Image
image/png 81.169.142.103
STRATO STRATO AG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.csgowinner.com/images/logo/csgohowlus.png
Requested by: Host: www.csgowinner.com
URL: https://www.csgowinner.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.169.142.103 Lalendorf, Germany, ASN6724 (STRATO STRATO AG, DE),
Reverse DNS: h2887616.stratoserver.net
Software: Apache / PleskLin
Resource Hash: 777ec37f18f4f6b8b25a28728580c4eab8b3b87a62305e67cc2da8ec33de36b2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csgowinner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Thu, 11 Jan 2024 12:30:50 GMT
Server: Apache
ETag: "916-54c0464c89380"
X-Powered-By: PleskLin
Content-Type: image/png
Cache-Control: public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 2326
Expires: Thu, 15 Apr 2010 20:00:00 GMT

GET
H/1.1 200
OK csgohowl_us.png
www.csgowinner.com/images/preview/ 24 KB
24 KB 26ms
26ms Image
image/png 81.169.142.103
STRATO STRATO AG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.csgowinner.com/images/preview/csgohowl_us.png
Requested by: Host: www.csgowinner.com
URL: https://www.csgowinner.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.169.142.103 Lalendorf, Germany, ASN6724 (STRATO STRATO AG, DE),
Reverse DNS: h2887616.stratoserver.net
Software: Apache / PleskLin
Resource Hash: 20d23c9cce0d600760903a969ae1dca144537dc1aec81a644cb50abdb90275f6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csgowinner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Thu, 11 Jan 2024 12:30:50 GMT
Server: Apache
ETag: "5edb-540428744b740"
X-Powered-By: PleskLin
Content-Type: image/png
Cache-Control: public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Content-Length: 24283
Expires: Thu, 15 Apr 2010 20:00:00 GMT

GET
H/1.1 200
OK rollbit_logo.png
www.csgowinner.com/images/logo/ 4 KB
4 KB 176ms
26ms Image
image/png 81.169.142.103
STRATO STRATO AG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.csgowinner.com/images/logo/rollbit_logo.png
Requested by: Host: www.csgowinner.com
URL: https://www.csgowinner.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.169.142.103 Lalendorf, Germany, ASN6724 (STRATO STRATO AG, DE),
Reverse DNS: h2887616.stratoserver.net
Software: Apache / PleskLin
Resource Hash: 199d9e9059d6b7b70055caaca073e2baae78d8d60e65e7e8122eb90092eec713

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csgowinner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Thu, 11 Jan 2024 12:30:50 GMT
Server: Apache
ETag: "1078-5a54b902494c0"
X-Powered-By: PleskLin
Content-Type: image/png
Cache-Control: public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 4216
Expires: Thu, 15 Apr 2010 20:00:00 GMT

GET
H/1.1 200
OK rollbit_screenshot.png
www.csgowinner.com/images/preview/ 36 KB
36 KB 27ms
26ms Image
image/png 81.169.142.103
STRATO STRATO AG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.csgowinner.com/images/preview/rollbit_screenshot.png
Requested by: Host: www.csgowinner.com
URL: https://www.csgowinner.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.169.142.103 Lalendorf, Germany, ASN6724 (STRATO STRATO AG, DE),
Reverse DNS: h2887616.stratoserver.net
Software: Apache / PleskLin
Resource Hash: 0cab69b0150e4b5fd510f5aa6f9523e2f9c9e861c80d8049e43ee4c866eea99e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csgowinner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Thu, 11 Jan 2024 12:30:50 GMT
Server: Apache
ETag: "9013-5a54b902494c0"
X-Powered-By: PleskLin
Content-Type: image/png
Cache-Control: public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Content-Length: 36883
Expires: Thu, 15 Apr 2010 20:00:00 GMT

GET
H/1.1 200
OK gamdom-logo.png
www.csgowinner.com/images/logo/ 3 KB
3 KB 158ms
27ms Image
image/png 81.169.142.103
STRATO STRATO AG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.csgowinner.com/images/logo/gamdom-logo.png
Requested by: Host: www.csgowinner.com
URL: https://www.csgowinner.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.169.142.103 Lalendorf, Germany, ASN6724 (STRATO STRATO AG, DE),
Reverse DNS: h2887616.stratoserver.net
Software: Apache / PleskLin
Resource Hash: 63e7fd3b97891f08d6f1c202a08a08dad5ba1f863e8a2ccc61e0bfaca9a63104

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csgowinner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Thu, 11 Jan 2024 12:30:50 GMT
Server: Apache
ETag: "af2-5b9087e3510ce"
X-Powered-By: PleskLin
Content-Type: image/png
Cache-Control: public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 2802
Expires: Thu, 15 Apr 2010 20:00:00 GMT

GET
H/1.1 200
OK gamdom-screenshot.png
www.csgowinner.com/images/preview/ 54 KB
54 KB 27ms
27ms Image
image/png 81.169.142.103
STRATO STRATO AG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.csgowinner.com/images/preview/gamdom-screenshot.png
Requested by: Host: www.csgowinner.com
URL: https://www.csgowinner.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.169.142.103 Lalendorf, Germany, ASN6724 (STRATO STRATO AG, DE),
Reverse DNS: h2887616.stratoserver.net
Software: Apache / PleskLin
Resource Hash: 5da155d3ca2f5e066f6e0a45f3f9d08bbfbabe037e522642436fa2c9174f3822

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csgowinner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Thu, 11 Jan 2024 12:30:50 GMT
Server: Apache
ETag: "d7e5-5b90862e6d9e3"
X-Powered-By: PleskLin
Content-Type: image/png
Cache-Control: public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=90
Content-Length: 55269
Expires: Thu, 15 Apr 2010 20:00:00 GMT

GET
H/1.1 200
OK sclash_gg_logo.png
www.csgowinner.com/images/logo/ 6 KB
7 KB 149ms
28ms Image
image/png 81.169.142.103
STRATO STRATO AG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.csgowinner.com/images/logo/sclash_gg_logo.png
Requested by: Host: www.csgowinner.com
URL: https://www.csgowinner.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.169.142.103 Lalendorf, Germany, ASN6724 (STRATO STRATO AG, DE),
Reverse DNS: h2887616.stratoserver.net
Software: Apache / PleskLin
Resource Hash: 44254363fc2f102b3bf465aebcc45c1f02e2be3ac27791865be1060c00bd59b3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csgowinner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Thu, 11 Jan 2024 12:30:50 GMT
Server: Apache
ETag: "1990-5feac07c64f9f"
X-Powered-By: PleskLin
Content-Type: image/png
Cache-Control: public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 6544
Expires: Thu, 15 Apr 2010 20:00:00 GMT

GET
H/1.1 200
OK sclash_gg_screenshot.png
www.csgowinner.com/images/preview/ 54 KB
54 KB 29ms
27ms Image
image/png 81.169.142.103
STRATO STRATO AG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.csgowinner.com/images/preview/sclash_gg_screenshot.png
Requested by: Host: www.csgowinner.com
URL: https://www.csgowinner.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.169.142.103 Lalendorf, Germany, ASN6724 (STRATO STRATO AG, DE),
Reverse DNS: h2887616.stratoserver.net
Software: Apache / PleskLin
Resource Hash: 1f765c8e2fccb3263555175fc73f5fc13f8157d5ac04190f942bff8baf143f16

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csgowinner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Thu, 11 Jan 2024 12:30:50 GMT
Server: Apache
ETag: "d672-5feac07ca2801"
X-Powered-By: PleskLin
Content-Type: image/png
Cache-Control: public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Content-Length: 54898
Expires: Thu, 15 Apr 2010 20:00:00 GMT

GET
H/1.1 200
OK rustix_logo.png
www.csgowinner.com/images/logo/ 6 KB
6 KB 134ms
26ms Image
image/png 81.169.142.103
STRATO STRATO AG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.csgowinner.com/images/logo/rustix_logo.png
Requested by: Host: www.csgowinner.com
URL: https://www.csgowinner.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.169.142.103 Lalendorf, Germany, ASN6724 (STRATO STRATO AG, DE),
Reverse DNS: h2887616.stratoserver.net
Software: Apache / PleskLin
Resource Hash: e4aa77873ae0f5d483f306952bfe612d98e16ef913f31c4b0673929ef86b1c65

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csgowinner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Thu, 11 Jan 2024 12:30:50 GMT
Server: Apache
ETag: "16ce-5feac1ac74451"
X-Powered-By: PleskLin
Content-Type: image/png
Cache-Control: public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 5838
Expires: Thu, 15 Apr 2010 20:00:00 GMT

GET
H/1.1 200
OK rustix_screenshot.png
www.csgowinner.com/images/preview/ 32 KB
32 KB 26ms
26ms Image
image/png 81.169.142.103
STRATO STRATO AG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.csgowinner.com/images/preview/rustix_screenshot.png
Requested by: Host: www.csgowinner.com
URL: https://www.csgowinner.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.169.142.103 Lalendorf, Germany, ASN6724 (STRATO STRATO AG, DE),
Reverse DNS: h2887616.stratoserver.net
Software: Apache / PleskLin
Resource Hash: ab1a28b09c89595ba0f4b502bf4b905df55f92ea5cac6445ae84052ae3c8b1da

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csgowinner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Thu, 11 Jan 2024 12:30:50 GMT
Server: Apache
ETag: "7f63-5feac1acb5f1b"
X-Powered-By: PleskLin
Content-Type: image/png
Cache-Control: public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 32611
Expires: Thu, 15 Apr 2010 20:00:00 GMT

GET
H/1.1 200
OK insane_gg_logo.png
www.csgowinner.com/images/logo/ 6 KB
6 KB 73ms
28ms Image
image/png 81.169.142.103
STRATO STRATO AG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.csgowinner.com/images/logo/insane_gg_logo.png
Requested by: Host: www.csgowinner.com
URL: https://www.csgowinner.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.169.142.103 Lalendorf, Germany, ASN6724 (STRATO STRATO AG, DE),
Reverse DNS: h2887616.stratoserver.net
Software: Apache / PleskLin
Resource Hash: 5ab68e592ac2d966e7007a776edf0ad97d7b3bc8b60ab1347441ab0513720cf7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csgowinner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Thu, 11 Jan 2024 12:30:50 GMT
Server: Apache
ETag: "1879-5feac3c098be6"
X-Powered-By: PleskLin
Content-Type: image/png
Cache-Control: public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 6265
Expires: Thu, 15 Apr 2010 20:00:00 GMT

GET
H/1.1 200
OK insane_gg_screenshot.png
www.csgowinner.com/images/preview/ 60 KB
61 KB 27ms
27ms Image
image/png 81.169.142.103
STRATO STRATO AG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.csgowinner.com/images/preview/insane_gg_screenshot.png
Requested by: Host: www.csgowinner.com
URL: https://www.csgowinner.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.169.142.103 Lalendorf, Germany, ASN6724 (STRATO STRATO AG, DE),
Reverse DNS: h2887616.stratoserver.net
Software: Apache / PleskLin
Resource Hash: 9b4979df8bfc20adf5e598bfbd458bc75e31b4158b8bd4be5ce0efac6ecc9497

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csgowinner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Thu, 11 Jan 2024 12:30:50 GMT
Server: Apache
ETag: "f12f-5feac3c0f3139"
X-Powered-By: PleskLin
Content-Type: image/png
Cache-Control: public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=92
Content-Length: 61743
Expires: Thu, 15 Apr 2010 20:00:00 GMT

GET
H/1.1 200
OK farmskins_com.png
www.csgowinner.com/images/logo/ 37 KB
37 KB 104ms
28ms Image
image/png 81.169.142.103
STRATO STRATO AG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.csgowinner.com/images/logo/farmskins_com.png
Requested by: Host: www.csgowinner.com
URL: https://www.csgowinner.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.169.142.103 Lalendorf, Germany, ASN6724 (STRATO STRATO AG, DE),
Reverse DNS: h2887616.stratoserver.net
Software: Apache / PleskLin
Resource Hash: 4739c37317987b888b06374bdf8ff0171d30618629a434f6f825a5669c343c1d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csgowinner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Thu, 11 Jan 2024 12:30:50 GMT
Server: Apache
ETag: "92a4-54bf1e83bfbc0"
X-Powered-By: PleskLin
Content-Type: image/png
Cache-Control: public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 37540
Expires: Thu, 15 Apr 2010 20:00:00 GMT

GET
H/1.1 200
OK farmskins_com_case_opening.png
www.csgowinner.com/images/preview/ 49 KB
49 KB 27ms
27ms Image
image/png 81.169.142.103
STRATO STRATO AG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.csgowinner.com/images/preview/farmskins_com_case_opening.png
Requested by: Host: www.csgowinner.com
URL: https://www.csgowinner.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.169.142.103 Lalendorf, Germany, ASN6724 (STRATO STRATO AG, DE),
Reverse DNS: h2887616.stratoserver.net
Software: Apache / PleskLin
Resource Hash: ea63ce1b2a485b9800aa531b2ce16ee49c4bc14aa78ca725ccde2f9488c54725

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csgowinner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Thu, 11 Jan 2024 12:30:50 GMT
Server: Apache
ETag: "c31c-54bf1e82cb980"
X-Powered-By: PleskLin
Content-Type: image/png
Cache-Control: public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Content-Length: 49948
Expires: Thu, 15 Apr 2010 20:00:00 GMT

GET
H/1.1 200
OK hellcase_com.png
www.csgowinner.com/images/logo/ 11 KB
11 KB 159ms
27ms Image
image/png 81.169.142.103
STRATO STRATO AG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.csgowinner.com/images/logo/hellcase_com.png
Requested by: Host: www.csgowinner.com
URL: https://www.csgowinner.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.169.142.103 Lalendorf, Germany, ASN6724 (STRATO STRATO AG, DE),
Reverse DNS: h2887616.stratoserver.net
Software: Apache / PleskLin
Resource Hash: a6bc36e79ba0dab4e04ba487397f07627e0236e281f550a1022c291b406ed859

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csgowinner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Thu, 11 Jan 2024 12:30:50 GMT
Server: Apache
ETag: "2bff-5404281d82a80"
X-Powered-By: PleskLin
Content-Type: image/png
Cache-Control: public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 11263
Expires: Thu, 15 Apr 2010 20:00:00 GMT

GET
H/1.1 200
OK HELLCASE_open_cases_CS_GO.png
www.csgowinner.com/images/preview/ 46 KB
47 KB 26ms
26ms Image
image/png 81.169.142.103
STRATO STRATO AG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.csgowinner.com/images/preview/HELLCASE_open_cases_CS_GO.png
Requested by: Host: www.csgowinner.com
URL: https://www.csgowinner.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.169.142.103 Lalendorf, Germany, ASN6724 (STRATO STRATO AG, DE),
Reverse DNS: h2887616.stratoserver.net
Software: Apache / PleskLin
Resource Hash: c69de2ade9274cb24e61b4b229e5671c3ba96cb4dc3a74532bb67f334ced6eae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csgowinner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Thu, 11 Jan 2024 12:30:50 GMT
Server: Apache
ETag: "b967-54044bf1f3300"
X-Powered-By: PleskLin
Content-Type: image/png
Cache-Control: public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=89
Content-Length: 47463
Expires: Thu, 15 Apr 2010 20:00:00 GMT

GET
H/1.1 200
OK cs_money.png
www.csgowinner.com/images/logo/ 793 B
1 KB 120ms
28ms Image
image/png 81.169.142.103
STRATO STRATO AG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.csgowinner.com/images/logo/cs_money.png
Requested by: Host: www.csgowinner.com
URL: https://www.csgowinner.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.169.142.103 Lalendorf, Germany, ASN6724 (STRATO STRATO AG, DE),
Reverse DNS: h2887616.stratoserver.net
Software: Apache / PleskLin
Resource Hash: db79517b7a05edf295f973e5edf5685c8c7c625c713ffc14c9221d58bd8e24da

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csgowinner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Thu, 11 Jan 2024 12:30:50 GMT
Server: Apache
ETag: "319-54c0464c89380"
X-Powered-By: PleskLin
Content-Type: image/png
Cache-Control: public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 793
Expires: Thu, 15 Apr 2010 20:00:00 GMT

GET
H/1.1 200
OK CS.MONEY_CS_GO_Trading_Bot.png
www.csgowinner.com/images/preview/ 45 KB
45 KB 27ms
27ms Image
image/png 81.169.142.103
STRATO STRATO AG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.csgowinner.com/images/preview/CS.MONEY_CS_GO_Trading_Bot.png
Requested by: Host: www.csgowinner.com
URL: https://www.csgowinner.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.169.142.103 Lalendorf, Germany, ASN6724 (STRATO STRATO AG, DE),
Reverse DNS: h2887616.stratoserver.net
Software: Apache / PleskLin
Resource Hash: 1d2ebef5cb88188e11bc1278256887405a23560e31c797fe3054f1beeb4a3ce8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csgowinner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Thu, 11 Jan 2024 12:30:50 GMT
Server: Apache
ETag: "b3f7-54044bf0ff0c0"
X-Powered-By: PleskLin
Content-Type: image/png
Cache-Control: public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=92
Content-Length: 46071
Expires: Thu, 15 Apr 2010 20:00:00 GMT

GET
H/1.1 200
OK datdrop_com_logo.png
www.csgowinner.com/images/logo/ 33 KB
33 KB 155ms
26ms Image
image/png 81.169.142.103
STRATO STRATO AG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.csgowinner.com/images/logo/datdrop_com_logo.png
Requested by: Host: www.csgowinner.com
URL: https://www.csgowinner.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.169.142.103 Lalendorf, Germany, ASN6724 (STRATO STRATO AG, DE),
Reverse DNS: h2887616.stratoserver.net
Software: Apache / PleskLin
Resource Hash: 76271d26de2ef4a92554784dbd313ff18c2351aeca003204a110fcd7ebe31cd8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csgowinner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Thu, 11 Jan 2024 12:30:50 GMT
Server: Apache
ETag: "820b-55f4949534ac0"
X-Powered-By: PleskLin
Content-Type: image/png
Cache-Control: public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 33291
Expires: Thu, 15 Apr 2010 20:00:00 GMT

GET
H/1.1 200
OK datdrop_com.png
www.csgowinner.com/images/preview/ 39 KB
40 KB 26ms
26ms Image
image/png 81.169.142.103
STRATO STRATO AG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.csgowinner.com/images/preview/datdrop_com.png
Requested by: Host: www.csgowinner.com
URL: https://www.csgowinner.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.169.142.103 Lalendorf, Germany, ASN6724 (STRATO STRATO AG, DE),
Reverse DNS: h2887616.stratoserver.net
Software: Apache / PleskLin
Resource Hash: e100674ed0fd5275a2cabb99db8e14c19e89f9010b5da60e4c6784c2b0e522be

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csgowinner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Thu, 11 Jan 2024 12:30:50 GMT
Server: Apache
ETag: "9ce5-55f4949534ac0"
X-Powered-By: PleskLin
Content-Type: image/png
Cache-Control: public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=92
Content-Length: 40165
Expires: Thu, 15 Apr 2010 20:00:00 GMT

GET
H/1.1 200
OK pvpro_com.png
www.csgowinner.com/images/logo/ 14 KB
14 KB 187ms
27ms Image
image/png 81.169.142.103
STRATO STRATO AG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.csgowinner.com/images/logo/pvpro_com.png
Requested by: Host: www.csgowinner.com
URL: https://www.csgowinner.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.169.142.103 Lalendorf, Germany, ASN6724 (STRATO STRATO AG, DE),
Reverse DNS: h2887616.stratoserver.net
Software: Apache / PleskLin
Resource Hash: cdad555a81d211db7836ba1f6d36e6cd1e3431a247a8ea5d61ebcfc4573d647e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csgowinner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Thu, 11 Jan 2024 12:30:50 GMT
Server: Apache
ETag: "3621-54042803c2dc0"
X-Powered-By: PleskLin
Content-Type: image/png
Cache-Control: public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 13857
Expires: Thu, 15 Apr 2010 20:00:00 GMT

GET
H/1.1 200
OK PvPRO_CSGO_1vs1_games.png
www.csgowinner.com/images/preview/ 57 KB
57 KB 28ms
28ms Image
image/png 81.169.142.103
STRATO STRATO AG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.csgowinner.com/images/preview/PvPRO_CSGO_1vs1_games.png
Requested by: Host: www.csgowinner.com
URL: https://www.csgowinner.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.169.142.103 Lalendorf, Germany, ASN6724 (STRATO STRATO AG, DE),
Reverse DNS: h2887616.stratoserver.net
Software: Apache / PleskLin
Resource Hash: 9e26ac48adcbf43b74eff0774888dde0ad05b0593295b65574e8725ff04d24d6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csgowinner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Thu, 11 Jan 2024 12:30:50 GMT
Server: Apache
ETag: "e47e-54044c1077b00"
X-Powered-By: PleskLin
Content-Type: image/png
Cache-Control: public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 58494
Expires: Thu, 15 Apr 2010 20:00:00 GMT

GET
H/1.1 200
OK csgetto_com.png
www.csgowinner.com/images/logo/ 34 KB
34 KB 103ms
26ms Image
image/png 81.169.142.103
STRATO STRATO AG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.csgowinner.com/images/logo/csgetto_com.png
Requested by: Host: www.csgowinner.com
URL: https://www.csgowinner.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.169.142.103 Lalendorf, Germany, ASN6724 (STRATO STRATO AG, DE),
Reverse DNS: h2887616.stratoserver.net
Software: Apache / PleskLin
Resource Hash: fd995724e7abb3af88abe834b55be70de1da605acf321aeb241a25326448cace

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csgowinner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Thu, 11 Jan 2024 12:30:50 GMT
Server: Apache
ETag: "8890-54c0942ff5680"
X-Powered-By: PleskLin
Content-Type: image/png
Cache-Control: public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 34960
Expires: Thu, 15 Apr 2010 20:00:00 GMT

GET
H/1.1 200
OK csgetto_com_jackpot.png
www.csgowinner.com/images/preview/ 56 KB
56 KB 27ms
27ms Image
image/png 81.169.142.103
STRATO STRATO AG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.csgowinner.com/images/preview/csgetto_com_jackpot.png
Requested by: Host: www.csgowinner.com
URL: https://www.csgowinner.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.169.142.103 Lalendorf, Germany, ASN6724 (STRATO STRATO AG, DE),
Reverse DNS: h2887616.stratoserver.net
Software: Apache / PleskLin
Resource Hash: 217c17b6cd94d35015ac89cf1c29ad469ad2cf17f1789387a9b1418da928ab00

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csgowinner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Thu, 11 Jan 2024 12:30:50 GMT
Server: Apache
ETag: "dea5-54c09430e98c0"
X-Powered-By: PleskLin
Content-Type: image/png
Cache-Control: public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=92
Content-Length: 56997
Expires: Thu, 15 Apr 2010 20:00:00 GMT

GET
H/1.1 200
OK primedice_com_logo.png
www.csgowinner.com/images/logo/ 6 KB
6 KB 174ms
26ms Image
image/png 81.169.142.103
STRATO STRATO AG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.csgowinner.com/images/logo/primedice_com_logo.png
Requested by: Host: www.csgowinner.com
URL: https://www.csgowinner.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.169.142.103 Lalendorf, Germany, ASN6724 (STRATO STRATO AG, DE),
Reverse DNS: h2887616.stratoserver.net
Software: Apache / PleskLin
Resource Hash: 44f4aee0d1453ce449f0face3ffe70707fbb83bce3c653d4faa339339b7c621a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csgowinner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Thu, 11 Jan 2024 12:30:50 GMT
Server: Apache
ETag: "1644-57f0ba3eadfc0"
X-Powered-By: PleskLin
Content-Type: image/png
Cache-Control: public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 5700
Expires: Thu, 15 Apr 2010 20:00:00 GMT

GET
H/1.1 200
OK primedice_com_screen.png
www.csgowinner.com/images/preview/ 21 KB
22 KB 26ms
26ms Image
image/png 81.169.142.103
STRATO STRATO AG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.csgowinner.com/images/preview/primedice_com_screen.png
Requested by: Host: www.csgowinner.com
URL: https://www.csgowinner.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.169.142.103 Lalendorf, Germany, ASN6724 (STRATO STRATO AG, DE),
Reverse DNS: h2887616.stratoserver.net
Software: Apache / PleskLin
Resource Hash: 36ea03ae73d9ba9883ed8420c796d7661df4846a17aadae944941716dc97c07b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csgowinner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Thu, 11 Jan 2024 12:30:50 GMT
Server: Apache
ETag: "54d7-57f0ba3fa2200"
X-Powered-By: PleskLin
Content-Type: image/png
Cache-Control: public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=91
Content-Length: 21719
Expires: Thu, 15 Apr 2010 20:00:00 GMT

GET
H/1.1 200
OK roobet_com_logo.png
www.csgowinner.com/images/logo/ 5 KB
5 KB 189ms
27ms Image
image/png 81.169.142.103
STRATO STRATO AG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.csgowinner.com/images/logo/roobet_com_logo.png
Requested by: Host: www.csgowinner.com
URL: https://www.csgowinner.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.169.142.103 Lalendorf, Germany, ASN6724 (STRATO STRATO AG, DE),
Reverse DNS: h2887616.stratoserver.net
Software: Apache / PleskLin
Resource Hash: 67d70e67f86468efb430662fb2617e2288984f995246d58cb7f8037b7d25d4d7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csgowinner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Thu, 11 Jan 2024 12:30:50 GMT
Server: Apache
ETag: "13eb-59be107102a00"
X-Powered-By: PleskLin
Content-Type: image/png
Cache-Control: public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=92
Content-Length: 5099
Expires: Thu, 15 Apr 2010 20:00:00 GMT

GET
H/1.1 200
OK roobet_com.png
www.csgowinner.com/images/preview/ 39 KB
39 KB 26ms
26ms Image
image/png 81.169.142.103
STRATO STRATO AG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.csgowinner.com/images/preview/roobet_com.png
Requested by: Host: www.csgowinner.com
URL: https://www.csgowinner.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.169.142.103 Lalendorf, Germany, ASN6724 (STRATO STRATO AG, DE),
Reverse DNS: h2887616.stratoserver.net
Software: Apache / PleskLin
Resource Hash: acde349098d7d482fff028104b7d8f87bf6593f5436a7d7e6ca3a543a8ecb131

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csgowinner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Thu, 11 Jan 2024 12:30:50 GMT
Server: Apache
ETag: "9c07-59be107102a00"
X-Powered-By: PleskLin
Content-Type: image/png
Cache-Control: public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=88
Content-Length: 39943
Expires: Thu, 15 Apr 2010 20:00:00 GMT

GET
H/1.1 200
OK jquery-3.0.0.min.js Show response
www.csgowinner.com/js/ 84 KB
30 KB 30ms
30ms Script
application/javascript 81.169.142.103
STRATO STRATO AG

General

Check archive.org

Show headers Download Go to

Full URL: https://www.csgowinner.com/js/jquery-3.0.0.min.js
Requested by: Host: www.csgowinner.com
URL: https://www.csgowinner.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.169.142.103 Lalendorf, Germany, ASN6724 (STRATO STRATO AG, DE),
Reverse DNS: h2887616.stratoserver.net
Software: Apache / PleskLin
Resource Hash: 266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csgowinner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Thu, 11 Jan 2024 12:30:50 GMT
Content-Encoding: gzip
Last-Modified: Sat, 18 Jun 2016 18:22:02 GMT
Server: Apache
ETag: "15145-535918c2f6680-gzip"
X-Powered-By: PleskLin
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 30005
Expires: Thu, 15 Apr 2010 20:00:00 GMT

GET
H/1.1 200
OK design.min.js Show response
www.csgowinner.com/js/ 1 KB
784 B 151ms
27ms Script
application/javascript 81.169.142.103
STRATO STRATO AG

General

Check archive.org

Show headers Download Go to

Full URL: https://www.csgowinner.com/js/design.min.js
Requested by: Host: www.csgowinner.com
URL: https://www.csgowinner.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.169.142.103 Lalendorf, Germany, ASN6724 (STRATO STRATO AG, DE),
Reverse DNS: h2887616.stratoserver.net
Software: Apache / PleskLin
Resource Hash: 36a084f537375d0519cc402e60b8ef780656a5acf18d7916fe2a6d2e9b6fa153

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csgowinner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Thu, 11 Jan 2024 12:30:50 GMT
Content-Encoding: gzip
Last-Modified: Thu, 30 Mar 2017 23:43:50 GMT
Server: Apache
ETag: "4fe-54bfb43cdf980-gzip"
X-Powered-By: PleskLin
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 387
Expires: Thu, 15 Apr 2010 20:00:00 GMT

GET
H/1.1 200
OK home.min.js Show response
www.csgowinner.com/js/ 2 KB
1 KB 26ms
26ms Script
application/javascript 81.169.142.103
STRATO STRATO AG

General

Check archive.org

Show headers Download Go to

Full URL: https://www.csgowinner.com/js/home.min.js
Requested by: Host: www.csgowinner.com
URL: https://www.csgowinner.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.169.142.103 Lalendorf, Germany, ASN6724 (STRATO STRATO AG, DE),
Reverse DNS: h2887616.stratoserver.net
Software: Apache / PleskLin
Resource Hash: 71636cc0df2794b439212c2c77b0aab204391926b754b69dcc779f0d83778362

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csgowinner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Thu, 11 Jan 2024 12:30:50 GMT
Content-Encoding: gzip
Last-Modified: Sun, 09 Apr 2017 15:36:04 GMT
Server: Apache
ETag: "686-54cbd9dd40100-gzip"
X-Powered-By: PleskLin
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 693
Expires: Thu, 15 Apr 2010 20:00:00 GMT

GET
H/1.1 200
OK header.png
www.csgowinner.com/img/ 222 KB
222 KB 46ms
26ms Image
image/png 81.169.142.103
STRATO STRATO AG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.csgowinner.com/img/header.png
Requested by: Host: www.csgowinner.com
URL: https://www.csgowinner.com/css/style.min.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.169.142.103 Lalendorf, Germany, ASN6724 (STRATO STRATO AG, DE),
Reverse DNS: h2887616.stratoserver.net
Software: Apache / PleskLin
Resource Hash: 80248151b5242dbf4c2291e7d6e9140d38ccefa9d2afe5bd04929ad231750ab6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csgowinner.com/css/style.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Thu, 11 Jan 2024 12:30:50 GMT
Server: Apache
ETag: "37637-535918563e600"
X-Powered-By: PleskLin
Content-Type: image/png
Cache-Control: public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 226871
Expires: Thu, 15 Apr 2010 20:00:00 GMT

GET
H/1.1 200
OK fontawesome-webfont.woff2
www.csgowinner.com/fonts/ 75 KB
76 KB 50ms
26ms Font
application/octet-stream 81.169.142.103
STRATO STRATO AG

General

Check archive.org

Show headers Download Go to

Full URL: https://www.csgowinner.com/fonts/fontawesome-webfont.woff2?v=4.6.3
Requested by: Host: www.csgowinner.com
URL: https://www.csgowinner.com/css/font-awesome.min.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.169.142.103 Lalendorf, Germany, ASN6724 (STRATO STRATO AG, DE),
Reverse DNS: h2887616.stratoserver.net
Software: Apache / PleskLin
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://www.csgowinner.com/css/font-awesome.min.css
Origin: https://www.csgowinner.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Thu, 11 Jan 2024 12:30:50 GMT
Last-Modified: Tue, 25 Oct 2016 09:38:00 GMT
Server: Apache
ETag: "12d68-53fad439fee00"
X-Powered-By: PleskLin
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 77160

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401020101/ 403 KB
136 KB 72ms
72ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1702866763462916&plah=www.csgowinner.com&bust=31080217

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e6e78a0af9d15c55b5d09fba9285f5d4e1d9d55dcd08ac1ea914e076423d098b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csgowinner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 12:30:50 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 139437
x-xss-protection: 0
server: cafe
etag: 17499376560111667099
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 11 Jan 2024 12:30:50 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240109/r20190131/ Frame CE44 9 KB
4 KB 33ms
9ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240109/r20190131/zrt_lookup_fy2021.html?hello=world

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.csgowinner.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 47388
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4173
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 10 Jan 2024 23:21:02 GMT
etag: 9219409622527106327
expires: Wed, 24 Jan 2024 23:21:02 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 29ms
7ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.csgowinner.com
URL: https://www.csgowinner.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csgowinner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 11 Jan 2024 11:22:27 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 4103
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 11 Jan 2024 13:22:27 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
223 B 14ms
14ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=864668929&t=pageview&_s=1&dl=https%3A%2F%2Fwww.csgowinner.com%2F&ul=en-us&de=UTF-8&dt=The%20biggest%20CS%3AGO%20gamble%20sites%20listing%20%7C%20CSGOWinner.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=769479750&gjid=945508428&cid=87196440.1704976251&tid=UA-75922103-1&_gid=913227435.1704976251&_r=1&_slc=1&z=2048114294

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

97fe4d79aea42c609f78ad3de0492dc9aa285e7fcb2bd9f1c06e5e1ffac2cd73

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.csgowinner.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 12:30:50 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.csgowinner.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4702 120 KB
40 KB 1050ms
1049ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1702866763462916&output=html&h=280&slotname=9683034901&adk=2356769020&adf=536986986&pi=t.ma~as.9683034901&w=1000&fwrn=4&fwrnh=100&lmt=1704976250&rafmt=1&format=1000x280&url=https%3A%2F%2Fwww.csgowinner.com%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704976250374&bpp=2&bdt=160&idt=174&shv=r20240109&mjsv=m202401020101&ptt=9&saldr=aa&abxe=1&correlator=3895014691616&frm=20&pv=2&ga_vid=87196440.1704976251&ga_sid=1704976251&ga_hid=864668929&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=300&ady=464&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079438%2C31080261%2C44809003%2C31080217%2C44807406%2C95320869%2C95320893&oid=2&pvsid=3579955393326667&tmod=1694812098&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&dtd=193

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1702866763462916&plah=www.csgowinner.com&bust=31080217

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3bc06175d6292c9a5e24f6ead52b88e82b14c80c785a218222b66d02e98f6aea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.csgowinner.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 40868
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 11 Jan 2024 12:30:51 GMT
expires: Thu, 11 Jan 2024 12:30:51 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 232 KB
82 KB 45ms
23ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-8XXKX2F00B&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

13ddc15256ba748a2b35949560db377c751900325c8298660c526df07b471b86

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csgowinner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 12:30:50 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 83851
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 11 Jan 2024 12:30:50 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 27FC 558 KB
106 KB 1354ms
1353ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1702866763462916&output=html&adk=1812271804&adf=3025194257&lmt=1704976250&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x675_l%7C188x675_r&format=0x0&url=https%3A%2F%2Fwww.csgowinner.com%2F&ea=0&pra=7&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&aslmct=0.8&asamct=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704976250490&bpp=2&bdt=276&idt=93&shv=r20240109&mjsv=m202401020101&ptt=9&saldr=aa&abxe=1&prev_fmts=1000x280&nras=1&correlator=3895014691616&frm=20&pv=1&ga_vid=87196440.1704976251&ga_sid=1704976251&ga_hid=864668929&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079438%2C31080261%2C44809003%2C31080217%2C44807406%2C95320869%2C95320893&oid=2&pvsid=3579955393326667&tmod=1694812098&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=104

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

43c00d9db036fc9d3413c9a568f74f74c9ee90164faee944260f3fb7446dc27a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.csgowinner.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 108601
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 11 Jan 2024 12:30:51 GMT
expires: Thu, 11 Jan 2024 12:30:51 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
256 B 42ms
19ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-8XXKX2F00B&gtm=45je4180v9111405220&_p=1704976250582&gcd=11l1l1l1l2&dma_cps=sypham&dma=1&ul=en-us&sr=1600x1200&cid=87196440.1704976251&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EBAI&_s=1&dl=https%3A%2F%2Fwww.csgowinner.com%2F&dt=The%20biggest%20CS%3AGO%20gamble%20sites%20listing%20%7C%20CSGOWinner.com&sid=1704976250&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=728
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8XXKX2F00B&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csgowinner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 12:30:50 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.csgowinner.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 4702 4 KB
728 B 868ms
846ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1702866763462916&output=html&h=280&slotname=9683034901&adk=2356769020&adf=536986986&pi=t.ma~as.9683034901&w=1000&fwrn=4&fwrnh=100&lmt=1704976250&rafmt=1&format=1000x280&url=https%3A%2F%2Fwww.csgowinner.com%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704976250374&bpp=2&bdt=160&idt=174&shv=r20240109&mjsv=m202401020101&ptt=9&saldr=aa&abxe=1&correlator=3895014691616&frm=20&pv=2&ga_vid=87196440.1704976251&ga_sid=1704976251&ga_hid=864668929&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=300&ady=464&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079438%2C31080261%2C44809003%2C31080217%2C44807406%2C95320869%2C95320893&oid=2&pvsid=3579955393326667&tmod=1694812098&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&dtd=193

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 11 Jan 2024 12:30:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 11 Jan 2024 12:16:02 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 11 Jan 2024 12:30:52 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/ Frame 4702 2 KB
903 B 32ms
11ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 18:11:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65982
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 24 Jan 2024 18:11:09 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/17433254192864299144/ Frame 4702 32 KB
32 KB 34ms
14ms Image
image/jpeg 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17433254192864299144/14763004658117789537?w=600&h=314&tw=1&q=75

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

26d5c30ccae7716608f10699d2c44f12fb51745b45a3162395a5a8a70cf498be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires: Wed, 08 Jan 2025 00:40:06 GMT
date: Tue, 09 Jan 2024 00:40:06 GMT
x-content-type-options: nosniff
age: 215445
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32692
x-xss-protection: 0
last-modified: Tue, 09 May 2023 09:22:00 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/15220250017186742233/ Frame 4702 5 KB
5 KB 39ms
20ms Image
image/jpeg 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15220250017186742233/14763004658117789537?w=100&h=100&tw=1&q=75

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

84c9dc56245809e7ca7a24bd4dd1068b45bb4b7fc0a6f2004c6ae844cec0bca6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires: Tue, 07 Jan 2025 20:06:56 GMT
date: Mon, 08 Jan 2024 20:06:56 GMT
x-content-type-options: nosniff
age: 231835
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4780
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 13:47:55 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/ Frame 4702 23 KB
9 KB 27ms
12ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 03:20:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33047
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9276
x-xss-protection: 0
server: cafe
etag: 3558958386372919956
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Jan 2024 03:20:04 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/ Frame 4702 3 KB
1 KB 25ms
10ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 11:12:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4715
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Jan 2024 11:12:16 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/ Frame 4702 20 KB
9 KB 23ms
8ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 09:07:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12187
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Jan 2024 09:07:44 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4702 205 KB
65 KB 43ms
21ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 12:30:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66227
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1704891455226136"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 11 Jan 2024 12:30:51 GMT

GET
H2 200 4cee352c918c506f58256258d534a665.js Show response
www.gstatic.com/mysidia/ Frame 4702 37 KB
16 KB 30ms
8ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/4cee352c918c506f58256258d534a665.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e6b20a1535a6d3ca3d7a611ae199a6f4b464e0b67b450379ed43a7ef3e66957c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 08:48:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 186149
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15452
x-xss-protection: 0
last-modified: Tue, 02 Jan 2024 22:18:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 08 Apr 2024 08:48:22 GMT

GET
DATA 200
OK truncated
/ Frame 4702 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5ff2033e74ba7554d446cf7b9bb6856e9a210c85ce50b5889a182494ba20c3df

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401020101/ 162 KB
55 KB 56ms
56ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401020101/reactive_library_fy2021.js?bust=31080217

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a079abd1a5c37ba2ffd78d0cc51a980b5287be75c7a889b102bcfdfcfe052f18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csgowinner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 12:30:51 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56264
x-xss-protection: 0
server: cafe
etag: 17903880953418386027
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 Jan 2024 12:30:51 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 52D9 134 KB
44 KB 457ms
457ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1702866763462916&output=html&h=280&adk=258842709&adf=2518345730&pi=t.aa~a.11033437~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1704976251&rafmt=1&to=qs&pwprc=9300450939&format=1200x280&url=https%3A%2F%2Fwww.csgowinner.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704976251991&bpp=1&bdt=1776&idt=-M&shv=r20240109&mjsv=m202401020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfe104226049cfe71%3AT%3D1704976250%3ART%3D1704976250%3AS%3DALNI_MZrGnYr6EWZqiO4Q1PtfY-sS12yHw&gpic=UID%3D00000d3f715d7af0%3AT%3D1704976250%3ART%3D1704976250%3AS%3DALNI_Mbed9QxZLpoY48oIrz3XlkK43V5Zw&prev_fmts=1000x280%2C0x0&nras=2&correlator=3895014691616&frm=20&pv=1&ga_vid=87196440.1704976251&ga_sid=1704976251&ga_hid=864668929&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1511&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079438%2C31080261%2C44809003%2C31080217%2C44807406%2C95320869%2C95320893&oid=2&psts=AOrYGsn3JqZ8_a_i7ZUt9PQ41sD1BwlJmQhfQv5rFpcwwD3LoDQKf0Ta2RN-Ev5qP5_1VHWHLaArZGSswvI9Iijfv1CiXg&pvsid=3579955393326667&tmod=1694812098&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ec950c4d2f322ea29f6f26a00d4a5290c73b8d65589f00a4145cb95c397dae74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.csgowinner.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 44610
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 11 Jan 2024 12:30:52 GMT
expires: Thu, 11 Jan 2024 12:30:52 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D912 430 B
232 B 292ms
292ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1702866763462916&output=html&h=90&adk=236785816&adf=3348424040&pi=t.aa~a.236152423~rp.4&w=1180&fwrn=4&fwrnh=100&lmt=1704976251&rafmt=1&to=qs&pwprc=9300450939&format=1180x90&url=https%3A%2F%2Fwww.csgowinner.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704976251991&bpp=1&bdt=1776&idt=0&shv=r20240109&mjsv=m202401020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfe104226049cfe71%3AT%3D1704976250%3ART%3D1704976250%3AS%3DALNI_MZrGnYr6EWZqiO4Q1PtfY-sS12yHw&gpic=UID%3D00000d3f715d7af0%3AT%3D1704976250%3ART%3D1704976250%3AS%3DALNI_Mbed9QxZLpoY48oIrz3XlkK43V5Zw&prev_fmts=1000x280%2C0x0%2C1200x280&nras=3&correlator=3895014691616&frm=20&pv=1&ga_vid=87196440.1704976251&ga_sid=1704976251&ga_hid=864668929&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=210&ady=2196&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079438%2C31080261%2C44809003%2C31080217%2C44807406%2C95320869%2C95320893&oid=2&psts=AOrYGsn3JqZ8_a_i7ZUt9PQ41sD1BwlJmQhfQv5rFpcwwD3LoDQKf0Ta2RN-Ev5qP5_1VHWHLaArZGSswvI9Iijfv1CiXg&pvsid=3579955393326667&tmod=1694812098&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=4

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2fee88926b9424bc1ace21c774a24827353f305b94905ba1c9ec632ccd3fcf3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.csgowinner.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 207
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 11 Jan 2024 12:30:52 GMT
expires: Thu, 11 Jan 2024 12:30:52 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/ Frame DED5 9 KB
4 KB 7ms
6ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.csgowinner.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 25515
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4173
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 11 Jan 2024 05:25:37 GMT
etag: 9219409622527106327
expires: Thu, 25 Jan 2024 05:25:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/ Frame 0ECD 9 KB
4 KB 6ms
6ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.csgowinner.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 25515
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4173
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 11 Jan 2024 05:25:37 GMT
etag: 9219409622527106327
expires: Thu, 25 Jan 2024 05:25:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/ Frame 34F1 9 KB
4 KB 6ms
6ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.csgowinner.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 25515
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4173
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 11 Jan 2024 05:25:37 GMT
etag: 9219409622527106327
expires: Thu, 25 Jan 2024 05:25:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/ Frame EB58 9 KB
4 KB 7ms
7ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.csgowinner.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 25515
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4173
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 11 Jan 2024 05:25:37 GMT
etag: 9219409622527106327
expires: Thu, 25 Jan 2024 05:25:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame DED5 4 KB
1 KB 16ms
16ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 11 Jan 2024 12:30:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 11 Jan 2024 11:42:58 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 11 Jan 2024 12:30:52 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame DED5 205 B
520 B 9ms
8ms Image
image/png 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 19:51:36 GMT
x-content-type-options: nosniff
age: 232756
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 07 Jan 2025 19:51:36 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame DED5 604 B
696 B 10ms
9ms Image
image/png 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 09:13:03 GMT
x-content-type-options: nosniff
age: 184669
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 08 Jan 2025 09:13:03 GMT

GET
H2 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/elements/html/ Frame DED5 16 KB
7 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

972f7a26f860f2f122dcf2a4c5cae616df3a4a83e0c8318a1afb824c766fb651

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 08:47:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13374
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6823
x-xss-protection: 0
server: cafe
etag: 11129212757755515379
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Jan 2024 08:47:58 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/elements/html/ Frame DED5 22 KB
9 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a519c62e734157227e61ce5209158e1b7b484b5f2b68e3ccaed1ffe444de36d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 20:31:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 57565
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9422
x-xss-protection: 0
server: cafe
etag: 10624764489894593518
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 24 Jan 2024 20:31:27 GMT

GET
H2 200 4b0ef9dfa83525e0607f42119c034d23.js Show response
www.gstatic.com/mysidia/ Frame 77C2 9 KB
4 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/4b0ef9dfa83525e0607f42119c034d23.js?tag=client_fast_engine_2019

Requested by

Host: www.csgowinner.com
URL: https://www.csgowinner.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97c530c44249746307c2b01b37eed0f53757d139bc4243798f468c71da9844da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 08:48:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 186130
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4079
x-xss-protection: 0
last-modified: Fri, 05 Jan 2024 00:56:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 08 Apr 2024 08:48:42 GMT

GET
H2 200 9e7d3f247d8b0aa5115615da07ecb571.js Show response
www.gstatic.com/mysidia/ Frame 77C2 42 KB
16 KB 15ms
13ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/9e7d3f247d8b0aa5115615da07ecb571.js?tag=html5_display_upload/html5_exit_api

Requested by

Host: www.csgowinner.com
URL: https://www.csgowinner.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

44f6db744eeb76ff8647b8791179a3f7d92e9a8a4a0e339d907b0c4b2869224c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 08:56:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 185645
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16673
x-xss-protection: 0
last-modified: Fri, 05 Jan 2024 00:56:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 08 Apr 2024 08:56:47 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/ Frame 77C2 2 KB
861 B 10ms
9ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: www.csgowinner.com
URL: https://www.csgowinner.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 18:11:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65983
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 24 Jan 2024 18:11:09 GMT

GET
H2 200 e9e356ec41155b008235c83648cb19be.js Show response
www.gstatic.com/mysidia/ Frame 77C2 23 KB
10 KB 13ms
11ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/e9e356ec41155b008235c83648cb19be.js?tag=exit_2019

Requested by

Host: www.csgowinner.com
URL: https://www.csgowinner.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d233ae3f0c2b48dc6f71e32ad7e23ba5e1d64b59af7e8d5592375d14887f3e97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 09:07:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 185015
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9775
x-xss-protection: 0
last-modified: Fri, 05 Jan 2024 00:56:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 08 Apr 2024 09:07:17 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/ Frame 77C2 23 KB
9 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/abg_lite_fy2021.js

Requested by

Host: www.csgowinner.com
URL: https://www.csgowinner.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 03:20:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33048
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9276
x-xss-protection: 0
server: cafe
etag: 3558958386372919956
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Jan 2024 03:20:04 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/ Frame 77C2 3 KB
1 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/window_focus_fy2021.js

Requested by

Host: www.csgowinner.com
URL: https://www.csgowinner.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 11:12:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4716
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Jan 2024 11:12:16 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/ Frame 77C2 20 KB
8 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: www.csgowinner.com
URL: https://www.csgowinner.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 09:07:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12188
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Jan 2024 09:07:44 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 77C2 205 KB
65 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: www.csgowinner.com
URL: https://www.csgowinner.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 12:30:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66227
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1704891455226136"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 11 Jan 2024 12:30:52 GMT

GET
H2 200 4cee352c918c506f58256258d534a665.js Show response
www.gstatic.com/mysidia/ Frame 77C2 37 KB
15 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/4cee352c918c506f58256258d534a665.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: www.csgowinner.com
URL: https://www.csgowinner.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e6b20a1535a6d3ca3d7a611ae199a6f4b464e0b67b450379ed43a7ef3e66957c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 08:48:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 186150
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15452
x-xss-protection: 0
last-modified: Tue, 02 Jan 2024 22:18:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 08 Apr 2024 08:48:22 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame D7F0 624 B
246 B 139ms
48ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsY-dzjwAEwAQ&v=APEucNXxiczpvrEhk5OBdk5spZSoNg82LzWjw09ttHM_VxaT5RzsXzUaK7uXwzuVYdLqOkn-LAYqcQENN8SAgc4G9eBLHP_yfAf-CjWPpDjkcwiSD-njwphcPK_7HPUacExHDv8PS3BX0C8CFEjQh2vHfkFJCB3mu-6BC5tu1DEysFqRdQCnaFs

Requested by

Host: www.csgowinner.com
URL: https://www.csgowinner.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 11 Jan 2024 12:30:52 GMT
expires: Thu, 11 Jan 2024 12:30:52 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame F88A 89 KB
31 KB 138ms
137ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: www.csgowinner.com
URL: https://www.csgowinner.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 12:30:52 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31485
x-xss-protection: 0
server: cafe
etag: 7119415641918660631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Thu, 11 Jan 2024 12:30:52 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/ Frame F88A 3 KB
1 KB 16ms
7ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/window_focus_fy2021.js

Requested by

Host: www.csgowinner.com
URL: https://www.csgowinner.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 11:12:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4716
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Jan 2024 11:12:16 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/ Frame F88A 20 KB
8 KB 17ms
8ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: www.csgowinner.com
URL: https://www.csgowinner.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 09:07:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12188
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Jan 2024 09:07:44 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame F88A 205 KB
65 KB 27ms
18ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: www.csgowinner.com
URL: https://www.csgowinner.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 12:30:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66227
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1704891455226136"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 11 Jan 2024 12:30:52 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame F88A 42 B
63 B 50ms
41ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BjV-nRbWRcks0E-p45UXwD20pUd81XWPq5sUvR0ICcPPw7oL0gwZpnGmuWzQRe73rnvnenCHw0VtCUemVs2zwr8Z4zBpGcwCVF8tVXl1rrhmCBbas

Requested by

Host: www.csgowinner.com
URL: https://www.csgowinner.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 12:30:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 4b0ef9dfa83525e0607f42119c034d23.js Show response
www.gstatic.com/mysidia/ Frame EB58 9 KB
4 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/4b0ef9dfa83525e0607f42119c034d23.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97c530c44249746307c2b01b37eed0f53757d139bc4243798f468c71da9844da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 08:48:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 186130
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4079
x-xss-protection: 0
last-modified: Fri, 05 Jan 2024 00:56:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 08 Apr 2024 08:48:42 GMT

GET
H3 200 67b2cf2770e31c0fa9735c0b8b540980.js Show response
www.gstatic.com/mysidia/ Frame EB58 11 KB
5 KB 17ms
14ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/67b2cf2770e31c0fa9735c0b8b540980.js?tag=text/vanilla_highlight_ms

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

559ed27b48f52ad1c65466a95a120b8264f7dea4a23d31f2ebb3b5beca3321f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 08:47:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 186188
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4763
x-xss-protection: 0
last-modified: Fri, 05 Jan 2024 00:56:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 08 Apr 2024 08:47:44 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame EB58 14 KB
1 KB 18ms
15ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 11 Jan 2024 12:30:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 11 Jan 2024 10:31:30 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 11 Jan 2024 12:30:52 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/ Frame EB58 2 KB
822 B 12ms
10ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 18:11:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65983
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 24 Jan 2024 18:11:09 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/ Frame EB58 23 KB
9 KB 15ms
13ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 03:20:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33048
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9276
x-xss-protection: 0
server: cafe
etag: 3558958386372919956
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Jan 2024 03:20:04 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/ Frame EB58 3 KB
1 KB 17ms
15ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 11:12:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4716
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Jan 2024 11:12:16 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/ Frame EB58 20 KB
8 KB 14ms
12ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 09:07:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12188
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Jan 2024 09:07:44 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame EB58 205 KB
65 KB 36ms
34ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 12:30:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66227
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1704891455226136"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 11 Jan 2024 12:30:52 GMT

GET
H3 200 4cee352c918c506f58256258d534a665.js Show response
www.gstatic.com/mysidia/ Frame EB58 37 KB
15 KB 13ms
11ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/4cee352c918c506f58256258d534a665.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e6b20a1535a6d3ca3d7a611ae199a6f4b464e0b67b450379ed43a7ef3e66957c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 08:48:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 186150
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15452
x-xss-protection: 0
last-modified: Tue, 02 Jan 2024 22:18:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 08 Apr 2024 08:48:22 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 14E9 14 KB
1 KB 21ms
18ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 11 Jan 2024 12:30:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 11 Jan 2024 11:56:02 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 11 Jan 2024 12:30:52 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/ Frame 14E9 2 KB
822 B 6ms
6ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 18:11:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65983
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 24 Jan 2024 18:11:09 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/ Frame 14E9 23 KB
9 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 03:20:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33048
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9276
x-xss-protection: 0
server: cafe
etag: 3558958386372919956
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Jan 2024 03:20:04 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/ Frame 14E9 3 KB
1 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 11:12:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4716
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Jan 2024 11:12:16 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/ Frame 14E9 20 KB
8 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 09:07:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12188
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Jan 2024 09:07:44 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 14E9 205 KB
65 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 12:30:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66227
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1704891455226136"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 11 Jan 2024 12:30:52 GMT

GET
H3 200 4cee352c918c506f58256258d534a665.js Show response
www.gstatic.com/mysidia/ Frame 14E9 37 KB
15 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/4cee352c918c506f58256258d534a665.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e6b20a1535a6d3ca3d7a611ae199a6f4b464e0b67b450379ed43a7ef3e66957c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 08:48:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 186150
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15452
x-xss-protection: 0
last-modified: Tue, 02 Jan 2024 22:18:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 08 Apr 2024 08:48:22 GMT

GET
H3 200 1006756583628856564
tpc.googlesyndication.com/simgad/ Frame EB58 5 KB
5 KB 7ms
7ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1006756583628856564?w=100&h=100&tw=1&q=75

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8ec76b50a08dc1091664a0585c13e4117b7c5aacef008deb6cd2563582e20b10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires: Tue, 07 Jan 2025 15:40:59 GMT
date: Mon, 08 Jan 2024 15:40:59 GMT
x-content-type-options: nosniff
age: 247793
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4726
x-xss-protection: 0
last-modified: Thu, 11 Nov 2021 22:17:53 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame D9CC 143 B
166 B 7ms
6ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 73
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 11 Jan 2024 12:29:39 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Fq6oDGdSocwEj5ustB2bn5Kla54CG7w9cuWyRfTyGJI.js Show response
pagead2.googlesyndication.com/bg/ Frame DE8F 50 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Fq6oDGdSocwEj5ustB2bn5Kla54CG7w9cuWyRfTyGJI.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

16aea80c6752a1cc048f9bacb41d9b9f92a56b9e021bbc3d72e5b245f4f21892

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 08:44:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 186362
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19690
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 08 Jan 2025 08:44:50 GMT

GET
DATA 200
OK truncated
/ Frame 77C2 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c15c83c1caab654585cbc98e332e15c89d8d611b41e166a23c55155406f3a87c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3226380807570132306/160x600-S4-Banner-Design%26Creative-Flexible/ Frame E90F 5 KB
1 KB 8ms
8ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3226380807570132306/160x600-S4-Banner-Design%26Creative-Flexible/index.html

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/9e7d3f247d8b0aa5115615da07ecb571.js?tag=html5_display_upload/html5_exit_api

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

386fb406fd0b9bb1afa136a669dce629ae71a95429536e55cf715d756d414722

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 11012
allow-fenced-frame-automatic-beacons: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 1151
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Thu, 11 Jan 2024 09:27:20 GMT
expires: Fri, 10 Jan 2025 09:27:20 GMT
last-modified: Thu, 10 Aug 2023 18:35:57 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame EB58 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 81e7f4c985fee56945a51b9640332f5406475e6682230a137ed5e63bbdf73010

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 77C2
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CZ13xet-fZdbOJcWv9fgPyomcqASZlJ-HdZ2H9rnmEcGyiaTHPBABIJnv7xFglYq2gsQHoAHf1-LPA8gBCagDAcgDSKoEhAJP0JzUxz4bVVsAiERkBuUT0gPZPqGVLxIZ5sbfEPLmc5BWnn3...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2211689732638749131566%22,%22debug_reporting%22:true,%22destination%22:%22https://upwork.com%22,%22event_report_window%22:%2...

0
0

58ms
42ms

Fetch
text/css

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2211689732638749131566%22,%22debug_reporting%22:true,%22destination%22:%22https://upwork.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22972598239%22],%2222%22:[%22true%22],%224%22:[%2201-11%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%228023851575820274433%22}&andc=true

Requested by

Host: www.csgowinner.com
URL: https://www.csgowinner.com/

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 12:30:52 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"11689732638749131566","debug_reporting":true,"destination":"https://upwork.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["972598239"],"22":["true"],"4":["01-11"],"6":["true"]},"priority":"500","source_event_id":"8023851575820274433"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 11 Jan 2024 12:30:52 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 11 Jan 2024 12:30:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"11689732638749131566","debug_reporting":true,"destination":"https://upwork.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["972598239"],"22":["true"],"4":["01-11"],"6":["true"]},"priority":"500","source_event_id":"8023851575820274433"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame D7F0
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA1G78WEDWUrVFUyknpDO2k&google_cver=1

43 B
338 B

21ms
20ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA1G78WEDWUrVFUyknpDO2k&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsY-dzjwAEwAQ&v=APEucNXxiczpvrEhk5OBdk5spZSoNg82LzWjw09ttHM_VxaT5RzsXzUaK7uXwzuVYdLqOkn-LAYqcQENN8SAgc4G9eBLHP_yfAf-CjWPpDjkcwiSD-njwphcPK_7HPUacExHDv8PS3BX0C8CFEjQh2vHfkFJCB3mu-6BC5tu1DEysFqRdQCnaFs
Protocol: H2
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 12:30:52 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U4lW3HQsAHFLJH8tr4FSifJSNYNUzm4SJl918iWRoeAKcqKHfrkIaK6l04xXG%2BejJ%2Fdhimbu83Q2QQ3YY9cUB0VZLfAMeS3xn34ncBt8MSPDo7ka5v3YGlUHws%2FaSEP9ey9tx70l%2Fz%2Fm8w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 843d2c691f8090d7-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 11 Jan 2024 12:30:52 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA1G78WEDWUrVFUyknpDO2k&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame D7F0
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZZ-ffE-rEtHhh8QymUIJ8QAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENe4U-PQllFHzc3WEKjnbIw&google_cver=1

43 B
765 B

29ms
29ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENe4U-PQllFHzc3WEKjnbIw&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsY-dzjwAEwAQ&v=APEucNXxiczpvrEhk5OBdk5spZSoNg82LzWjw09ttHM_VxaT5RzsXzUaK7uXwzuVYdLqOkn-LAYqcQENN8SAgc4G9eBLHP_yfAf-CjWPpDjkcwiSD-njwphcPK_7HPUacExHDv8PS3BX0C8CFEjQh2vHfkFJCB3mu-6BC5tu1DEysFqRdQCnaFs
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 12:30:52 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d3CO%2FoOJvFT5koxTiJucjcTFcU3kXRzHxwfkLoGbhMr5gE51Szr0Sa8UuxdrHucXsPPvES30CZzLKmuOqAEOOcqkStwFen29lTBCFc3MCcLHv5Kw7OOVp5vy5sboo0ZBAYI6SmGg5IA8ig%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 843d2c699ee51e18-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 11 Jan 2024 12:30:52 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENe4U-PQllFHzc3WEKjnbIw&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

bounce
ib.adnxs.com/ Frame D7F0
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEFgQrCQyMNp7wnYVHgl9KPs&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEFgQrCQyMNp7wnYVHgl9KPs%26google_cver%3D1

43 B
1 KB

14ms
13ms

Image
image/gif

185.89.211.116
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEFgQrCQyMNp7wnYVHgl9KPs%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsY-dzjwAEwAQ&v=APEucNXxiczpvrEhk5OBdk5spZSoNg82LzWjw09ttHM_VxaT5RzsXzUaK7uXwzuVYdLqOkn-LAYqcQENN8SAgc4G9eBLHP_yfAf-CjWPpDjkcwiSD-njwphcPK_7HPUacExHDv8PS3BX0C8CFEjQh2vHfkFJCB3mu-6BC5tu1DEysFqRdQCnaFs

Protocol

Server

185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 12:30:52 GMT
an-x-request-uuid: 6e9c634b-8047-4eb7-990a-11d231877ed9
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 80.255.10.202; 80.255.10.202; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 11 Jan 2024 12:30:52 GMT
an-x-request-uuid: fd939c16-3e78-4226-b8e4-4d7a64172c2c
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEFgQrCQyMNp7wnYVHgl9KPs%26google_cver%3D1
cache-control: no-store, no-cache, private
x-proxy-origin: 80.255.10.202; 80.255.10.202; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D7F0
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTMzNzM2MzQ3NDE4NzU0NDY5NA%3D%3D

170 B
188 B

17ms
17ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTMzNzM2MzQ3NDE4NzU0NDY5NA%3D%3D

Requested by

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 12:30:52 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 11 Jan 2024 12:30:52 GMT
an-x-request-uuid: 8010cb5b-3eed-4310-befd-27320992152e
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTMzNzM2MzQ3NDE4NzU0NDY5NA%3D%3D
x-proxy-origin: 80.255.10.202; 80.255.10.202; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 Fq6oDGdSocwEj5ustB2bn5Kla54CG7w9cuWyRfTyGJI.js Show response
pagead2.googlesyndication.com/bg/ Frame 926C 50 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Fq6oDGdSocwEj5ustB2bn5Kla54CG7w9cuWyRfTyGJI.js

Requested by

Host: www.csgowinner.com
URL: https://www.csgowinner.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

16aea80c6752a1cc048f9bacb41d9b9f92a56b9e021bbc3d72e5b245f4f21892

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 08:44:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 186362
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19690
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 08 Jan 2025 08:44:50 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F88A 0
20 B 41ms
40ms Ping
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=6052247870897&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 12:30:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F88A 0
20 B 41ms
41ms Ping
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=6052247870897&version=m202309260101&ct=76&x=1&cor=5940007214910640000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 12:30:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame F88A 105 KB
39 KB 56ms
55ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Co2v4ZaKgUq1espvG6XyyXRwWKK7KSBRGHGhj8DTTAw4ST6KrUKpk8IlVsernZqg7TFCNuccFI1YUXhBGDRdx2XlIRRpL4D13bFBzcWG1x1uT3Ci1SirNenI2zO-dszokyyjGH-0S4u0oL_cWct9vj8pVMyvbD2vg2XsZPBP9MDtBGeFg&dbm_d=AKAmf-AJbRDLJazWqM9nPg4vKvDVY7sxKFNk9KcYq_eVGmXcsXamhGRvlONG76DXO0J_RyfLhWnzu0CUkmjb-UdlXDEdP3Pe8R0wuzqwJFS05mQXm6vnXWq8uRp2RrW7cxkh2rh-M1RtVGrnhkxZUIoR6V32ce8qiiyFXHrxn1tuZ6dxSzpfC379sklRYlH8hxTBUIsI2CRUFxNwUYPKzdOddzM9MjIkbkNZVEGwHktUE496ZC6extSWXI8qO8Bb77uBhIVjzKeI0ZMljq6uOymi5puu4QRyEnXNyYfsVBvjJklQxiTL-8GzxiAgzecthp5DXYajpEnHkJ8e4bhHzawpKpR6ojsBLEt75XDTfP0OHstikVos7SxJPJeaPHswwe69fWvjse9fXa0OdBUYTLHC5Udy4FcUzP1eha2z7dmZRcezX5hSN8Fj_GhKaPGPtIP44Pk2GyVMGL06JgAfAgU5lugU3EiEc7NqsgJay2XIeJj4QAKo5MovFhiKVLtPcBw0KxYhtEO1-i87ZvGM0t5DeaJp0xskLFgo5cPRoViwSvxAkoYwtN5LsR-j7UyKAiF5nSJMpJTjkxvUOCdv901Tb0YW6Jcf3a793HT5Hp68GXiUYZatX5CNmNf5HL-_S_gPKSecYg9vZyQWrchCFXvd-8FXTZq45ezrHssWY6XIHA4c7U8i1lNYPpq1YL1HNCsOVuvevKhyqXbtVNAuvKFOsXq_SPWgPB8V8aCyF50pBp-jGuivDCwFtGhcHcd7Nopu_7LJ46kYC24wTAJS5XcWaylWLQ1TJXG7GH4P4nckiiuLopJfyGVQGU1_Yg6FLvj52V40VivpPtiRzEXIANnZwQcPvv99RsvW7qnchjjzSDYScILM8dnv1VxoO6Zms8PA0xYQOYyrDJk2-NaSLmHG-1wr9NZNicYiqcdVU7LfrZRZguuVViMDAWKAxUp45ftkyC-S8ty8hnxaNbr1zLsO7Pw9pAbNDatQXVLsK0KFLxb5ndCWykOkaUqQQijV5m5pkBJA9PmDzkBlyLzBgR_1mQuPB8xO1Kx6WAM9WiihovoU8a35GcVg5bYir9xVc_BTk09qnSfw5Wi2jWwVqgH_X3LYs-mOJBmMbXPYgLC6L0MpdDAVjPT0D_57p6f0esr_Xel-BIjFYqN1a24Z5aCMzY1Foqh7HORh1CIeGbu6-FEjlse0cR2q4wQoD5e-k8HPa_nzRSPYWfUWPECkezXm1d7g7YJgYVfVaDc8eoIq_RqtV-GistCqTyzZJ8IAv2zhWwT86BRSj7hgO5v6sjVVsENI_0G1rCed1sz2MNoLyglyWI4KR7IzzoqHHbd-Ua1ymsx3Sz6QcLtmVhYU-I4MeEOiRWGosE1NvjeCXRpy9_y_36K3KPQO38WP4YOrFfL3EpDGI6UehYDrbH-3Lg4UbAr3qF5k3N5rMVxAQbcJWZxL9Lyh0o_-yoSQcwkH2NRnvM10fqm_ugNUC4MX-aIJ5R-sjCqPFH58IuHMH6O2gS1sC3nsHMYloSbi3P2CpZedPqb8eQpTSPD-mPc3s3_Wa8FP1dQrMn5rk9wq9OHdPn6aV02NWCogXE7_m1jtlIFPE89kh6DyovjPJQEyw3fEyCV36W0PJjj_McT0ukPJ5bWHO0Wt3Bm-YvhZsRDGbHC_Lwqe5d8jDmOgXw720MuRJXKOY5orBdfy4rfO8QV7ys8YhHqz3CpYNSU51gRc-F_57tgJSv_Tq5sVTyKlXVC3PTh2PyM-HugYWk8dJGNMXjMgfJwTitMZiwjhVR6ih93Y1icAKPNzKkbaCCwQROwQcibNCg4vNZEoDBlwINzjahAhQtaKPyk1n39uOKdLlnpdKNBUdRyOgdG51wk1F-2o56I3gekPMfhACSGb2lgI3h3eEXGS2Bzd9aj1kk8RDC-GxWt61L2FqPs4m9Bk1UvPzRXyIpeA3toQWMhYnjwxCeVNnh1j3cg15EpEu8cB1vshVeL86NWfjjt1DmWlm8KTviTRyCv2djIxzuFLs0hxDw0CfJy7npPABlBNVy4NnB62IsyRQiKk42bXXz23zr4FfIfw6EYCyvlLy8FRROmNuaHA2FNWoA_B9ESFVNEsRQAP64q-x3VQvb-bxerTr8gYm1bz_5eUHxpjBFznam788GgquVVZQcWPu5k45yt2t6Lkzs6ooelCOclcXxwdEepCSbBIQ0xty3o2Wyjpzlcy3eqYPZ_381jE4IlQTUrpNNa-01vlXEPvxGYyx9hY1RwbuCl_Bg0QY3YNRoTzYweO9_uQQ2XcJ8CVfLjGdFuygo4X3eZHxatvQbD3G4ihApHSRj6xAE1VYZsTa8_e_YPmqUQtN97XrVGkVs6X3dWc9XZoH5bK1_T5lAZ01jAyBQ8C_epTx3IIBN3-AuWI01CfT-wwR_zYmFODGYXRCTdv3N8p3GiPtCfUarUXAsQkeqXp4cDY0748y5u75HBzgtFBI0aq5zqRICoaSabzyd0cStqwKJ2s-vXb8iwVmEgjWZoDtbfGL3bWg4mAQQqfl6XiBSdL2_HQ-rtsyQGY0EJmUGK8vn92cBON0fCB8oR0YHnWpxTb-j9_JykevX1zdc8Toq0RJztmyPUHXw8g9e16xWt3-BXCR69Zhp2P6_AXlys5XanmpO9bUz_0iWkVCdNOdgH3lBHp-ihabAaWFgIvEHApZBRILphkTuNyhFGlQgnDQLFkQG67sLMyClbJDuhp62J7pl-9NvVEpZ-ZjAL8RWMJWecezgft-AtDNElaCjxjMDbgmQTqKeFmpjg60ISsBWKTXm4IftB6IPzkNq4Bc_kRUiIP35ncn0beCq3mHT3E_k51uUSLWLMnL2jJ8iubDfOHSZzWauv_bA19sCzVsbXzTEFoLaBcMNArooq_ESNoyVzFfKF6KYpwdF6_B3wVNhIKu6o7mRjraDdoAfp-cDT-H_4oQsA-JhVoep_YckRjGws_-hMIPsqzd8gu630_4K6GXW0mz3pkafeIoDBVDDtah29GeBZkyZX5wMp3wZpINUZkRnQhZK2wHxxfLj0vktTUgDlwwfapOvKF1xr9ViG4kVWuPRCavnDiKiPqFQfA8gYgEEr0PL0GHe5p-YPI-DRgfbS9p3n4ibP7AEPLgvDs6s4wSR4h57stEt5A0j9hfL30mWo8nCMG0gvUbQWyogaycPuKBSskaRfK15koqdYtT4pIsJwlK4_AiEVIrkCJjTTokLtA8s5fmOU4ojjP_GG25GEWSiGzw0iaLnTDMb9HhhrlKo8hNttGL0HDxfcVUPjMvtjf5u0Y16a_WWPx9fYpKa6-Fr4LB2S1QHE9MPbp4bVGoeY1uXe_v9SovjMPmaAuy2D66Ydwa2NLDezin8meK5QYumyzsq80HFuneoRQVPBHsY94cnhpNEOQKJUF-lGTv0XdlVJbtO0Z1dQJV7hhLTGtiSe_rPXFhVG5gi5JR4qKrUfJ6G03B0tf5gFHJBBPiMt8ws9YGjs0fN0sHA5XVmhjFOrzXCf_lnUJxZHLJjRLhPv_gSS7bCLgIlLSFu_hSM0D9RdnExupjj5DNZGVan3CS1mK2SIgc4jgG8gQp2o1fnzCwZVTxwj8YHXLBKoK6Cl6IxEWCkk7f5yLSlGhXzTc6Rsmnv6CqiXxA4ZJIDrroyIhVtHYKK4hngQcuffNdT6KBgXFoMTi6QvKimXNM7hzRkQMhZ2iaDKg_kmffPGy7lXUrCoDG12EbFYITEVFWhb7VaaiKPIrLrQ-BX7bqzxOPbnNb6JToCnZNFtLVfejNof_CRet-sMkTysyiig4R37vlA&cid=CAQSTwAvHhf_vaHcz1NmyTsv2YZzLgcZzALxOEgSBgVMoUQp0iwHcKL39MYDoSzBJcJzFs5RSbMad6lQbTHwngPaNwLVwNda02zWh7dprZfSpLsYAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.csgowinner.com%2F&ds=l&xdt=1&iif=1&cor=5940007214910640000&adk=1877897942&idt=142&cac=0&dtd=7

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1f00109a101b4c8502484a575255f06e62b7b9b14a9d1fc8bf0e1400fc5ad745

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 12:30:52 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40122
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame E90F 6 KB
3 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3226380807570132306/160x600-S4-Banner-Design%26Creative-Flexible/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6f4813e4fe6dd891838e421479bf603f6d3f0d2a55b90517b875a77050471d4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3226380807570132306/160x600-S4-Banner-Design%26Creative-Flexible/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 21:29:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54061
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2551
x-xss-protection: 0
server: cafe
etag: 4618035238173732404
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Thu, 11 Jan 2024 21:29:51 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame E90F 34 KB
13 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3226380807570132306/160x600-S4-Banner-Design%26Creative-Flexible/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3226380807570132306/160x600-S4-Banner-Design%26Creative-Flexible/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 21:29:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54062
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13035
x-xss-protection: 0
server: cafe
etag: 2319883687766034370
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Thu, 11 Jan 2024 21:29:50 GMT

GET
H2 200 gsap_3.11.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame E90F 69 KB
27 KB 39ms
15ms Script
text/javascript 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.11.1_min.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3226380807570132306/160x600-S4-Banner-Design%26Creative-Flexible/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fbae080321632ad4ce06e9207ef9a534abd1d6488a96a0a4334fa768d1f93717

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 12:30:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27635
x-xss-protection: 0
last-modified: Fri, 12 May 2023 16:03:23 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 11 Jan 2024 12:30:52 GMT

GET
H3 200 image_background_green.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3226380807570132306/160x600-S4-Banner-Design%26Creative-Flexible/ Frame E90F 178 B
207 B 10ms
10ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3226380807570132306/160x600-S4-Banner-Design%26Creative-Flexible/image_background_green.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3226380807570132306/160x600-S4-Banner-Design%26Creative-Flexible/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec155e2c559ded82cf1599f17bd9da97b2db0510aa0b3b8778a38fadca21434b

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3226380807570132306/160x600-S4-Banner-Design%26Creative-Flexible/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires: Wed, 08 Jan 2025 09:24:58 GMT
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Tue, 09 Jan 2024 09:24:58 GMT
x-content-type-options: nosniff
age: 183954
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 178
x-xss-protection: 0
last-modified: Thu, 10 Aug 2023 18:35:57 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 image_people.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3226380807570132306/160x600-S4-Banner-Design%26Creative-Flexible/ Frame E90F 39 KB
39 KB 11ms
11ms Image
image/jpeg 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3226380807570132306/160x600-S4-Banner-Design%26Creative-Flexible/image_people.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3226380807570132306/160x600-S4-Banner-Design%26Creative-Flexible/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cea75f64d669196195b13caf2d43afe579e7e66339fa2e59984b32c20cf913ae

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3226380807570132306/160x600-S4-Banner-Design%26Creative-Flexible/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires: Fri, 10 Jan 2025 09:27:20 GMT
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Thu, 11 Jan 2024 09:27:20 GMT
x-content-type-options: nosniff
age: 11012
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39892
x-xss-protection: 0
last-modified: Thu, 10 Aug 2023 18:35:57 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 image_logo.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3226380807570132306/160x600-S4-Banner-Design%26Creative-Flexible/ Frame E90F 7 KB
7 KB 8ms
7ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3226380807570132306/160x600-S4-Banner-Design%26Creative-Flexible/image_logo.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3226380807570132306/160x600-S4-Banner-Design%26Creative-Flexible/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

445babf9dee94d6c6a5f742bbc42c02f31b39be1a9506ae84cbd1105aaad9460

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3226380807570132306/160x600-S4-Banner-Design%26Creative-Flexible/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires: Fri, 10 Jan 2025 09:27:20 GMT
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Thu, 11 Jan 2024 09:27:20 GMT
x-content-type-options: nosniff
age: 11012
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7011
x-xss-protection: 0
last-modified: Thu, 10 Aug 2023 18:35:57 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 copy_main.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3226380807570132306/160x600-S4-Banner-Design%26Creative-Flexible/ Frame E90F 22 KB
22 KB 9ms
9ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3226380807570132306/160x600-S4-Banner-Design%26Creative-Flexible/copy_main.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3226380807570132306/160x600-S4-Banner-Design%26Creative-Flexible/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

76fedb09e4f65f3aac4c2a53f5089396a3810a76d023c4fca0a4aa32205d3409

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3226380807570132306/160x600-S4-Banner-Design%26Creative-Flexible/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires: Wed, 08 Jan 2025 09:24:59 GMT
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Tue, 09 Jan 2024 09:24:59 GMT
x-content-type-options: nosniff
age: 183953
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22129
x-xss-protection: 0
last-modified: Thu, 10 Aug 2023 18:35:57 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 copy_sub.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3226380807570132306/160x600-S4-Banner-Design%26Creative-Flexible/ Frame E90F 17 KB
17 KB 10ms
10ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3226380807570132306/160x600-S4-Banner-Design%26Creative-Flexible/copy_sub.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3226380807570132306/160x600-S4-Banner-Design%26Creative-Flexible/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b3deed8310b8f2abbb2c8c74f01ca79280dd3a3ff63ba1e100de682c79c0d0c4

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3226380807570132306/160x600-S4-Banner-Design%26Creative-Flexible/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires: Wed, 08 Jan 2025 09:24:59 GMT
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Tue, 09 Jan 2024 09:24:59 GMT
x-content-type-options: nosniff
age: 183953
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17005
x-xss-protection: 0
last-modified: Thu, 10 Aug 2023 18:35:57 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 copy_cta.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3226380807570132306/160x600-S4-Banner-Design%26Creative-Flexible/ Frame E90F 2 KB
2 KB 8ms
8ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3226380807570132306/160x600-S4-Banner-Design%26Creative-Flexible/copy_cta.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3226380807570132306/160x600-S4-Banner-Design%26Creative-Flexible/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c73f2d32fc3e95b18ce10761f7a399dc707fe50470c9a5aea766768ff590b33a

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3226380807570132306/160x600-S4-Banner-Design%26Creative-Flexible/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires: Wed, 08 Jan 2025 09:24:59 GMT
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Tue, 09 Jan 2024 09:24:59 GMT
x-content-type-options: nosniff
age: 183953
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1854
x-xss-protection: 0
last-modified: Thu, 10 Aug 2023 18:35:57 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame EB58 33 KB
34 KB 31ms
8ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 04:01:15 GMT
x-content-type-options: nosniff
age: 203377
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Jan 2025 04:01:15 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame D9CC
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

16ms
16ms

Document
text/html

2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 11 Jan 2024 12:30:52 GMT
expires: Thu, 11 Jan 2024 12:30:52 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 11 Jan 2024 12:30:52 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 69ms
42ms Preflight
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 11 Jan 2024 12:30:52 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame F88A 172 KB
60 KB 22ms
7ms Script
text/javascript 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Requested by

Host: www.csgowinner.com
URL: https://www.csgowinner.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 23:49:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 45708
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61485
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:43:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 11 Jan 2024 23:49:04 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20240108/r20110914/elements/html/ Frame F88A 11 KB
4 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240108/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Co2v4ZaKgUq1espvG6XyyXRwWKK7KSBRGHGhj8DTTAw4ST6KrUKpk8IlVsernZqg7TFCNuccFI1YUXhBGDRdx2XlIRRpL4D13bFBzcWG1x1uT3Ci1SirNenI2zO-dszokyyjGH-0S4u0oL_cWct9vj8pVMyvbD2vg2XsZPBP9MDtBGeFg&dbm_d=AKAmf-AJbRDLJazWqM9nPg4vKvDVY7sxKFNk9KcYq_eVGmXcsXamhGRvlONG76DXO0J_RyfLhWnzu0CUkmjb-UdlXDEdP3Pe8R0wuzqwJFS05mQXm6vnXWq8uRp2RrW7cxkh2rh-M1RtVGrnhkxZUIoR6V32ce8qiiyFXHrxn1tuZ6dxSzpfC379sklRYlH8hxTBUIsI2CRUFxNwUYPKzdOddzM9MjIkbkNZVEGwHktUE496ZC6extSWXI8qO8Bb77uBhIVjzKeI0ZMljq6uOymi5puu4QRyEnXNyYfsVBvjJklQxiTL-8GzxiAgzecthp5DXYajpEnHkJ8e4bhHzawpKpR6ojsBLEt75XDTfP0OHstikVos7SxJPJeaPHswwe69fWvjse9fXa0OdBUYTLHC5Udy4FcUzP1eha2z7dmZRcezX5hSN8Fj_GhKaPGPtIP44Pk2GyVMGL06JgAfAgU5lugU3EiEc7NqsgJay2XIeJj4QAKo5MovFhiKVLtPcBw0KxYhtEO1-i87ZvGM0t5DeaJp0xskLFgo5cPRoViwSvxAkoYwtN5LsR-j7UyKAiF5nSJMpJTjkxvUOCdv901Tb0YW6Jcf3a793HT5Hp68GXiUYZatX5CNmNf5HL-_S_gPKSecYg9vZyQWrchCFXvd-8FXTZq45ezrHssWY6XIHA4c7U8i1lNYPpq1YL1HNCsOVuvevKhyqXbtVNAuvKFOsXq_SPWgPB8V8aCyF50pBp-jGuivDCwFtGhcHcd7Nopu_7LJ46kYC24wTAJS5XcWaylWLQ1TJXG7GH4P4nckiiuLopJfyGVQGU1_Yg6FLvj52V40VivpPtiRzEXIANnZwQcPvv99RsvW7qnchjjzSDYScILM8dnv1VxoO6Zms8PA0xYQOYyrDJk2-NaSLmHG-1wr9NZNicYiqcdVU7LfrZRZguuVViMDAWKAxUp45ftkyC-S8ty8hnxaNbr1zLsO7Pw9pAbNDatQXVLsK0KFLxb5ndCWykOkaUqQQijV5m5pkBJA9PmDzkBlyLzBgR_1mQuPB8xO1Kx6WAM9WiihovoU8a35GcVg5bYir9xVc_BTk09qnSfw5Wi2jWwVqgH_X3LYs-mOJBmMbXPYgLC6L0MpdDAVjPT0D_57p6f0esr_Xel-BIjFYqN1a24Z5aCMzY1Foqh7HORh1CIeGbu6-FEjlse0cR2q4wQoD5e-k8HPa_nzRSPYWfUWPECkezXm1d7g7YJgYVfVaDc8eoIq_RqtV-GistCqTyzZJ8IAv2zhWwT86BRSj7hgO5v6sjVVsENI_0G1rCed1sz2MNoLyglyWI4KR7IzzoqHHbd-Ua1ymsx3Sz6QcLtmVhYU-I4MeEOiRWGosE1NvjeCXRpy9_y_36K3KPQO38WP4YOrFfL3EpDGI6UehYDrbH-3Lg4UbAr3qF5k3N5rMVxAQbcJWZxL9Lyh0o_-yoSQcwkH2NRnvM10fqm_ugNUC4MX-aIJ5R-sjCqPFH58IuHMH6O2gS1sC3nsHMYloSbi3P2CpZedPqb8eQpTSPD-mPc3s3_Wa8FP1dQrMn5rk9wq9OHdPn6aV02NWCogXE7_m1jtlIFPE89kh6DyovjPJQEyw3fEyCV36W0PJjj_McT0ukPJ5bWHO0Wt3Bm-YvhZsRDGbHC_Lwqe5d8jDmOgXw720MuRJXKOY5orBdfy4rfO8QV7ys8YhHqz3CpYNSU51gRc-F_57tgJSv_Tq5sVTyKlXVC3PTh2PyM-HugYWk8dJGNMXjMgfJwTitMZiwjhVR6ih93Y1icAKPNzKkbaCCwQROwQcibNCg4vNZEoDBlwINzjahAhQtaKPyk1n39uOKdLlnpdKNBUdRyOgdG51wk1F-2o56I3gekPMfhACSGb2lgI3h3eEXGS2Bzd9aj1kk8RDC-GxWt61L2FqPs4m9Bk1UvPzRXyIpeA3toQWMhYnjwxCeVNnh1j3cg15EpEu8cB1vshVeL86NWfjjt1DmWlm8KTviTRyCv2djIxzuFLs0hxDw0CfJy7npPABlBNVy4NnB62IsyRQiKk42bXXz23zr4FfIfw6EYCyvlLy8FRROmNuaHA2FNWoA_B9ESFVNEsRQAP64q-x3VQvb-bxerTr8gYm1bz_5eUHxpjBFznam788GgquVVZQcWPu5k45yt2t6Lkzs6ooelCOclcXxwdEepCSbBIQ0xty3o2Wyjpzlcy3eqYPZ_381jE4IlQTUrpNNa-01vlXEPvxGYyx9hY1RwbuCl_Bg0QY3YNRoTzYweO9_uQQ2XcJ8CVfLjGdFuygo4X3eZHxatvQbD3G4ihApHSRj6xAE1VYZsTa8_e_YPmqUQtN97XrVGkVs6X3dWc9XZoH5bK1_T5lAZ01jAyBQ8C_epTx3IIBN3-AuWI01CfT-wwR_zYmFODGYXRCTdv3N8p3GiPtCfUarUXAsQkeqXp4cDY0748y5u75HBzgtFBI0aq5zqRICoaSabzyd0cStqwKJ2s-vXb8iwVmEgjWZoDtbfGL3bWg4mAQQqfl6XiBSdL2_HQ-rtsyQGY0EJmUGK8vn92cBON0fCB8oR0YHnWpxTb-j9_JykevX1zdc8Toq0RJztmyPUHXw8g9e16xWt3-BXCR69Zhp2P6_AXlys5XanmpO9bUz_0iWkVCdNOdgH3lBHp-ihabAaWFgIvEHApZBRILphkTuNyhFGlQgnDQLFkQG67sLMyClbJDuhp62J7pl-9NvVEpZ-ZjAL8RWMJWecezgft-AtDNElaCjxjMDbgmQTqKeFmpjg60ISsBWKTXm4IftB6IPzkNq4Bc_kRUiIP35ncn0beCq3mHT3E_k51uUSLWLMnL2jJ8iubDfOHSZzWauv_bA19sCzVsbXzTEFoLaBcMNArooq_ESNoyVzFfKF6KYpwdF6_B3wVNhIKu6o7mRjraDdoAfp-cDT-H_4oQsA-JhVoep_YckRjGws_-hMIPsqzd8gu630_4K6GXW0mz3pkafeIoDBVDDtah29GeBZkyZX5wMp3wZpINUZkRnQhZK2wHxxfLj0vktTUgDlwwfapOvKF1xr9ViG4kVWuPRCavnDiKiPqFQfA8gYgEEr0PL0GHe5p-YPI-DRgfbS9p3n4ibP7AEPLgvDs6s4wSR4h57stEt5A0j9hfL30mWo8nCMG0gvUbQWyogaycPuKBSskaRfK15koqdYtT4pIsJwlK4_AiEVIrkCJjTTokLtA8s5fmOU4ojjP_GG25GEWSiGzw0iaLnTDMb9HhhrlKo8hNttGL0HDxfcVUPjMvtjf5u0Y16a_WWPx9fYpKa6-Fr4LB2S1QHE9MPbp4bVGoeY1uXe_v9SovjMPmaAuy2D66Ydwa2NLDezin8meK5QYumyzsq80HFuneoRQVPBHsY94cnhpNEOQKJUF-lGTv0XdlVJbtO0Z1dQJV7hhLTGtiSe_rPXFhVG5gi5JR4qKrUfJ6G03B0tf5gFHJBBPiMt8ws9YGjs0fN0sHA5XVmhjFOrzXCf_lnUJxZHLJjRLhPv_gSS7bCLgIlLSFu_hSM0D9RdnExupjj5DNZGVan3CS1mK2SIgc4jgG8gQp2o1fnzCwZVTxwj8YHXLBKoK6Cl6IxEWCkk7f5yLSlGhXzTc6Rsmnv6CqiXxA4ZJIDrroyIhVtHYKK4hngQcuffNdT6KBgXFoMTi6QvKimXNM7hzRkQMhZ2iaDKg_kmffPGy7lXUrCoDG12EbFYITEVFWhb7VaaiKPIrLrQ-BX7bqzxOPbnNb6JToCnZNFtLVfejNof_CRet-sMkTysyiig4R37vlA&cid=CAQSTwAvHhf_vaHcz1NmyTsv2YZzLgcZzALxOEgSBgVMoUQp0iwHcKL39MYDoSzBJcJzFs5RSbMad6lQbTHwngPaNwLVwNda02zWh7dprZfSpLsYAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.csgowinner.com%2F&ds=l&xdt=1&iif=1&cor=5940007214910640000&adk=1877897942&idt=142&cac=0&dtd=7

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 18:18:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65551
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 14415875674906819925
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 24 Jan 2024 18:18:21 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20240108/r20110914/ Frame F88A 31 KB
12 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240108/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9dfbb8e1be036059aea6dd87bdbefa7ecada3617fb3f404ba4647ebbbf8160b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 18:36:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64488
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11885
x-xss-protection: 0
server: cafe
etag: 16863283086342074828
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 24 Jan 2024 18:36:04 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame F88A 41 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: www.csgowinner.com
URL: https://www.csgowinner.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 13:49:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 168096
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Jan 2025 13:49:16 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame EB58
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CNsjhet-fZdjOJcWv9fgPyomcqASGpKOSdZzk88PeEGQQASCZ7-8RYJWKtoLEB6AB_9uKyAPIAQGoAwHIA8sEqgSFAk_QEzNAqX-sBemcMqHC_qIUXUehS7Ym_kO9tZ56AU0KNan_tkq1_Rn...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2217556072658701059734%22,%22debug_reporting%22:true,%22destination%22:%22https://grammarly.com%22,%22event_report_window%22...

0
0

42ms
42ms

Fetch
text/css

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2217556072658701059734%22,%22debug_reporting%22:true,%22destination%22:%22https://grammarly.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22956476927%22],%2222%22:[%22true%22],%224%22:[%2201-11%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%226394485654784437089%22}&andc=true

Requested by

Host: www.csgowinner.com
URL: https://www.csgowinner.com/

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 12:30:52 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"17556072658701059734","debug_reporting":true,"destination":"https://grammarly.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["956476927"],"22":["true"],"4":["01-11"],"6":["true"]},"priority":"500","source_event_id":"6394485654784437089"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 11 Jan 2024 12:30:52 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 11 Jan 2024 12:30:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"17556072658701059734","debug_reporting":true,"destination":"https://grammarly.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["956476927"],"22":["true"],"4":["01-11"],"6":["true"]},"priority":"500","source_event_id":"6394485654784437089"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 Fq6oDGdSocwEj5ustB2bn5Kla54CG7w9cuWyRfTyGJI.js Show response
pagead2.googlesyndication.com/bg/ Frame 6F44 50 KB
19 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Fq6oDGdSocwEj5ustB2bn5Kla54CG7w9cuWyRfTyGJI.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

16aea80c6752a1cc048f9bacb41d9b9f92a56b9e021bbc3d72e5b245f4f21892

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 08:44:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 186362
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19690
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 08 Jan 2025 08:44:50 GMT

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 3B07 38 KB
13 KB 7ms
7ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 166213
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 09 Jan 2024 14:20:39 GMT
expires: Wed, 08 Jan 2025 14:20:39 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 index.html Show response
s0.2mdn.net/sadbundle/6984646504748768363/ Frame 22F4 673 B
600 B 15ms
15ms Document
text/html 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/6984646504748768363/index.html?e=69&leftOffset=0&topOffset=0&c=jCOXHjg1oY&t=1&renderingType=2&ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dd3fe7feb3608b58bd773dbf60ad7b1c4f9022dd1c7744206e3eeb225a9dc259

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
allow-fenced-frame-automatic-beacons: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 409
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Thu, 11 Jan 2024 12:30:52 GMT
expires: Fri, 10 Jan 2025 12:30:52 GMT
last-modified: Wed, 10 Jan 2024 11:56:52 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame F88A 0
0 102ms
52ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuSbhl5GL2EdYGDqsO7q3qzFLzeIIy-rfiZPVMe3dG4Zji0eRv_y8HESOT4BK7tHRk9_mMRTvOeSey7ToQHN7xm7dfOy6qV-va5SflzEFyp7tdG84J6yucahIoAplsr_izsrYzy-hpKXXoxTrnP4rqE09veyP2jzhZVUKdu-x_wqk6zWyVL8qukkkZCjykOX_uiK0uEQrcpErsIZuSb7fM4BZww0jVvUkRoPhHN2TRECpcFj-JCL9XnSlpB5UKRAXyifYjiTimY83uEWqyaUR2jrTWeIdhXBiyx8vnQRczScWr1kuwQwKqrM2-Rq5kelKVGYMRJxDcnWuj5uT115Yo0tz9lmqpnqnYASpdM-V7l118QPgaUCtKm1m5D7tsFDhNdcAxLHa4DiU0sOIji4RX9Q8VQP3DSGQ0ECoh2MVgxBTpLthsyjgkHGxlyR4CPszD6Pj0DAR7kMSpx0NdsqBojoa2Q9O9cD_hk-Nx67tdzwDl3ePKCR5UupmKAKc8zTCqobUT95ht62BDR_O7WTmCjbnxxZZcI1dcca_o22Q8dbPTCmT6OfSZQ6yVaOxR6SrIIsCcoKXneDo7gg9UFO7TQSpd5s1dPyHGPUIHtgeTsaNTDnovNJINkdOJ0HfbzIIu9Fq_GdXSpcmIDmfIr1E1nJF6CxYTRry6L1wp4hcLu0QNSzHxKfepIgqN_ncv4WhHCBD-H4aJ2hTe80b_ypWIyfgZ3Ad5hpZg3MybBKhhzRsfZkymITLhdn04UTJXNvKo_XErtomaeXWTuyqyBig5ImjViC8u7QH-b9d9mt6ke7H9bg7b5tsSUGSFXNCgfdb9f2z6PLlrN3EqmNSdwhMTmCLZDfkEE-13REoR8Fd8xIYOyKLrWrRGtsXtTd-tSkHwYqvBa0J5yF970faIhSUBWxCFv3CddCGir7vHiNyTRr_dcZO55Prz2YMLPuKPn0Z95bSwQhUP-v1Cs86HZp3-4Teg3lE14hBMS8tBkNdEkpexGCna6ooNO6lA5CwaoKjrWFOCkNS7OB8c-DIqtNNRci-HqcH0orbHnQ0PijqOTZUZY3VDLZCZPT2tSqVSjXB80lXCW0PnxII3rbXGz2fgcNhOTOtWu_gzw7bAmkm3ZHWa4qFULVgYW2MMlm7hFy-MYwScrUOfuwYLmhenG7VwWqo4lRge_AF65j7tp52IXEXchtjaI8sztBDhUc4AWB8n8R_qn707poek4o5svLSSg5-uC5EaL-xXxWKUE3T3tjUfQAawrIoeLC_gwOGBbHiMZOob_BJYPankmhLVrehitXqur_kLaUVH4YJmiuarGZdnGnh92mDSk-4Oky2p5NAer6V9Fbm34gsmUf23WiI-sr3bjGLqljtT7GUBR9kyBLIQ6cLCg1lRDlbCnvJB5ust-SGo&sai=AMfl-YSb-2Eih0ZFlsUMEQ4PJFs113gtTetH8NYIbTM9CoJgLcPTOuBnFJJhSNUOApj9J9MuQ-uwhqxtYffHT5O39a79MZI8brXA-f6dc4FYTmX8Bxs8SyPARik9acrxGM2Lufc3NVw1UE3YKlAJ1p-YOPPsYnA9PVAtH0UHvXHxWmyZKEWm3qz2fgZOv0DRUbWMMPb6I3p3zejBW8fhMtI5u4AQw8yLq5iuAylX-OCQmVsRGe6EwjbXgNrGdHcxa2OLynooBdPZwoRQj9xwN8UHgXxJdQ_CjbkSa8sFhYpEJg&sig=Cg0ArKJSzJp6ntoMB8cWEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=67&cbvp=1&cstd=61&cisv=r20240108.47741&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: www.csgowinner.com
URL: https://www.csgowinner.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 11 Jan 2024 12:30:52 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 Fq6oDGdSocwEj5ustB2bn5Kla54CG7w9cuWyRfTyGJI.js Show response
pagead2.googlesyndication.com/bg/ Frame E90F 50 KB
19 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Fq6oDGdSocwEj5ustB2bn5Kla54CG7w9cuWyRfTyGJI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

16aea80c6752a1cc048f9bacb41d9b9f92a56b9e021bbc3d72e5b245f4f21892

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 08:44:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 186362
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19690
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 08 Jan 2025 08:44:50 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 52D9 14 KB
1 KB 20ms
18ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1702866763462916&output=html&h=280&adk=258842709&adf=2518345730&pi=t.aa~a.11033437~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1704976251&rafmt=1&to=qs&pwprc=9300450939&format=1200x280&url=https%3A%2F%2Fwww.csgowinner.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704976251991&bpp=1&bdt=1776&idt=-M&shv=r20240109&mjsv=m202401020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfe104226049cfe71%3AT%3D1704976250%3ART%3D1704976250%3AS%3DALNI_MZrGnYr6EWZqiO4Q1PtfY-sS12yHw&gpic=UID%3D00000d3f715d7af0%3AT%3D1704976250%3ART%3D1704976250%3AS%3DALNI_Mbed9QxZLpoY48oIrz3XlkK43V5Zw&prev_fmts=1000x280%2C0x0&nras=2&correlator=3895014691616&frm=20&pv=1&ga_vid=87196440.1704976251&ga_sid=1704976251&ga_hid=864668929&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1511&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079438%2C31080261%2C44809003%2C31080217%2C44807406%2C95320869%2C95320893&oid=2&psts=AOrYGsn3JqZ8_a_i7ZUt9PQ41sD1BwlJmQhfQv5rFpcwwD3LoDQKf0Ta2RN-Ev5qP5_1VHWHLaArZGSswvI9Iijfv1CiXg&pvsid=3579955393326667&tmod=1694812098&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 11 Jan 2024 12:30:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 11 Jan 2024 12:02:15 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 11 Jan 2024 12:30:52 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/ Frame 52D9 2 KB
822 B 8ms
7ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 18:11:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65983
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 24 Jan 2024 18:11:09 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/ Frame 52D9 23 KB
9 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 03:20:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33048
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9276
x-xss-protection: 0
server: cafe
etag: 3558958386372919956
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Jan 2024 03:20:04 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/ Frame 52D9 3 KB
1 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 11:12:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4716
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Jan 2024 11:12:16 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/ Frame 52D9 20 KB
8 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 09:07:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12188
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Jan 2024 09:07:44 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 52D9 0
0 15ms
14ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSGufEwbvX9tgA8g2ZjY_fpKCvYwCeoC5L2KdF6VoXYa9n0fBUxDaEcOfX4hm6z2iVf_qOhxzE0NOMHECK8goNL9BHoHw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1702866763462916&output=html&h=280&adk=258842709&adf=2518345730&pi=t.aa~a.11033437~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1704976251&rafmt=1&to=qs&pwprc=9300450939&format=1200x280&url=https%3A%2F%2Fwww.csgowinner.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704976251991&bpp=1&bdt=1776&idt=-M&shv=r20240109&mjsv=m202401020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dfe104226049cfe71%3AT%3D1704976250%3ART%3D1704976250%3AS%3DALNI_MZrGnYr6EWZqiO4Q1PtfY-sS12yHw&gpic=UID%3D00000d3f715d7af0%3AT%3D1704976250%3ART%3D1704976250%3AS%3DALNI_Mbed9QxZLpoY48oIrz3XlkK43V5Zw&prev_fmts=1000x280%2C0x0&nras=2&correlator=3895014691616&frm=20&pv=1&ga_vid=87196440.1704976251&ga_sid=1704976251&ga_hid=864668929&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1511&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079438%2C31080261%2C44809003%2C31080217%2C44807406%2C95320869%2C95320893&oid=2&psts=AOrYGsn3JqZ8_a_i7ZUt9PQ41sD1BwlJmQhfQv5rFpcwwD3LoDQKf0Ta2RN-Ev5qP5_1VHWHLaArZGSswvI9Iijfv1CiXg&pvsid=3579955393326667&tmod=1694812098&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 52D9 205 KB
65 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 12:30:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66227
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1704891455226136"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 11 Jan 2024 12:30:52 GMT

GET
H3 200 4cee352c918c506f58256258d534a665.js Show response
www.gstatic.com/mysidia/ Frame 52D9 37 KB
15 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/4cee352c918c506f58256258d534a665.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e6b20a1535a6d3ca3d7a611ae199a6f4b464e0b67b450379ed43a7ef3e66957c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 08:48:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 186150
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15452
x-xss-protection: 0
last-modified: Tue, 02 Jan 2024 22:18:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 08 Apr 2024 08:48:22 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame EC89 1 KB
643 B 8ms
8ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 57058
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 10 Jan 2024 20:39:54 GMT
etag: 48472445140208031
expires: Thu, 11 Jan 2024 20:39:54 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Enabler_01_250.js Show response
s0.2mdn.net/879366/ Frame 22F4 120 KB
41 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_250.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6984646504748768363/index.html?e=69&leftOffset=0&topOffset=0&c=jCOXHjg1oY&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6984646504748768363/index.html?e=69&leftOffset=0&topOffset=0&c=jCOXHjg1oY&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 12:23:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 443
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42247
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 21:28:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 12 Jan 2024 12:23:29 GMT

GET
H3 200 template-23296366.js Show response
s0.2mdn.net/sadbundle/6984646504748768363/ Frame 22F4 41 KB
14 KB 14ms
13ms Script
application/x-javascript 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/6984646504748768363/template-23296366.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6984646504748768363/index.html?e=69&leftOffset=0&topOffset=0&c=jCOXHjg1oY&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94337e3c3f642558f3e7495d6257de52e6d8c0b9e9a54f1cbfc2d05328586ee3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/6984646504748768363/index.html?e=69&leftOffset=0&topOffset=0&c=jCOXHjg1oY&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires: Thu, 09 Jan 2025 11:57:28 GMT
date: Wed, 10 Jan 2024 11:57:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 88404
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14186
x-xss-protection: 0
last-modified: Wed, 10 Jan 2024 11:56:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 index-1f05739e.css
s0.2mdn.net/sadbundle/6984646504748768363/ Frame 22F4 4 KB
1 KB 12ms
12ms Stylesheet
text/css 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/6984646504748768363/index-1f05739e.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6984646504748768363/index.html?e=69&leftOffset=0&topOffset=0&c=jCOXHjg1oY&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f05739ea86ec8921211c1fcc72adb4d35c8d5ec5855c726c0aa771967b5c9ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6984646504748768363/index.html?e=69&leftOffset=0&topOffset=0&c=jCOXHjg1oY&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires: Thu, 09 Jan 2025 11:57:28 GMT
date: Wed, 10 Jan 2024 11:57:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 88404
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1456
x-xss-protection: 0
last-modified: Wed, 10 Jan 2024 11:56:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/14533031200255331927/ Frame 52D9 30 KB
30 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14533031200255331927/14763004658117789537?w=600&h=314&tw=1&q=75

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1efd2cfe9ab12946d48a63b0197d25bd798b6f78df5f858df623c8f03bf7700c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires: Wed, 08 Jan 2025 07:15:41 GMT
date: Tue, 09 Jan 2024 07:15:41 GMT
x-content-type-options: nosniff
age: 191711
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31004
x-xss-protection: 0
last-modified: Thu, 15 Sep 2022 19:57:39 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
DATA 200
OK truncated
/ Frame 52D9 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 52D9 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/svg+xml

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 42ms
42ms Preflight
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 11 Jan 2024 12:30:52 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 4702 16 KB
16 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 17:38:05 GMT
x-content-type-options: nosniff
age: 240767
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 07 Jan 2025 17:38:05 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 4702 15 KB
15 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 08:47:28 GMT
x-content-type-options: nosniff
age: 186204
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Jan 2025 08:47:28 GMT

GET
H3 200 MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js Show response
pagead2.googlesyndication.com/bg/ Frame 3B07 39 KB
15 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 12:21:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 550
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15229
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 10 Jan 2025 12:21:42 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 4702
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=ChIPeet-fZaeTJKmT9fgP0s-D2AnL6OrNbayDp7SuEsXbibyFKhABIJnv7xFglYq2gsQHoAHz08vTA8gBCakCy-cgq6ttsj6oAwHIA8sEqgSCAk_Q1Gst7Xi4ONoVmjV3Q53ibD0E44ku75A...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%228853990773378149669%22,%22debug_reporting%22:true,%22destination%22:%22https://warthunder.com%22,%22event_report_window%22...

0
0

44ms
44ms

Fetch
text/css

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%228853990773378149669%22,%22debug_reporting%22:true,%22destination%22:%22https://warthunder.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22980609523%22],%2222%22:[%22true%22],%224%22:[%2201-11%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2212341781001955422945%22}&andc=true

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 12:30:52 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"8853990773378149669","debug_reporting":true,"destination":"https://warthunder.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["980609523"],"22":["true"],"4":["01-11"],"6":["true"]},"priority":"500","source_event_id":"12341781001955422945"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 11 Jan 2024 12:30:52 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 11 Jan 2024 12:30:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"8853990773378149669","debug_reporting":true,"destination":"https://warthunder.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["980609523"],"22":["true"],"4":["01-11"],"6":["true"]},"priority":"500","source_event_id":"12341781001955422945"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 52D9 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5003d70e179ceda598972f50d9260b23f98c42a67091545d256593c4e15705a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EC89
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEOuj_eKou2l9CgOeHsY2a8A&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEOuj_eKou2l9CgOeHsY2a8A&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=QllFZmhVenkxUm5VY1k1&google_gid=CAESEOuj_eKou2l9CgOeHsY2a8A&google_cver=1&google_push=AXcoOmRHrgpdHxmpFjEkijYQPR1c27TpRXTjiILYsY0MUXK...

170 B
188 B

23ms
23ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=QllFZmhVenkxUm5VY1k1&google_gid=CAESEOuj_eKou2l9CgOeHsY2a8A&google_cver=1&google_push=AXcoOmRHrgpdHxmpFjEkijYQPR1c27TpRXTjiILYsY0MUXKsPjeMgA4XQfs-k8vmKNH7VzaAZLfqIPBwkqeWw2t8V33veSQBdFhdE4s

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 12:30:52 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 11 Jan 2024 12:30:52 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-0f7f5cc7c951f6e61@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=QllFZmhVenkxUm5VY1k1&google_gid=CAESEOuj_eKou2l9CgOeHsY2a8A&google_cver=1&google_push=AXcoOmRHrgpdHxmpFjEkijYQPR1c27TpRXTjiILYsY0MUXKsPjeMgA4XQfs-k8vmKNH7VzaAZLfqIPBwkqeWw2t8V33veSQBdFhdE4s
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EC89
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEBX4d0guxa5uL5vjNjFtKmc&google_cver=1&google_push=AXcoOmTuHQg4qZvogmnseZlt0TZdqP-1ViHRkLo1yLPIPedzhHnhGg7tYzfVH0xIeGEFBSu-WmeJXm3F9QJKaw5I7jh4iUhWXA5Lp1c
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=9534B0BCF99C4A468E610B0F224F66F4&google_push=AXcoOmTuHQg4qZvogmnseZlt0TZdqP-1ViHRkLo1yLPIPedzhHnhGg7tYzfVH0xIeGEFBSu-WmeJXm3F9QJKaw5...

170 B
188 B

17ms
17ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=9534B0BCF99C4A468E610B0F224F66F4&google_push=AXcoOmTuHQg4qZvogmnseZlt0TZdqP-1ViHRkLo1yLPIPedzhHnhGg7tYzfVH0xIeGEFBSu-WmeJXm3F9QJKaw5I7jh4iUhWXA5Lp1c

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 12:30:52 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 11 Jan 2024 12:30:52 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=9534B0BCF99C4A468E610B0F224F66F4&google_push=AXcoOmTuHQg4qZvogmnseZlt0TZdqP-1ViHRkLo1yLPIPedzhHnhGg7tYzfVH0xIeGEFBSu-WmeJXm3F9QJKaw5I7jh4iUhWXA5Lp1c
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Wed, 10 Jan 2024 12:30:52 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EC89
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESENiN9Gh6Ij423ZQlx_L1W2M&google_cver=1&google_push=AXcoOmT4NcUr92kE8ncv8Bj5WLDNXyakkCd5hCXn2wupo6xU9sZZPIjRpYO2wTMYi8qIouHTp22G0aGV...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESENiN9Gh6Ij423ZQlx_L1W2M&google_cver=1&google_push=AXcoOmT4NcUr92kE8ncv8Bj5WLDNXyakkCd5hCXn2wupo6xU9sZZPIjRpYO2wTMYi8qIouHTp22...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTI4NTk2NzE2NjQwNzEzNzYzNg&google_push=AXcoOmT4NcUr92kE8ncv8Bj5WLDNXyakkCd5hCXn2wupo6xU9sZZPIjRpYO2wTMYi8qIouHTp22G0a...

170 B
188 B

19ms
18ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTI4NTk2NzE2NjQwNzEzNzYzNg&google_push=AXcoOmT4NcUr92kE8ncv8Bj5WLDNXyakkCd5hCXn2wupo6xU9sZZPIjRpYO2wTMYi8qIouHTp22G0aGVpuUKb2mCdOjLaOn-_-U5T0U

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 12:30:52 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 11 Jan 2024 12:30:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTI4NTk2NzE2NjQwNzEzNzYzNg&google_push=AXcoOmT4NcUr92kE8ncv8Bj5WLDNXyakkCd5hCXn2wupo6xU9sZZPIjRpYO2wTMYi8qIouHTp22G0aGVpuUKb2mCdOjLaOn-_-U5T0U
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EC89
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEM4vU5BYJK_EuJ-tFnRTlbc&google_cver=1&google_push=AXcoOmSWTVbm7gQ9JF0L5QMKYyA6bZkTI8MTDjkatktBfKYp33Krtw41Ay06rc13kgV6WtU-fN30ZlJhTv5IUt4WqT2yZlY...
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEM4vU5BYJK_EuJ-tFnRTlbc&google_cver=1&google_push=AXcoOmSWTVbm7gQ9JF0L5QMKYyA6bZkTI8MTDjkatktBfKYp33Krtw41Ay06rc13kgV6WtU-fN30ZlJhTv5IUt4WqT2yZ...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmSWTVbm7gQ9JF0L5QMKYyA6bZkTI8MTDjkatktBfKYp33Krtw41Ay06rc13kgV6WtU-fN30ZlJhTv5IUt4WqT2yZlYYXvj7_Xg

170 B
188 B

17ms
17ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmSWTVbm7gQ9JF0L5QMKYyA6bZkTI8MTDjkatktBfKYp33Krtw41Ay06rc13kgV6WtU-fN30ZlJhTv5IUt4WqT2yZlYYXvj7_Xg

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 12:30:52 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmSWTVbm7gQ9JF0L5QMKYyA6bZkTI8MTDjkatktBfKYp33Krtw41Ay06rc13kgV6WtU-fN30ZlJhTv5IUt4WqT2yZlYYXvj7_Xg
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame EC89 43 B
363 B 45ms
14ms Image
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmR7S22Ftkf7p_uD8VGq_zsJW1XsylHrw0DHIkDN42Lc-KAyqItZRjGlYc2lTGZxVryS7P-jtRqNdZJF6468aDxl_SSm520rOSU&google_gid=CAESEHcPo7aeoQ0JHbvkwFB2Yls&google_cver=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 12:30:52 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 291837
expires: Thu, 11 Jan 2024 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EC89
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESENiN9Gh6Ij423ZQlx_L1W2M&google_cver=1&google_push=AXcoOmRRAhceqV_bXG16jPluAIXozID0eskC0sT6E2-i8--tKjIhuPfehRk5hpkf5rK5KsA89IBlKZzE...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESENiN9Gh6Ij423ZQlx_L1W2M&google_cver=1&google_push=AXcoOmRRAhceqV_bXG16jPluAIXozID0eskC0sT6E2-i8--tKjIhuPfehRk5hpkf5rK5KsA89IB...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTQ4MDQyMDA3MjU1NzExOTIzNg&google_push=AXcoOmRRAhceqV_bXG16jPluAIXozID0eskC0sT6E2-i8--tKjIhuPfehRk5hpkf5rK5KsA89IBlKZ...

170 B
188 B

18ms
17ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTQ4MDQyMDA3MjU1NzExOTIzNg&google_push=AXcoOmRRAhceqV_bXG16jPluAIXozID0eskC0sT6E2-i8--tKjIhuPfehRk5hpkf5rK5KsA89IBlKZzEKD1Dj-_8l2_5UDl0-7b8_eU

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 12:30:52 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 11 Jan 2024 12:30:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTQ4MDQyMDA3MjU1NzExOTIzNg&google_push=AXcoOmRRAhceqV_bXG16jPluAIXozID0eskC0sT6E2-i8--tKjIhuPfehRk5hpkf5rK5KsA89IBlKZzEKD1Dj-_8l2_5UDl0-7b8_eU
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

report
sync.teads.tv/um/ Frame EC89
Redirect Chain

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEIWu0IxRMHWH...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmRz6tM142yF987C24W4ritbDjH3LXBFm7_kGnHF5E06LvgDZz7pjg2wJ5PVgY-L-ESY0hXXrp7Cl4-2YYcNhll9H-b9UN2bRwQu
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
163 B

34ms
34ms

Image
image/gif

2.16.97.41
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Protocol: H2
Server: 2.16.97.41 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-16-97-41.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires: Thu, 11 Jan 2024 12:30:52 GMT
pragma: no-cache
date: Thu, 11 Jan 2024 12:30:52 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Thu, 11 Jan 2024 12:30:52 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame EC89 0
12 B 16ms
15ms Image
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Ia3pOBNaMj-UfwBCnJX-LYzPRs5BbM-aZNkRy_Ozz3Xffzbi3EnKd0SftWqWxAOvukJbY6Kg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 12:30:52 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 Fq6oDGdSocwEj5ustB2bn5Kla54CG7w9cuWyRfTyGJI.js Show response
pagead2.googlesyndication.com/bg/ Frame 4446 50 KB
19 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Fq6oDGdSocwEj5ustB2bn5Kla54CG7w9cuWyRfTyGJI.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

16aea80c6752a1cc048f9bacb41d9b9f92a56b9e021bbc3d72e5b245f4f21892

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 08:44:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 186362
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19690
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 08 Jan 2025 08:44:50 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame F88A 0
0 45ms
44ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuSbhl5GL2EdYGDqsO7q3qzFLzeIIy-rfiZPVMe3dG4Zji0eRv_y8HESOT4BK7tHRk9_mMRTvOeSey7ToQHN7xm7dfOy6qV-va5SflzEFyp7tdG84J6yucahIoAplsr_izsrYzy-hpKXXoxTrnP4rqE09veyP2jzhZVUKdu-x_wqk6zWyVL8qukkkZCjykOX_uiK0uEQrcpErsIZuSb7fM4BZww0jVvUkRoPhHN2TRECpcFj-JCL9XnSlpB5UKRAXyifYjiTimY83uEWqyaUR2jrTWeIdhXBiyx8vnQRczScWr1kuwQwKqrM2-Rq5kelKVGYMRJxDcnWuj5uT115Yo0tz9lmqpnqnYASpdM-V7l118QPgaUCtKm1m5D7tsFDhNdcAxLHa4DiU0sOIji4RX9Q8VQP3DSGQ0ECoh2MVgxBTpLthsyjgkHGxlyR4CPszD6Pj0DAR7kMSpx0NdsqBojoa2Q9O9cD_hk-Nx67tdzwDl3ePKCR5UupmKAKc8zTCqobUT95ht62BDR_O7WTmCjbnxxZZcI1dcca_o22Q8dbPTCmT6OfSZQ6yVaOxR6SrIIsCcoKXneDo7gg9UFO7TQSpd5s1dPyHGPUIHtgeTsaNTDnovNJINkdOJ0HfbzIIu9Fq_GdXSpcmIDmfIr1E1nJF6CxYTRry6L1wp4hcLu0QNSzHxKfepIgqN_ncv4WhHCBD-H4aJ2hTe80b_ypWIyfgZ3Ad5hpZg3MybBKhhzRsfZkymITLhdn04UTJXNvKo_XErtomaeXWTuyqyBig5ImjViC8u7QH-b9d9mt6ke7H9bg7b5tsSUGSFXNCgfdb9f2z6PLlrN3EqmNSdwhMTmCLZDfkEE-13REoR8Fd8xIYOyKLrWrRGtsXtTd-tSkHwYqvBa0J5yF970faIhSUBWxCFv3CddCGir7vHiNyTRr_dcZO55Prz2YMLPuKPn0Z95bSwQhUP-v1Cs86HZp3-4Teg3lE14hBMS8tBkNdEkpexGCna6ooNO6lA5CwaoKjrWFOCkNS7OB8c-DIqtNNRci-HqcH0orbHnQ0PijqOTZUZY3VDLZCZPT2tSqVSjXB80lXCW0PnxII3rbXGz2fgcNhOTOtWu_gzw7bAmkm3ZHWa4qFULVgYW2MMlm7hFy-MYwScrUOfuwYLmhenG7VwWqo4lRge_AF65j7tp52IXEXchtjaI8sztBDhUc4AWB8n8R_qn707poek4o5svLSSg5-uC5EaL-xXxWKUE3T3tjUfQAawrIoeLC_gwOGBbHiMZOob_BJYPankmhLVrehitXqur_kLaUVH4YJmiuarGZdnGnh92mDSk-4Oky2p5NAer6V9Fbm34gsmUf23WiI-sr3bjGLqljtT7GUBR9kyBLIQ6cLCg1lRDlbCnvJB5ust-SGo&sai=AMfl-YSb-2Eih0ZFlsUMEQ4PJFs113gtTetH8NYIbTM9CoJgLcPTOuBnFJJhSNUOApj9J9MuQ-uwhqxtYffHT5O39a79MZI8brXA-f6dc4FYTmX8Bxs8SyPARik9acrxGM2Lufc3NVw1UE3YKlAJ1p-YOPPsYnA9PVAtH0UHvXHxWmyZKEWm3qz2fgZOv0DRUbWMMPb6I3p3zejBW8fhMtI5u4AQw8yLq5iuAylX-OCQmVsRGe6EwjbXgNrGdHcxa2OLynooBdPZwoRQj9xwN8UHgXxJdQ_CjbkSa8sFhYpEJg&sig=Cg0ArKJSzJp6ntoMB8cWEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=241&vt=11&dtpt=174&dett=3&cstd=61&cisv=r20240108.47741&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: www.csgowinner.com
URL: https://www.csgowinner.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 12:30:52 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame F88A 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 86ab859576992b7e37963b94a6e80209bf9f6efb783afb8329e0dbdc6a32be4d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 52D9 33 KB
33 KB 10ms
9ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 04:01:15 GMT
x-content-type-options: nosniff
age: 203377
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Jan 2025 04:01:15 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 52D9
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=C0a_rfN-fZah414z1-A-Y0IpYy-jqzW3Ug6e0rhLF24m8hSoQASCZ7-8RYJWKtoLEB6AB89PL0wPIAQmpAsvnIKurbbI-qAMByAPLBKoEiwJP0M9RHEAvQRMHHztMAfdkXnXbCX0SYPnj52h...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2214717448298529642889%22,%22debug_reporting%22:true,%22destination%22:%22https://warthunder.com%22,%22event_report_window%2...

0
0

43ms
43ms

Fetch
text/css

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2214717448298529642889%22,%22debug_reporting%22:true,%22destination%22:%22https://warthunder.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22980609523%22],%2222%22:[%22true%22],%224%22:[%2201-11%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%229524867499648371905%22}&andc=true

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 12:30:52 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"14717448298529642889","debug_reporting":true,"destination":"https://warthunder.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["980609523"],"22":["true"],"4":["01-11"],"6":["true"]},"priority":"500","source_event_id":"9524867499648371905"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 11 Jan 2024 12:30:52 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 11 Jan 2024 12:30:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"14717448298529642889","debug_reporting":true,"destination":"https://warthunder.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["980609523"],"22":["true"],"4":["01-11"],"6":["true"]},"priority":"500","source_event_id":"9524867499648371905"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 85ms
66ms XHR
application/json 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240109&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5bdf46bf54a927eeb6fec9226f4e14ec2366d3fb2c8096d68230978b9641ffbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csgowinner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 12:30:52 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12283
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 22F4 8 KB
6 KB 72ms
58ms XHR
application/json 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_250&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c22fcdb6cf5ad3a8344e47713ede91e1c4b6e59337e400160211d2266b1d2ec4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 12:30:52 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5914
x-xss-protection: 0

GET
H3 200 kacheln.svg
s0.2mdn.net/4528404/1693566003742/ Frame 22F4 1 KB
508 B 15ms
15ms Image
image/svg+xml 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528404/1693566003742/kacheln.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6f53e834474e33540f149e24fb765f3ccbb808b07c2e650ae1aafdb165611c15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/6984646504748768363/index.html?e=69&leftOffset=0&topOffset=0&c=jCOXHjg1oY&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 09:00:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 12652
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 482
x-xss-protection: 0
last-modified: Fri, 01 Sep 2023 11:00:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 12 Jan 2024 09:00:00 GMT

GET
H3 200 agata.png
s0.2mdn.net/4528404/ Frame 22F4 2 MB
2 MB 18ms
18ms Image
image/png 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528404/agata.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96ba8dcd11d2e05a343a7dfe34dbae7c1fb48cda32eec0532d006b0ef2e20e37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/6984646504748768363/index.html?e=69&leftOffset=0&topOffset=0&c=jCOXHjg1oY&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 09:00:00 GMT
x-content-type-options: nosniff
age: 12652
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2436365
x-xss-protection: 0
last-modified: Fri, 01 Sep 2023 10:30:05 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 12 Jan 2024 09:00:00 GMT

GET
H3 200 logo.svg
s0.2mdn.net/4528404/1687521602712/ Frame 22F4 5 KB
2 KB 10ms
9ms Image
image/svg+xml 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528404/1687521602712/logo.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0d80991c6e4b62d5c77985c1e293aad44cc120e03aee7ae6936c79d25a0e467

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/6984646504748768363/index.html?e=69&leftOffset=0&topOffset=0&c=jCOXHjg1oY&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 22:32:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 50277
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1913
x-xss-protection: 0
last-modified: Fri, 23 Jun 2023 12:00:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 11 Jan 2024 22:32:55 GMT

GET
H3 200 cta_mit-pfeil_01.svg
s0.2mdn.net/4528404/1687937402098/ Frame 22F4 2 KB
1 KB 14ms
13ms Image
image/svg+xml 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528404/1687937402098/cta_mit-pfeil_01.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1a9cba16c5a30dc7cc3bdcbba2a45e9e2e28ec4437894302c6676369ed0ec732

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/6984646504748768363/index.html?e=69&leftOffset=0&topOffset=0&c=jCOXHjg1oY&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 03:29:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 32454
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1134
x-xss-protection: 0
last-modified: Wed, 28 Jun 2023 07:30:02 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 12 Jan 2024 03:29:58 GMT

GET
H3 200 stoerer-links-oben-pink.svg
s0.2mdn.net/4528404/1698156002479/ Frame 22F4 566 B
403 B 16ms
16ms Image
image/svg+xml 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528404/1698156002479/stoerer-links-oben-pink.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62d8e57ac9942eeefb1d01232cc721f5a059607dfb5272c0bd259397beb1550c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/6984646504748768363/index.html?e=69&leftOffset=0&topOffset=0&c=jCOXHjg1oY&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 09:15:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11741
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 377
x-xss-protection: 0
last-modified: Tue, 24 Oct 2023 14:00:02 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 12 Jan 2024 09:15:11 GMT

GET
H3 200 congstar-Stoerer_Bestes_Netz_horizontal-01.svg
s0.2mdn.net/4528404/1693580403764/ Frame 22F4 5 KB
2 KB 17ms
17ms Image
image/svg+xml 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528404/1693580403764/congstar-Stoerer_Bestes_Netz_horizontal-01.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

db2a0a3f32617aa69bf04a9c1ac37a7e2c6e9801af79bb11f25c1f4f5ec45bb7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/6984646504748768363/index.html?e=69&leftOffset=0&topOffset=0&c=jCOXHjg1oY&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 09:00:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 12652
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2160
x-xss-protection: 0
last-modified: Fri, 01 Sep 2023 15:00:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 12 Jan 2024 09:00:00 GMT

GET
H3 200 logo-d0d80991.svg
s0.2mdn.net/sadbundle/6984646504748768363/ Frame 22F4 5 KB
2 KB 19ms
19ms Image
image/svg+xml 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6984646504748768363/logo-d0d80991.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0d80991c6e4b62d5c77985c1e293aad44cc120e03aee7ae6936c79d25a0e467

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6984646504748768363/index.html?e=69&leftOffset=0&topOffset=0&c=jCOXHjg1oY&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires: Thu, 09 Jan 2025 11:57:28 GMT
date: Wed, 10 Jan 2024 11:57:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 88404
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1913
x-xss-protection: 0
last-modified: Wed, 10 Jan 2024 11:56:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

OPTIONS
H3 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 42ms
42ms Preflight
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 11 Jan 2024 12:30:52 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Fq6oDGdSocwEj5ustB2bn5Kla54CG7w9cuWyRfTyGJI.js Show response
pagead2.googlesyndication.com/bg/ Frame BDCF 50 KB
19 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Fq6oDGdSocwEj5ustB2bn5Kla54CG7w9cuWyRfTyGJI.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

16aea80c6752a1cc048f9bacb41d9b9f92a56b9e021bbc3d72e5b245f4f21892

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 08:44:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 186362
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19690
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 08 Jan 2025 08:44:50 GMT

OPTIONS
H3 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 44ms
43ms Preflight
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 11 Jan 2024 12:30:52 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 22F4 17 KB
6 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 12:30:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 11 Jan 2024 12:30:52 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 46ms
45ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csgowinner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 12:30:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 11 Jan 2024 12:30:52 GMT

GET
H3 200 InterstateCondensedBlack.woff2
s0.2mdn.net/creatives/assets/4925812/ Frame 22F4 14 KB
14 KB 13ms
13ms Font
font/woff2 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4925812/InterstateCondensedBlack.woff2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6984646504748768363/index-1f05739e.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3b7bf416424abed17314649bb71a1de7a3afc6af66840d04b730e69652e27ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/6984646504748768363/index-1f05739e.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 12:23:59 GMT
x-content-type-options: nosniff
age: 413
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14644
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 09:13:06 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 11 Jan 2024 12:38:59 GMT

GET
H3 200 InterstateCondensed.woff2
s0.2mdn.net/creatives/assets/4925812/ Frame 22F4 28 KB
28 KB 13ms
13ms Font
font/woff2 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4925812/InterstateCondensed.woff2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6984646504748768363/index-1f05739e.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

241bb801b29748e542884f7b902c02f12f6a318ba97f70224986634926dbc433

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/6984646504748768363/index-1f05739e.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 12:23:20 GMT
x-content-type-options: nosniff
age: 452
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28596
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 09:13:02 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 11 Jan 2024 12:38:20 GMT

GET
H3 200 kacheln.svg
s0.2mdn.net/4528404/1693566003742/ Frame 22F4 1 KB
508 B 13ms
12ms Image
image/svg+xml 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528404/1693566003742/kacheln.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6f53e834474e33540f149e24fb765f3ccbb808b07c2e650ae1aafdb165611c15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6984646504748768363/index.html?e=69&leftOffset=0&topOffset=0&c=jCOXHjg1oY&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 09:00:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 12652
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 482
x-xss-protection: 0
last-modified: Fri, 01 Sep 2023 11:00:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 12 Jan 2024 09:00:00 GMT

GET
H3 200 agata.png
s0.2mdn.net/4528404/ Frame 22F4 2 MB
2 MB 13ms
13ms Image
image/png 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528404/agata.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96ba8dcd11d2e05a343a7dfe34dbae7c1fb48cda32eec0532d006b0ef2e20e37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6984646504748768363/index.html?e=69&leftOffset=0&topOffset=0&c=jCOXHjg1oY&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 09:00:00 GMT
x-content-type-options: nosniff
age: 12652
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2436365
x-xss-protection: 0
last-modified: Fri, 01 Sep 2023 10:30:05 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 12 Jan 2024 09:00:00 GMT

GET
H2 200 dc_oe=ChMI_L_6vqvVgwMVHqX9Bx1-dgpOEAAYACCe44NdQhMI1_OSvqvVgwMVxVcdCR3KBAdF;dc_eps=AHas8cCRiLiveWrPPMUO4xGWTYzgv7w24BL7PKaKYgZdxcQqpnO2bQQ6ZsSeUCaWJvQcoRPH9pJs8zs;stragg=1;&timestamp=1704976252846;s...
ade.googlesyndication.com/ddm/activity/ Frame F88A 42 B
401 B 87ms
45ms Image
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI_L_6vqvVgwMVHqX9Bx1-dgpOEAAYACCe44NdQhMI1_OSvqvVgwMVxVcdCR3KBAdF;dc_eps=AHas8cCRiLiveWrPPMUO4xGWTYzgv7w24BL7PKaKYgZdxcQqpnO2bQQ6ZsSeUCaWJvQcoRPH9pJs8zs;stragg=1;&timestamp=1704976252846;str=nextSlide;strtype=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 12:30:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js Show response
pagead2.googlesyndication.com/bg/ Frame 6798 39 KB
15 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 12:21:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 550
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15229
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 10 Jan 2025 12:21:42 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame DA53 13 KB
5 KB 10ms
9ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.csgowinner.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 16742
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 11 Jan 2024 07:51:50 GMT
expires: Fri, 10 Jan 2025 07:51:50 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame DB14 829 B
561 B 21ms
20ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

fb1cf4657942417b75351bdf75fc75d2820988c97060a629a5bc59fb5dcee537

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-oG3Lc9ITOHxqPhnjDtX5_A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.csgowinner.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-oG3Lc9ITOHxqPhnjDtX5_A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 11 Jan 2024 12:30:52 GMT
expires: Thu, 11 Jan 2024 12:30:52 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3B07 0
20 B 45ms
45ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BDm7JfN-fZfyRE57K9u8P_uyp8AQAAAAAOAHgBAI&bg=!d3SldDvNAAaumcC-jpk7ADQBe5WfOEL320fvCMZwM5muOBUtAVSWmYVnCBCNczDllmmifPplsNuWHEXn0AUHgsjvnReHAgAAAL9SAAAAAWgBBwoABiu9ndEo_ZkDGCD3QuWcKckt99JTX4FwfMMWbpAWnrkKDTdkoUc11dOPw2IC_Kdn1Yrmn9jSc1L0ywahnPTNjeAgw0jQWVMWLJ0fpFjW65u9nRfl0gO765twNVtDJM67SCUe240pCw_jZFbgZetpa-sFS4Vg7DWpNxkhmmOnqfS6Ctt3vH2LylBvHL9xa8zC0YJVDzeM3KB-lB08X6QbS9kbM8rTYHfZzsh2mHvMaSZbB71Zo52eF01quegYnNelFm0zpr_u9sVaEVuh1sib7MMD6HFYLywjA6C8QmnAWWwpY3ZB_t8eDrs56b4fTAeYbtO4Qh4P-4dh1Bz0puWxYzjctE3HC6BcywbUyqSXdf_uQPl56zAXhiOl4tdr6KgxVGMe0YAw29ZsFNQhlKK0For-oT5VADubcJmHV3SHsc7yg11TXIbUSFsQbG1rM9RlROQ6iaGwkucn3c92GAzFkGU8-vLVDJ-mydeAvVhjDvVbay69UwP7P4xf3dCiCrm90cVRj1k1RWF4xFfXWNJuuYAffuZ5p6EisX_U3twqIEEffVzN9_WcrYTWQv8uFi8mWjN1ccYYK0afDU430fkII5HsLsh28mBJAeEn3AArLi0ZfvEwAQOIBMrsyqA1GV7o7VOL7CFMzr0sZihXotl1CXL5QY_ETrl5HJUgKkbzWxcde4f1FPppQpZOMcDbWRNF3tZfAnIUXDcN6SYKJ-jQX_Zn6g8f4-0NSGRM5GddFCQbPqX9ttBwHrTbFSe985xwyjPvF_ZVo64IB6DH5Q1HEZxWdBoH-9UNNk3UxU5-SLw6YmQYnWiIn_ottgjvS3rMRK58mzX1Xa8nyG-bjZdr-REFWlYhnu1haWhAqzxJJmWeQaSGIreEiRRV8zdWx-q-qDCRGWvduR6gyKMuyHBkkl8sNI_mSOp-BNJBSJvMZhX6PSd14ecuVhqyiv3yXS7cI4w5I_G-EukPT7uNsMjHVSygMR9jwPh_ntOy_Au37rtbYLBek_NMGccq4FKp1qgBEmyFmUBDEwHZmopzQEz3ZXqodEUD3WBW6VAYedzYJM8O3Q

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 12:30:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame DB14 0
0 41ms
41ms Image
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240109&jk=3579955393326667&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

GET
H3 200 MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js Show response
pagead2.googlesyndication.com/bg/ Frame DA53 39 KB
15 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 12:21:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 550
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15229
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 10 Jan 2025 12:21:42 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame DA53 0
12 B 9ms
9ms Image
text/plain 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?20Gfhg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 12:30:52 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 77C2 42 B
64 B 45ms
45ms Fetch
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstn7XlvvrZ203LbFFuJdpncs4fdXk05I_4zyfUuGCef1we9wYePK2RFmjDj8HBvYe4lN5DK-b9JnGT2_RU6wmvydQEgl8o7I2AZwB3BPqj3f2OPO8GqLD-78MJXQOJQSbIdLTd-8n4HZ3cMRAK-cBNzb17oRk4qnkx3uXAfYX83Gg-q0m-jzc4N&sai=AMfl-YSzlhR9TKXv54G2Z7roKbiB-abnQEPM97x_Evk0NOIE6MVX9iCWxS_iChjdFACWELSXKRYLz8cc3bJ38r4QKJiNvWnrWS9yUmh1uiCYZf9T8IdHayXKc_uz3NTwEpufQN0hS9W-hk5TCmMY1qIEKQ&sig=Cg0ArKJSzDHrbhdQ-u5nEAE&cid=CAQSTwAvHhf_vaHcz1NmyTsv2YZzLgcZzALxOEgSBgVMoUQp0iwHcKL39MYDoSzBJcJzFs5RSbMad6lQbTHwngPaNwLVwNda02zWh7dprZfSpLsYAQ&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240110&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271803&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1704976252085&rpt=127&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=14

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 12:30:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 44ms
43ms Image
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240109&jk=3579955393326667&bg=!paalpunNAAaumcC-jpk7ADQBe5WfOIz9_GaGSSHqsxz8PBjVfM9zFJPGhD1_KZrtVyrA-CCaZDo99dPYUv_KkuTZ9FLEAgAAADhSAAAAAmgBB5kCvRiYf9jdx4gcbfkknatT5sS3ZiNamF5SXL0S13EBV4lSX_0h2JffjHRbqjFHjNkRe7A8IV4Q2OeIKL8a_ilXiznCW5_-tPUj8W56t3xEDTl-8SnHyIl_VoPmSSsTJuLh-wGrQdKdBaDHQGQDnriSvswZqfoLbLLSxXTO1NJkgExGtguRjsgtlAx7yuTTxIsIy91o-uhCngoIOfC-aKIHhN6boY-wY7HDk1TYqIh8Pq3wXqf8dAHPtwx-mB15pjTI9UCHP0w_Y6AuIiH3uzn-WJBQF3X5XU_RpTwF6tdQ1XDektxeASEz1XLYdSOAaJqkltK3nq4bUB-ZT6OjJjlsjXHQngD85_QsPwya9i2xxDqT0GxO2ZGcXYt0XG4M8EWKQIByU1OZPCotfor_oGsZy0ijOXe4UYozp-GcBwARC-NdG6aC78Iy-_WdiBYgxjOD7yh2vSkjewcuKR55JNEM3AUtcbIlNTzKU-H0yai-BoTIel8jMeiS7zIAxzUIgK5dCcRgNZddG2AdoeNMuhSDpz_i5QkpB_ViQohnb0yOvOGHmdu_0SgbhA3tg2a_Eyt5zThCRk2D0TjoT3slnvqKRUtlu1T53ltiX2UK5RRKo-42DtuDq0ETM2csgZhnplwmfFbTu_xGMAgGS7kSgrV3HVL7ZC6bh4OckCfbTiSFhTgkhBNU5k4xLhYFv3-EICwy1Xp6kHACAkSbig0RAeJ8TcJr0n0hZPUHrr7D_OiOflnbPs4TgI_V7y080uvSdieTNnej2TMGWajtlvMkQY94m842389fyxHZ80uzjhPw1oCTBxQmdg_N0PZYIm4oFqiuqkZU8CbE2pS-FC1_m8a1XKFlY5hy-zHlz_rC5wYSAe_YTzezz_RKlShmG5ryxvQXtyo-x3NO6APAWIYVb2SF8x8UzIqnhL1_nuGMgiQF
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.csgowinner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame EB58 42 B
64 B 44ms
44ms Fetch
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu4u6_pjx6NkiBqhjhQhHcmgajE-IhfptAT0Qq7vKfBS3y1Xddn9fBK0m14F70exaRUNEXPSBRvRvtMxq4FZn59giQVhvUKZee-qr1EsGgPimB9Mj3GL8AGv_ad9m52e9Ef0XlV53d4RtgM5FlZIYXKSBQd&sai=AMfl-YQdFjw8GEVGMQh6hbkHr3zfqXpa_rlaZs0wD-cjfRD_JOrhfEnvfrfxMR4SAIZ1-7j3zSo25qqtww6asLP1_WcEXcYZksNKvpMvT-JXXtEaReDXhekDsp3JpmyJDwkW2abs25e4GcQToNESpizilg&sig=Cg0ArKJSzC8wJlzcfBG1EAE&cid=CAQSTwAvHhf_vaHcz1NmyTsv2YZzLgcZzALxOEgSBgVMoUQp0iwHcKL39MYDoSzBJcJzFs5RSbMad6lQbTHwngPaNwLVwNda02zWh7dprZfSpLsYAQ&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=103,765,1000,1112,1112&tos=103,662,235,112,0&v=20240110&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1704976252058&rpt=377&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=14

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 12:30:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 4702 42 B
64 B 44ms
44ms Fetch
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstooWPst9ekCheZZTLQxUsWw89IIlQ4xSvN4ITT_TciqSJcpKG8C1b3ZaLSjio44QJ-V_UL_284pkdDC0y-Td9xgbwWU7BcbwOfCwXj1lJd6vWQqLMxtRO_HakRNcxMmMUGWIV6sjxILWx3K-6phvLOGMdq&sai=AMfl-YRNpArSTij2M5-BqND21tAKy7H9pp2fpjft-tFEKb2rSoLag8OJ-TcW7SU5qeRV_xfU1dUf6p-u3KLUJe33Hf6TAjs3ZLTwocEVxvJhrNvkWgqG0qkLbpvIALtrDstaDSokuXMG7qwaGa7o091s-A&sig=Cg0ArKJSzOsH13UnkMJxEAE&cid=CAQSTwAvHhf_FeZ4eT9wj3YK1wUlJsrfN_zSGGIyFjWIeMgmdqhIgRPn9Y7YKaANlYguxdC63Yssh76gwPe9QZY6F3A09gcPvpJ-UUJK0ejAk5AYAQ&id=lidar2&mcvt=1000&p=0,0,280,1000&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240110&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2356769020&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1704976250569&rpt=2044&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 12:30:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F88A 0
20 B 40ms
40ms Ping
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=6052247870897&version=m202309260101&ct=76&x=1&cor=5940007214910640000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 12:30:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F88A 42 B
64 B 45ms
44ms Fetch
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsutGSwAEzNtUUm5pkAUNnjOXPbw4dn8X_X0Hpabm3tDbjIcUTsps4rBuAc9hxFtsB41sZkwzkYeQU7LAbeSGpZ9azEy0tv5SPn6ssvsFawR4HA-z0WR4OAifQtCfYCvHON-L0jmpX-Z4oDcbMLDBw9F6wJK&sai=AMfl-YQvsha7obilQevByj2PqxsLE-hoIGhwnQ-OgWBcsoFE5wlq6LbJohiyYpNU8jtpjyqyi9jfXcme8L7KPHhJoCthIcDH1Xrf0-ir3vZDhRM-4QEmfaZ2xZxgLd6xh6mfJ8bPxJFXplF3N_UznIinew&sig=Cg0ArKJSzBw8s3DcpT2yEAE&cid=CAQSTwAvHhf_vaHcz1NmyTsv2YZzLgcZzALxOEgSBgVMoUQp0iwHcKL39MYDoSzBJcJzFs5RSbMad6lQbTHwngPaNwLVwNda02zWh7dprZfSpLsYAQ&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240110&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271804&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1704976252098&rpt=375&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=14

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 12:30:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

54 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

23 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.csgowinner.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 3rfo1aqj7jtaknv1klbo4or53t
.csgowinner.com/	1970-01-21 03:12:16	Name: _ga Value: GA1.2.87196440.1704976251
.csgowinner.com/	1970-01-20 17:37:42	Name: _gid Value: GA1.2.913227435.1704976251
.csgowinner.com/	1970-01-20 17:36:16	Name: _gat Value: 1
.csgowinner.com/	1970-01-21 03:12:16	Name: _ga_8XXKX2F00B Value: GS1.2.1704976250.1.0.1704976250.0.0.0
.csgowinner.com/	1970-01-21 02:57:52	Name: __gads Value: ID=fe104226049cfe71:T=1704976250:RT=1704976250:S=ALNI_MZrGnYr6EWZqiO4Q1PtfY-sS12yHw
.csgowinner.com/	1970-01-21 02:57:52	Name: __gpi Value: UID=00000d3f715d7af0:T=1704976250:RT=1704976250:S=ALNI_Mbed9QxZLpoY48oIrz3XlkK43V5Zw
.casalemedia.com/	1970-01-21 02:21:52	Name: CMID Value: ZZ-ffE-rEtHhh8QymUIJ8QAA
.casalemedia.com/	1970-01-20 19:45:52	Name: CMPS Value: 5278
.casalemedia.com/	1970-01-20 19:45:52	Name: CMPRO Value: 5278
.doubleclick.net/	1970-01-20 21:55:28	Name: APC Value: AfxxVi6IVHvTAZtURzDlzl08k49wfcrRab5rc_FVNpSEwBarm6iLVQ
.adnxs.com/	1970-01-20 19:45:52	Name: uuid2 Value: 5337363474187544694
.adnxs.com/	1970-01-20 19:45:52	Name: anj Value: dTM7k!M41.D>6NRF']wIg2In4s'^BW!]tbPl1M>e)ZlrFUfJ+tGXxoHLA5pZD(>(9NY+RMEA/q8Rmuvg_.zz`x7ANL3If)y3KL9D3I?-b*HyP!
.doubleclick.net/	1970-01-20 17:36:19	Name: DSID Value: NO_DATA
.adnxs.com/	1970-01-21 03:12:16	Name: XANDR_PANID Value: bB89c_4n1cwlAQWh0gwQEYH1lCKqi1jKTgJL5v3gzPVGWjf6aY_d0w5xv8-RNoUFvLuhHOW2xcYD4RrN3sjxxaTJSF1lFLRvi6YgSM5W0ao.
.doubleclick.net/	1970-01-21 02:57:52	Name: IDE Value: AHWqTUkLDj8zSr7N-AJvoTLx7M2Wj6z-6BYBA37LpeqW0wValriMJ9V7xA0guF-s14o
.googleadservices.com/	1970-01-20 19:45:52	Name: ar_debug Value: 1
.w55c.net/	1970-01-21 03:07:57	Name: wfivefivec Value: BYEfhUzy1RnUcY5
.w55c.net/	1970-01-20 18:19:28	Name: matchgoogle Value: 5
.de17a.com/	1970-01-21 02:14:40	Name: guid Value: 1.3690941426931399775
.adform.net/	1970-01-20 18:20:54	Name: C Value: 1
.adform.net/	1970-01-20 19:02:40	Name: uid Value: 5480420072557119236
.simpli.fi/	1970-01-21 02:23:18	Name: suid Value: 9534B0BCF99C4A468E610B0F224F66F4

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://steamcommunity-a.akamaihd.net/economy/image//96fx96f Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ade.googlesyndication.com
c1.adform.net
cm.g.doubleclick.net
csgowinner.com
d5p.de17a.com
dis.criteo.com
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
pagead2.googlesyndication.com
pm.w55c.net
region1.google-analytics.com
s0.2mdn.net
steamcommunity-a.akamaihd.net
sync.teads.tv
tpc.googlesyndication.com
um.simpli.fi
www.csgowinner.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
104.18.36.155
142.250.181.226
142.250.186.162
142.250.186.34
142.250.186.98
178.250.1.9
18.197.162.124
185.89.211.116
2.16.97.41
2001:4860:4802:32::36
213.155.156.167
2a00:1450:4001:808::2006
2a00:1450:4001:809::2002
2a00:1450:4001:80b::2001
2a00:1450:4001:80e::2008
2a00:1450:4001:80f::200e
2a00:1450:4001:812::2003
2a00:1450:4001:813::2004
2a00:1450:4001:81c::2002
2a00:1450:4001:827::200a
2a00:1450:4001:82a::2002
2a00:1450:4001:830::2003
34.150.170.96
37.157.5.84
81.169.142.103
95.101.54.195
008a1d103902f15fdb1c191fcb1ce8954330e7b8de43d09abb08555ba609f420
02eb4635a154110cef52f4b19949630a4caa6065dfae9b4eb4c2ed5f6ad017f7
03dc6d2ed3949907c7c3a4e9bec2450fe8f54fcd4e809e5b9f52ad10e63f4899
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0cab69b0150e4b5fd510f5aa6f9523e2f9c9e861c80d8049e43ee4c866eea99e
0f38d474df76c934e63f0795a86afc2c0f43fa7f68f71f0a8dbecde5cc407fde
13ddc15256ba748a2b35949560db377c751900325c8298660c526df07b471b86
1590f871a620b6f171f4a03b2f9b06cf25c21101d71b8a3905eb0f02f7bf86bd
16aea80c6752a1cc048f9bacb41d9b9f92a56b9e021bbc3d72e5b245f4f21892
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
199d9e9059d6b7b70055caaca073e2baae78d8d60e65e7e8122eb90092eec713
1a9cba16c5a30dc7cc3bdcbba2a45e9e2e28ec4437894302c6676369ed0ec732
1d2ebef5cb88188e11bc1278256887405a23560e31c797fe3054f1beeb4a3ce8
1efd2cfe9ab12946d48a63b0197d25bd798b6f78df5f858df623c8f03bf7700c
1f00109a101b4c8502484a575255f06e62b7b9b14a9d1fc8bf0e1400fc5ad745
1f05739ea86ec8921211c1fcc72adb4d35c8d5ec5855c726c0aa771967b5c9ef
1f765c8e2fccb3263555175fc73f5fc13f8157d5ac04190f942bff8baf143f16
20d23c9cce0d600760903a969ae1dca144537dc1aec81a644cb50abdb90275f6
217c17b6cd94d35015ac89cf1c29ad469ad2cf17f1789387a9b1418da928ab00
241bb801b29748e542884f7b902c02f12f6a318ba97f70224986634926dbc433
266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d
26d5c30ccae7716608f10699d2c44f12fb51745b45a3162395a5a8a70cf498be
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2fee88926b9424bc1ace21c774a24827353f305b94905ba1c9ec632ccd3fcf3f
30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
36a084f537375d0519cc402e60b8ef780656a5acf18d7916fe2a6d2e9b6fa153
36ea03ae73d9ba9883ed8420c796d7661df4846a17aadae944941716dc97c07b
386fb406fd0b9bb1afa136a669dce629ae71a95429536e55cf715d756d414722
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
3a1ad5ad2b168fb2aa8a1b871e1b7cfc08905ff7a7d92bbeb5399642858421e8
3bc06175d6292c9a5e24f6ead52b88e82b14c80c785a218222b66d02e98f6aea
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
43c00d9db036fc9d3413c9a568f74f74c9ee90164faee944260f3fb7446dc27a
44254363fc2f102b3bf465aebcc45c1f02e2be3ac27791865be1060c00bd59b3
445babf9dee94d6c6a5f742bbc42c02f31b39be1a9506ae84cbd1105aaad9460
44df7cfc5c2ac696735be3dc6868464527d7532ba27c1b457bb5c8475dcc3917
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
44f4aee0d1453ce449f0face3ffe70707fbb83bce3c653d4faa339339b7c621a
44f6db744eeb76ff8647b8791179a3f7d92e9a8a4a0e339d907b0c4b2869224c
46fca5bc03de756ba3e8dd391fbc426e997ad3e4ec25b5d4d558097fb36fd6c8
4739c37317987b888b06374bdf8ff0171d30618629a434f6f825a5669c343c1d
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bfa891ddc3786bc6ad204bb6e25cfa3f70d4e2a2bd9a47d5d1354d1d13ea492
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5003d70e179ceda598972f50d9260b23f98c42a67091545d256593c4e15705a6
559ed27b48f52ad1c65466a95a120b8264f7dea4a23d31f2ebb3b5beca3321f6
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5ab68e592ac2d966e7007a776edf0ad97d7b3bc8b60ab1347441ab0513720cf7
5bdf46bf54a927eeb6fec9226f4e14ec2366d3fb2c8096d68230978b9641ffbb
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5d19ee104570129d5d62a2abe03a575e24fb2065f47e397e1cac255ce9a705e4
5d79022f45ec1f26e7482de77a0b71e28b1be1085b4162284af65ee787f7d53c
5da155d3ca2f5e066f6e0a45f3f9d08bbfbabe037e522642436fa2c9174f3822
5ff2033e74ba7554d446cf7b9bb6856e9a210c85ce50b5889a182494ba20c3df
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62d8e57ac9942eeefb1d01232cc721f5a059607dfb5272c0bd259397beb1550c
63e7fd3b97891f08d6f1c202a08a08dad5ba1f863e8a2ccc61e0bfaca9a63104
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
67d70e67f86468efb430662fb2617e2288984f995246d58cb7f8037b7d25d4d7
6ebc15f291d34f9c00142d250aeed6adbfb0c23a60766d5619d7e7488814d570
6f4813e4fe6dd891838e421479bf603f6d3f0d2a55b90517b875a77050471d4b
6f53e834474e33540f149e24fb765f3ccbb808b07c2e650ae1aafdb165611c15
712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca
71636cc0df2794b439212c2c77b0aab204391926b754b69dcc779f0d83778362
76271d26de2ef4a92554784dbd313ff18c2351aeca003204a110fcd7ebe31cd8
76fedb09e4f65f3aac4c2a53f5089396a3810a76d023c4fca0a4aa32205d3409
777ec37f18f4f6b8b25a28728580c4eab8b3b87a62305e67cc2da8ec33de36b2
7a519c62e734157227e61ce5209158e1b7b484b5f2b68e3ccaed1ffe444de36d
80248151b5242dbf4c2291e7d6e9140d38ccefa9d2afe5bd04929ad231750ab6
81e7f4c985fee56945a51b9640332f5406475e6682230a137ed5e63bbdf73010
84c9dc56245809e7ca7a24bd4dd1068b45bb4b7fc0a6f2004c6ae844cec0bca6
86ab859576992b7e37963b94a6e80209bf9f6efb783afb8329e0dbdc6a32be4d
8c287fb55c8e47837e5db868c506af289a781e0e23e26542a54bab953fc1ffb2
8cbbe56157eeb0b9eb02e18ac9a725364a4e49507f9097f3be666ddc608cae2f
8ec76b50a08dc1091664a0585c13e4117b7c5aacef008deb6cd2563582e20b10
94337e3c3f642558f3e7495d6257de52e6d8c0b9e9a54f1cbfc2d05328586ee3
96ba8dcd11d2e05a343a7dfe34dbae7c1fb48cda32eec0532d006b0ef2e20e37
972f7a26f860f2f122dcf2a4c5cae616df3a4a83e0c8318a1afb824c766fb651
97c530c44249746307c2b01b37eed0f53757d139bc4243798f468c71da9844da
97fe4d79aea42c609f78ad3de0492dc9aa285e7fcb2bd9f1c06e5e1ffac2cd73
9a6ba8e7f261b6df6ee177bd8acd88a5998e7b9372e25ee82f05abd02d1dffb6
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b4979df8bfc20adf5e598bfbd458bc75e31b4158b8bd4be5ce0efac6ecc9497
9dfbb8e1be036059aea6dd87bdbefa7ecada3617fb3f404ba4647ebbbf8160b1
9e26ac48adcbf43b74eff0774888dde0ad05b0593295b65574e8725ff04d24d6
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a079abd1a5c37ba2ffd78d0cc51a980b5287be75c7a889b102bcfdfcfe052f18
a3eb96eb32ba1e63c6c8e6931e50260c38c12d0ee0a36157144fc527c6a0b46c
a6bc36e79ba0dab4e04ba487397f07627e0236e281f550a1022c291b406ed859
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ab1a28b09c89595ba0f4b502bf4b905df55f92ea5cac6445ae84052ae3c8b1da
acde349098d7d482fff028104b7d8f87bf6593f5436a7d7e6ca3a543a8ecb131
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b27e8bedcc2d6768e063b1e560eac8588c5289b386f0044957d7f9b4e0dee063
b3deed8310b8f2abbb2c8c74f01ca79280dd3a3ff63ba1e100de682c79c0d0c4
b3e6114f446c5024498df5f4d31c11906c1f544fd345a952b48c947f1340d7e7
b4320212081e66aa38a7db937e407fb3a160f0facde884ac6b4edac60e01c581
c15c83c1caab654585cbc98e332e15c89d8d611b41e166a23c55155406f3a87c
c22fcdb6cf5ad3a8344e47713ede91e1c4b6e59337e400160211d2266b1d2ec4
c3b7bf416424abed17314649bb71a1de7a3afc6af66840d04b730e69652e27ac
c69de2ade9274cb24e61b4b229e5671c3ba96cb4dc3a74532bb67f334ced6eae
c73f2d32fc3e95b18ce10761f7a399dc707fe50470c9a5aea766768ff590b33a
cb3116def1a116ef898d8832dae3977d186806688e27d0f2272810d362da509c
cdad555a81d211db7836ba1f6d36e6cd1e3431a247a8ea5d61ebcfc4573d647e
cea75f64d669196195b13caf2d43afe579e7e66339fa2e59984b32c20cf913ae
d0d80991c6e4b62d5c77985c1e293aad44cc120e03aee7ae6936c79d25a0e467
d233ae3f0c2b48dc6f71e32ad7e23ba5e1d64b59af7e8d5592375d14887f3e97
d38352829ca38502cc18ecfaf0cf1e8a902b254ffaf17cc4ce4a678e89c830fa
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d77952a0a550490748d0a1fd6d8678f55d975c49393036e0383cdda47de30115
db2a0a3f32617aa69bf04a9c1ac37a7e2c6e9801af79bb11f25c1f4f5ec45bb7
db79517b7a05edf295f973e5edf5685c8c7c625c713ffc14c9221d58bd8e24da
dd3fe7feb3608b58bd773dbf60ad7b1c4f9022dd1c7744206e3eeb225a9dc259
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e100674ed0fd5275a2cabb99db8e14c19e89f9010b5da60e4c6784c2b0e522be
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4aa77873ae0f5d483f306952bfe612d98e16ef913f31c4b0673929ef86b1c65
e6b20a1535a6d3ca3d7a611ae199a6f4b464e0b67b450379ed43a7ef3e66957c
e6e78a0af9d15c55b5d09fba9285f5d4e1d9d55dcd08ac1ea914e076423d098b
e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197
ea63ce1b2a485b9800aa531b2ce16ee49c4bc14aa78ca725ccde2f9488c54725
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ec155e2c559ded82cf1599f17bd9da97b2db0510aa0b3b8778a38fadca21434b
ec950c4d2f322ea29f6f26a00d4a5290c73b8d65589f00a4145cb95c397dae74
ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6b74ce0132ebbc0b21b93fd3e33e3654d4b6c64d77a8ed8eb972a823c9f3595
f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390
fb1cf4657942417b75351bdf75fc75d2820988c97060a629a5bc59fb5dcee537
fb95b15a656443132dc0d73391a091f5226fda25d4f196708f5d6387b4dedf96
fbae080321632ad4ce06e9207ef9a534abd1d6488a96a0a4334fa768d1f93717
fd995724e7abb3af88abe834b55be70de1da605acf321aeb241a25326448cace
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48
ffd64ed138a4765a5e50d9b4f3e1741bc96b54711f2ac6c47ba5f6ac881bae29

www.csgowinner.com Open in urlscan Pro 81.169.142.103 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

216 Requests

94 %HTTPS

46 %IPv6

20 Domains

27 Subdomains

23 IPs

6 Countries

8220 kBTransfer

11628 kBSize

23 Cookies

4 Outgoing links

Page URL History

Redirected requests

216 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.csgowinner.com Open in urlscan Pro
81.169.142.103 Public Scan

Screenshot
Live screenshot

Full Image

216
Requests

94 %
HTTPS

46 %
IPv6

20
Domains

27
Subdomains

23
IPs

6
Countries

8220 kB
Transfer

11628 kB
Size

23
Cookies

216 HTTP transactions
7 data transactions