www.valorant4jp.com Open in urlscan Pro
2a00:1450:4001:82a::2013 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://valorant4jp.com/
Effective URL:
https://www.valorant4jp.com/
Submission Tags: phish.gg anti.fish automated Search All
Submission: On August 25 via api (August 25th 2023, 12:29:07 am UTC) from DE — Scanned from DE

Summary HTTP 176 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 60 IPs in 11 countries across 44 domains to perform 176 HTTP transactions. The main IP is 2a00:1450:4001:82a::2013, located in Frankfurt am Main, Germany and belongs to GOOGLE, US. The main domain is www.valorant4jp.com.
TLS certificate: Issued by GTS CA 1D4 on June 28th 2023. Valid for: 3 months.

This is the only time www.valorant4jp.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2001:4860:480... 2001:4860:4802:36::15	15169 (GOOGLE) (GOOGLE)
1 4	2a00:1450:400... 2a00:1450:4001:82a::2013	15169 (GOOGLE) (GOOGLE)
5	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:808::2008	15169 (GOOGLE) (GOOGLE)
38	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
2	151.101.193.55 151.101.193.55	54113 (FASTLY) (FASTLY)
4	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
1 2	2606:4700::68... 2606:4700::6810:7eaf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:80b::2009	15169 (GOOGLE) (GOOGLE)
2	151.101.65.44 151.101.65.44	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:802::200e	15169 (GOOGLE) (GOOGLE)
2 7	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2606:4700::68... 2606:4700::6810:5714	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	162.19.138.118 162.19.138.118	16276 (OVH) (OVH)
1	2a02:26f0:710... 2a02:26f0:7100::210:118	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	35.177.20.185 35.177.20.185	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:20:... 2606:4700:20::681a:9a9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
1	162.19.138.116 162.19.138.116	16276 (OVH) (OVH)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c07::9b	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:1691	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.102.146.192 34.102.146.192	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2600:9000:237... 2600:9000:237d:a800:a:e047:753:6381	16509 (AMAZON-02) (AMAZON-02)
3	2a02:2638:d::2 2a02:2638:d::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
1 2	34.120.107.143 34.120.107.143	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	178.250.7.13 178.250.7.13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2602:803:c004... 2602:803:c004:200::140	26667 (RUBICONPR...) (RUBICONPROJECT)
1	34.107.148.139 34.107.148.139	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a02:2638:d::a 2a02:2638:d::a	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	18.176.105.61 18.176.105.61	16509 (AMAZON-02) (AMAZON-02)
1	103.132.192.30 103.132.192.30	138552 (RTBHOUSE-...) (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD.)
1 3	172.64.148.101 172.64.148.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:372	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.192.224.226 52.192.224.226	16509 (AMAZON-02) (AMAZON-02)
1	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
15	2a00:1450:400... 2a00:1450:4001:80b::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
6	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:81c::2006	15169 (GOOGLE) (GOOGLE)
2	104.18.38.76 104.18.38.76	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	23.218.210.30 23.218.210.30	16625 (AKAMAI-AS) (AKAMAI-AS)
1	23.218.208.23 23.218.208.23	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	108.138.7.126 108.138.7.126	16509 (AMAZON-02) (AMAZON-02)
1 4	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
4 6	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
3 5	52.46.128.147 52.46.128.147	16509 (AMAZON-02) (AMAZON-02)
1	104.18.39.155 104.18.39.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
1	2.16.107.130 2.16.107.130	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 1	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
2 2	37.252.171.53 37.252.171.53	29990 (ASN-APPNEX) (ASN-APPNEX)
1	81.17.55.109 81.17.55.109	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
2 3	52.94.222.140 52.94.222.140	16509 (AMAZON-02) (AMAZON-02)
7 9	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1 1	2a05:d018:d29... 2a05:d018:d29:3605:f14:89f9:e156:6aa1	16509 (AMAZON-02) (AMAZON-02)
1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
176	60

1 2001:4860:4802:36::15 (United States) 1 redirects

ASN15169 (GOOGLE, US)

valorant4jp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::2013 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.valorant4jp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

38 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.193.55 (United States)

ASN54113 (FASTLY, US)

anymind360.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

1.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
2.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

blogger.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:7eaf (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2009 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.blogger.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.65.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:2638:3::c (France) 2 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:5714 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.19.138.118 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533569.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:7100::210:118 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

sync6.im-apps.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.177.20.185 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-177-20-185.eu-west-2.compute.amazonaws.com

spadsync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:9a9 (United States)

ASN13335 (CLOUDFLARENET, US)

script.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.116 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533567.ip-162-19-138.eu

lb.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c07::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1691 (United States)

ASN13335 (CLOUDFLARENET, US)

cadmus.script.ac	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com

oa.openxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:237d:a800:a:e047:753:6381 (United States)

ASN16509 (AMAZON-02, US)

cdn.prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:d::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.107.143 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 143.107.120.34.bc.googleusercontent.com

oajs.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.7.13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2602:803:c004:200::140 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.107.148.139 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 139.148.107.34.bc.googleusercontent.com

prebid.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:d::a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.176.105.61 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-176-105-61.ap-northeast-1.compute.amazonaws.com

pb.ladsp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.132.192.30 (Singapore)

ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG)
PTR: ip-103-132-192-30.rtbhouse.net

prebid-asia.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.64.148.101 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:372 (United States)

ASN13335 (CLOUDFLARENET, US)

mp.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.192.224.226 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-192-224-226.ap-northeast-1.compute.amazonaws.com

ds.uncn.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

google-bidout-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ead0bb94f239b6fc2872c2e7ea8bf768.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81c::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.38.76 (None, )

ASN13335 (CLOUDFLARENET, US)

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.218.210.30 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-210-30.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.218.208.23 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-208-23.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.138.7.126 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-126.fra56.r.cloudfront.net

cr-p31.ladsp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.80.39.216 (Canada) 1 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.186.98 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.46.128.147 (Ashburn, United States) 3 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.39.155 (None, )

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.16.107.130 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-107-130.deploy.static.akamaitechnologies.com

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:678:cb4:bbbb::11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.171.53 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 81.17.55.109 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.94.222.140 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 69.173.144.138 (Frankfurt am Main, Germany) 7 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3605:f14:89f9:e156:6aa1 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
57	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 116 tpc.googlesyndication.com — Cisco Umbrella Rank: 155 ead0bb94f239b6fc2872c2e7ea8bf768.safeframe.googlesyndication.com	502 KB
26	doubleclick.net 4 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 210 googleads.g.doubleclick.net — Cisco Umbrella Rank: 42 stats.g.doubleclick.net — Cisco Umbrella Rank: 93 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 371 cm.g.doubleclick.net — Cisco Umbrella Rank: 242	317 KB
12	rubiconproject.com 7 redirects fastlane.rubiconproject.com — Cisco Umbrella Rank: 545 eus.rubiconproject.com — Cisco Umbrella Rank: 588 pixel.rubiconproject.com — Cisco Umbrella Rank: 364 token.rubiconproject.com — Cisco Umbrella Rank: 617	15 KB
10	criteo.com 2 redirects gum.criteo.com — Cisco Umbrella Rank: 435 mug.criteo.com — Cisco Umbrella Rank: 2707 bidder.criteo.com — Cisco Umbrella Rank: 784	17 KB
8	amazon-adsystem.com 5 redirects s.amazon-adsystem.com — Cisco Umbrella Rank: 320 aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1071	6 KB
8	casalemedia.com 2 redirects htlb.casalemedia.com — Cisco Umbrella Rank: 609 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 484 dsum-sec.casalemedia.com — Cisco Umbrella Rank: 594	5 KB
8	googleusercontent.com blogger.googleusercontent.com — Cisco Umbrella Rank: 12807	126 KB
6	google.com region1.analytics.google.com — Cisco Umbrella Rank: 3101 www.google.com — Cisco Umbrella Rank: 2	1 KB
5	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 231	198 KB
5	valorant4jp.com 2 redirects valorant4jp.com www.valorant4jp.com	200 KB
4	ladsp.com 1 redirects pb.ladsp.com — Cisco Umbrella Rank: 68991 cr-p31.ladsp.com — Cisco Umbrella Rank: 11180	2 KB
3	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 328	240 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 222	170 KB
3	openx.net 1 redirects oajs.openx.net — Cisco Umbrella Rank: 1331 google-bidout-d.openx.net — Cisco Umbrella Rank: 1336	679 B
3	criteo.net static.criteo.net — Cisco Umbrella Rank: 621	74 KB
3	4dex.io script.4dex.io — Cisco Umbrella Rank: 1575 mp.4dex.io — Cisco Umbrella Rank: 2471	26 KB
3	blogspot.com 1.bp.blogspot.com — Cisco Umbrella Rank: 11117 2.bp.blogspot.com — Cisco Umbrella Rank: 13757	29 KB
2	adnxs.com 2 redirects secure.adnxs.com — Cisco Umbrella Rank: 465	1 KB
2	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 360	529 B
2	indexww.com js-sec.indexww.com — Cisco Umbrella Rank: 696 cdn.indexww.com — Cisco Umbrella Rank: 1662	2 KB
2	media.net prebid.media.net — Cisco Umbrella Rank: 1304 contextual.media.net — Cisco Umbrella Rank: 660	10 KB
2	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 411	1 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 334	3 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 37	21 KB
2	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 990	217 KB
2	unpkg.com 1 redirects unpkg.com — Cisco Umbrella Rank: 886	9 KB
2	anymind360.com anymind360.com — Cisco Umbrella Rank: 19197	187 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 48	135 KB
1	linkedin.com px.ads.linkedin.com — Cisco Umbrella Rank: 357	648 B
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 458	619 B
1	smartadserver.com ssbsync.smartadserver.com — Cisco Umbrella Rank: 814	132 B
1	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 864	425 B
1	stickyadstv.com ads.stickyadstv.com — Cisco Umbrella Rank: 548	653 B
1	uncn.jp ds.uncn.jp — Cisco Umbrella Rank: 26923	225 B
1	creativecdn.com prebid-asia.creativecdn.com — Cisco Umbrella Rank: 18546	182 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1120	608 B
1	uidapi.com cdn.prod.uidapi.com — Cisco Umbrella Rank: 1677	2 KB
1	openxcdn.net oa.openxcdn.net — Cisco Umbrella Rank: 1496	8 KB
1	script.ac cadmus.script.ac — Cisco Umbrella Rank: 1659	435 B
1	google.de www.google.de — Cisco Umbrella Rank: 6490	408 B
1	eu-1-id5-sync.com lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1043	406 B
1	spadsync.com spadsync.com — Cisco Umbrella Rank: 91678	92 B
1	im-apps.net sync6.im-apps.net — Cisco Umbrella Rank: 61038	288 B
1	blogger.com www.blogger.com — Cisco Umbrella Rank: 10247	157 KB
176	44

	Domain	Requested by
38	pagead2.googlesyndication.com	www.valorant4jp.com pagead2.googlesyndication.com tpc.googlesyndication.com ead0bb94f239b6fc2872c2e7ea8bf768.safeframe.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
15	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com ead0bb94f239b6fc2872c2e7ea8bf768.safeframe.googlesyndication.com googleads.g.doubleclick.net
8	googleads.g.doubleclick.net	pagead2.googlesyndication.com ead0bb94f239b6fc2872c2e7ea8bf768.safeframe.googlesyndication.com
8	blogger.googleusercontent.com	www.valorant4jp.com
7	gum.criteo.com	2 redirects anymind360.com cdn.taboola.com static.criteo.net
6	cm.g.doubleclick.net	4 redirects
6	googleads4.g.doubleclick.net	googleads.g.doubleclick.net
5	pixel.rubiconproject.com	3 redirects
5	s.amazon-adsystem.com	3 redirects ssum-sec.casalemedia.com
5	cdnjs.cloudflare.com	www.valorant4jp.com cdnjs.cloudflare.com
4	token.rubiconproject.com	4 redirects
4	dsum-sec.casalemedia.com	1 redirects ssum-sec.casalemedia.com
4	ead0bb94f239b6fc2872c2e7ea8bf768.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
4	www.google.com	tpc.googlesyndication.com ead0bb94f239b6fc2872c2e7ea8bf768.safeframe.googlesyndication.com
4	securepubads.g.doubleclick.net	www.valorant4jp.com securepubads.g.doubleclick.net
4	www.valorant4jp.com	1 redirects www.valorant4jp.com
3	aax-eu.amazon-adsystem.com	2 redirects
3	ssum-sec.casalemedia.com	1 redirects js-sec.indexww.com ssum-sec.casalemedia.com
3	s0.2mdn.net	ead0bb94f239b6fc2872c2e7ea8bf768.safeframe.googlesyndication.com
3	www.googletagservices.com	ead0bb94f239b6fc2872c2e7ea8bf768.safeframe.googlesyndication.com
3	static.criteo.net	securepubads.g.doubleclick.net anymind360.com static.criteo.net
2	secure.adnxs.com	2 redirects
2	match.adsrvr.org	ssum-sec.casalemedia.com
2	cr-p31.ladsp.com	1 redirects
2	eus.rubiconproject.com	anymind360.com eus.rubiconproject.com
2	pb.ladsp.com	anymind360.com
2	mug.criteo.com	www.valorant4jp.com
2	oajs.openx.net	1 redirects www.valorant4jp.com
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	region1.analytics.google.com	www.googletagmanager.com
2	script.4dex.io	anymind360.com script.4dex.io
2	id5-sync.com	anymind360.com
2	cdn.jsdelivr.net	anymind360.com securepubads.g.doubleclick.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	cdn.taboola.com	www.valorant4jp.com cdn.taboola.com
2	unpkg.com	1 redirects www.valorant4jp.com
2	1.bp.blogspot.com	www.valorant4jp.com
2	anymind360.com	www.valorant4jp.com anymind360.com
2	www.googletagmanager.com	www.valorant4jp.com www.googletagmanager.com
1	px.ads.linkedin.com
1	pr-bh.ybp.yahoo.com	1 redirects
1	cdn.indexww.com	ssum-sec.casalemedia.com
1	ssbsync.smartadserver.com	ssum-sec.casalemedia.com
1	ad.turn.com	1 redirects
1	ads.stickyadstv.com	ssum-sec.casalemedia.com
1	contextual.media.net	anymind360.com
1	js-sec.indexww.com	anymind360.com
1	google-bidout-d.openx.net	oa.openxcdn.net
1	ds.uncn.jp	anymind360.com
1	mp.4dex.io	anymind360.com
1	htlb.casalemedia.com	anymind360.com
1	prebid-asia.creativecdn.com	anymind360.com
1	bidder.criteo.com	anymind360.com
1	prebid.media.net	anymind360.com
1	fastlane.rubiconproject.com	anymind360.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	cdn.prod.uidapi.com	securepubads.g.doubleclick.net
1	oa.openxcdn.net	securepubads.g.doubleclick.net
1	cadmus.script.ac	script.4dex.io
1	www.google.de	www.valorant4jp.com
1	lb.eu-1-id5-sync.com	anymind360.com
1	spadsync.com	anymind360.com
1	sync6.im-apps.net	anymind360.com
1	www.blogger.com	www.valorant4jp.com
1	2.bp.blogspot.com	www.valorant4jp.com
1	valorant4jp.com	1 redirects
176	66

This site contains links to these domains. Also see Links.

Domain
twitter.com
www.youtube.com
www.twitch.tv
www.csgo4jp.com
www.blogger.com

Subject Issuer	Validity	Valid
www.valorant4jp.com GTS CA 1D4	`2023-06-28` - `2023-09-26`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
anymind360.com R3	`2023-06-27` - `2023-09-25`	3 months	crt.sh
misc-sni.blogspot.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.blogger.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2022-12-08` - `2023-12-31`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-19` - `2023-10-18`	3 months	crt.sh
*.id5-sync.com R3	`2023-08-22` - `2023-11-20`	3 months	crt.sh
*.im-apps.net DigiCert TLS RSA SHA256 2020 CA1	`2023-04-13` - `2024-04-13`	a year	crt.sh
www.spadsync.com Go Daddy Secure Certificate Authority - G2	`2023-02-20` - `2024-03-23`	a year	crt.sh
script.4dex.io Cloudflare Inc ECC CA-3	`2022-11-23` - `2023-11-22`	a year	crt.sh
*.eu-1-id5-sync.com R3	`2023-08-22` - `2023-11-20`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
script.ac E1	`2023-07-05` - `2023-10-03`	3 months	crt.sh
oa.openxcdn.net GTS CA 1D4	`2023-07-27` - `2023-10-25`	3 months	crt.sh
cdn.prod.uidapi.com R3	`2023-08-10` - `2023-11-08`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-05` - `2023-10-31`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
prebid.media.net GTS CA 1D4	`2023-07-05` - `2023-10-03`	3 months	crt.sh
*.ladsp.com GlobalSign RSA OV SSL CA 2018	`2023-05-16` - `2024-06-16`	a year	crt.sh
*.creativecdn.com RapidSSL TLS RSA CA G1	`2023-03-29` - `2024-04-28`	a year	crt.sh
casalemedia.com Cloudflare Inc ECC CA-3	`2023-05-21` - `2024-05-20`	a year	crt.sh
uncn.jp Amazon RSA 2048 M01	`2023-02-14` - `2024-02-16`	a year	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.media.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-10` - `2024-02-18`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.ads.stickyadstv.com DigiCert TLS RSA SHA256 2020 CA1	`2023-04-16` - `2024-04-16`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh

This page contains 22 frames:

Primary Page: https://www.valorant4jp.com/
Frame ID: 05250A43A132C47661A02A13F6BCA77D
Requests: 72 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230823/r20190131/zrt_lookup.html
Frame ID: 441633848B04E064D5AE8CF77BE60CEF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-7834217715001771&output=html&adk=1812271804&adf=3025194257&lmt=1692915884&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x810_l%7C308x810_r&format=0x0&url=https%3A%2F%2Fwww.valorant4jp.com%2F&ea=0&host=ca-host-pub-1556223355139109&pra=5&wgl=1&easpi=0&asro=0&asrtr=1&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692923340695&bpp=4&bdt=342&idt=208&shv=r20230823&mjsv=m202308210101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=658868696872&frm=20&pv=2&ga_vid=964544171.1692923341&ga_sid=1692923341&ga_hid=2004088850&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44796700&oid=2&pvsid=2409868342803026&tmod=1492656488&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=255
Frame ID: C11D5D62293A99DED6E7BD8E0BE57A55
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.valorant4jp.com
Frame ID: 85499993B61953EBD005C0F500CB6891
Requests: 2 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: AB6F58470A7744B004F438AF190710E8
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 307A8690CE9D43D59EF958530B1C8351
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 0FCE16893141E4931881694314D56A8E
Requests: 2 HTTP requests in this frame

Frame: https://ead0bb94f239b6fc2872c2e7ea8bf768.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 221542A81592D836725EDC94E5357FFB
Requests: 1 HTTP requests in this frame

Frame: https://ead0bb94f239b6fc2872c2e7ea8bf768.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 227D07FB313F7C6CC81C84CD7F6C03D3
Requests: 20 HTTP requests in this frame

Frame: https://ead0bb94f239b6fc2872c2e7ea8bf768.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 6B074349F215EE085FAB4A5AF0CE3AB2
Requests: 20 HTTP requests in this frame

Frame: https://ead0bb94f239b6fc2872c2e7ea8bf768.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 38EB824E4BDDA967158AAEB1C92511DB
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHn4wEQ4JWpAhjAhsHjATAB&v=APEucNWEvIBUZk9vf2zflxhu496vbBA814L6dGsWKzn_Wol5qscxlFPvpdsKnHB6DU8V42p-8NFgeYGAWvDU-6n-k9mAEwKDIw
Frame ID: 0341406445D0FC7A9825A91C0069152E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbFxQEQq9bcARjA-r7cATAB&v=APEucNUzCAY8pwFqpDu7IlFMt-5vMNxUyoOo1Fif2_97x75yifrzjsShv0nuymqGEBFB775NrZlwkenAO87-2MaTG_ECxbbGcw
Frame ID: 35A4DCA245A1DBD9497EFFD70A23ECCA
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHn4wEQ4JWpAhiaqfPvATAB&v=APEucNUyITYT4dbDMo8K1hft3g-_HSJN7WcJeMKOgj2dltTgxjlOLlpW5b6_wHN7pp4SwrLzHrXC2MUJoszr_HR5oHW50bUsEA
Frame ID: 8918732E7E598763790B8263ED77BE2D
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 0DACB5B7C00FC64A53B4DC1090883524
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 7DFDD338AFF86A73020286492C94F772
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 6C16F826EF4ACC0B25168B76509987EC
Requests: 3 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.valorant4jp.com
Frame ID: 7E8851B0238A6967AF75C1C3B90D8953
Requests: 2 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: D2E0DAE93F5543D6218773B958E2FC8D
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: FC2FEE405B73C5BA75C19A6DD1FA4C7F
Requests: 10 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUJVS55O&prvid=2034%2C2033%2C2031%2C2030%2C273%2C2029%2C233%2C2028%2C2027%2C236%2C2025%2C237%2C117%2C359%2C97%2C55%2C99%2C3012%2C3010%2C2041%2C201%2C2039%2C3007%2C246%2C4%2C203%2C2037%2C446%2C326%2C9%2C2011%2C2055%2C3022%2C3020%2C173%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C336%2C3014%2C337%2C338%2C459%2C77%2C38%2C2022%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C225%2C10000%2C228%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: 4CBF13B839C4361B17560D8977AA630B
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.valorant4jp.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: 157740D1FAD8DE10EDE1B715E6164D64
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

VALORANT4JP | 国内外のVALORANTに関する情報を掲載するニュースサイト

Page URL History Show full URLs

http://valorant4jp.com/ HTTP 301
http://www.valorant4jp.com/ HTTP 301
https://www.valorant4jp.com/ Page URL

Detected technologies

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

176
Requests

90 %
HTTPS

54 %
IPv6

44
Domains

66
Subdomains

60
IPs

11
Countries

2676 kB
Transfer

6827 kB
Size

30
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://twitter.com/VALORANT4JP

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCBt8xIT-Uv8_1wJg0teXYpw?view_as=subscriber

Search URL Search Domain Scan URL

URL: https://www.twitch.tv/valorant4jp

Search URL Search Domain Scan URL

URL: https://www.csgo4jp.com/
Title: CSGO4JP

Search URL Search Domain Scan URL

URL: https://www.blogger.com/go/blogspot-cookies
Title: Weitere Informationen

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://valorant4jp.com/ HTTP 301
http://www.valorant4jp.com/ HTTP 301
https://www.valorant4jp.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9

https://unpkg.com/beerslider/dist/BeerSlider.js HTTP 302
https://unpkg.com/beerslider@1.0.3/dist/BeerSlider.js

Request Chain 48

https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.valorant4jp.com%2F&rid=esp HTTP 302
https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.valorant4jp.com%2F&rid=esp&cc=1

Request Chain 50

https://gum.criteo.com/sid/json?origin=publishertagids&domain=valorant4jp.com&sn=ChromeSyncframe&so=0&topUrl=www.valorant4jp.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=n7mQtnxCSjNOU3oxMnZyeWxodlB4YTJGQ0hBSWhsOUhmSzhKaTZtbXZpNlhoRy9lUzhrOHpNaFU3aWE4UmkzTlpmSjRwcE0xYjNVK2IwNjgvTHFIRmJmSjFYbUpZQmpYQTJsdnV2L1JLdDByL2t5b1hxVHlxeFg1ODI3bnNzV1BTN3pEbkJWTUZSSmhlV2Z4UGF6Tm0rNjI5WXliWWp2VGdvc2JnSWg0Y1NwWXBKMW42L2t0WitaNkVzMzVsWEphSEJRbG9pRGdWTmRCMDB6c2JuVHhFeDd4SUZoa1BYVllhNEg2cTEvMXVqVk55b0RlelVPTUVvNldEQW9nOCsxRU9SL2FaNEVyN2VvYi9XRWIySmNzMTg3QzA3cjQrazRPTXBaaHNleTMvK0NBelQ1TT18&cppv=2

Request Chain 147

https://gum.criteo.com/sid/json?origin=publishertag&domain=valorant4jp.com&sn=ChromeSyncframe&so=3&topUrl=www.valorant4jp.com&bundle=rYNy319BeHM2NndIbGFQTTRFNWs4aFA5emduR3hJcE9LSUNZalRrT3ZQZExybm1VdHBPOHowWHBhSHdha0pWTHZCQlB1WVQwJTJCOG5RMUFPWGZWWUtkTVhIYWE2VkNabHJPJTJGMFhFVFp4SDhpME9NV1p2ZkNSaFJjSXElMkJ0ZzVnZ1E2QVJyeWUyWk1obUdBemVLRkFrTkNFc2JrR0ElM0QlM0Q&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=Tr5UjnwrQnZ0MTdCVGdGTFArS0ZYdU1mYk10cDhKanlCbmRWVXkyYnFuQ010TWZKcnFyUmVvMEU3Z21XVTNHWU55WnNENGxrVFBOQlZoUXJObmZZS0toUDNIYzZkZFFrckRjK1h4NlQxcjJIakxTQVF2NDdETGdsZHFkdHQzTWdZTmJXaXRxUmlHSFFEZHV6VEpVNkhkSDUyYnR4QVBONFJaTkFkSXc2UTBHaUZtakdrTFAwbGdXLzNkOXl3cHRmWUs5dFVLVmJrT2N1V0FXZkl0dlNRVFNHcWNyamRwWm5xeCtHR2Z5VkxhSDhucm5sczU0RlVkenRzem1pYTlBM2x0TmtBcTFaMkgwaUYrNnFUUUZCYi9PcDF4OXMzbysvclRBQ08va09NQWduYWdHQT18&cppv=2

Request Chain 157

https://cr-p31.ladsp.com/cookiesender/31 HTTP 302
https://cr-p31.ladsp.com/cookiesender/31?cr=true

Request Chain 158

https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.valorant4jp.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.valorant4jp.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Request Chain 160

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZOf10egdveBsFBdopx3hxwAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEC63SX61ZB37BsXImAfRjuk&google_cver=1

Request Chain 161

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZOf10egdveBsFBdopx3hxwAAFD8AAAAB&gpp=&gpp_sid= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZOf10egdveBsFBdopx3hxwAAFD8AAAAB&gpp=&gpp_sid=&dcc=t

Request Chain 162

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZOf10egdveBsFBdopx3hxwAAFD8AAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEE0YUgJZ6JQaes7dpMHPHlA&google_cver=1

Request Chain 165

https://ad.turn.com/r/cs?pid=21 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3673689741505518637

Request Chain 166

https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D46%26external_user_id%3D%24UID HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=4590427558788019863

Request Chain 169

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=gXz9BKYnS1iIfblDmLrDpA&rk=usync-other HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=gXz9BKYnS1iIfblDmLrDpA

Request Chain 170

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/53DpHrC3LZhSsNTm2TkRTA?csrc= HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-pIf5C6BE2oJaqEox9rt1HMNvWTEUkgBX3OJq1Q--~A

Request Chain 171

https://token.rubiconproject.com/token?pid=25470 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TExQVVVJNzgtSy02Q1hT HTTP 302
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEGvYGVX5ig2_YOEqBv4YqK8&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TExQVVVJNzgtSy02Q1hT&google_push=

Request Chain 172

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=bIrgJ8-eR_W_G_g__5L0Ww&rk=usync-na HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=bIrgJ8-eR_W_G_g__5L0Ww

Request Chain 173

https://token.rubiconproject.com/token?pid=36584 HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LLPUUI78-K-6CXS

Request Chain 174

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MDJiN2IzODgyZjczNjkxMzY4NTFkYWZkZjYzZmY4NGMzZTY0NDk5Mw

Request Chain 175

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESELbmBJBnIM1AsW8xP-YCPQI&google_cver=1

176 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.valorant4jp.com/
Redirect Chain

http://valorant4jp.com/
http://www.valorant4jp.com/
https://www.valorant4jp.com/

234 KB
52 KB

543ms
518ms

Document
text/html

2a00:1450:4001:82a::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.valorant4jp.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ce9e1bcbbb8b17ccf19ee7dad655809264095a1c6ab324952a7ea3874fef3dc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=0
content-encoding: gzip
content-length: 52924
content-type: text/html; charset=UTF-8
date: Fri, 25 Aug 2023 00:29:00 GMT
etag: W/"712f404fb5dc8f96e9e1323ed4ed9c2a6f20904221140bc868877fe91d66ec76"
expires: Fri, 25 Aug 2023 00:29:00 GMT
last-modified: Fri, 25 Aug 2023 00:24:44 GMT
server: GSE
x-content-type-options: nosniff
x-robots-tag: all,noodp
x-xss-protection: 1; mode=block

Redirect headers

Cache-Control: private, max-age=0
Content-Encoding: gzip
Content-Length: 177
Content-Security-Policy: frame-ancestors 'self'
Content-Type: text/html; charset=UTF-8
Date: Fri, 25 Aug 2023 00:28:59 GMT
Expires: Fri, 25 Aug 2023 00:28:59 GMT
Location: https://www.valorant4jp.com/
Server: GSE
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block

GET
H2 200 all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.8.2/css/ 54 KB
10 KB 30ms
14ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.8.2/css/all.min.css

Requested by

Host: www.valorant4jp.com
URL: https://www.valorant4jp.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

06d6e10886ed7de5561acab1935bce1c46174baa9cbd0bcb319aa3b69594131f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.valorant4jp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 00:29:00 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 6850510
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 9802
last-modified: Mon, 04 May 2020 16:10:08 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e60-d78f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9ztnRwSQaXFO28TKCADqTKcqFFJ9H8d1NmpiV0ItRSLh7iaSBrXZvlhbk61bmTNgsf0hZdKHjVt1WdB3arl8WeEFu%2BQfCYFwj2I17x7QKDKZX1cVxzdg5H9C0Gpsjdtvm%2FcvAGr4W3nD%2B8H6%2FRehvAj8"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7fbfb7dd5f6f8fe9-FRA
expires: Wed, 14 Aug 2024 00:29:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 128 KB
49 KB 54ms
23ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-130672182-2

Requested by

Host: www.valorant4jp.com
URL: https://www.valorant4jp.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

51cacbaf840ec3fb163bec67d015c67328592a000552bda26ff396e6ddbf9a66

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.valorant4jp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 00:29:00 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 50144
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 25 Aug 2023 00:29:00 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 149 KB
50 KB 70ms
31ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7834217715001771

Requested by

Host: www.valorant4jp.com
URL: https://www.valorant4jp.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e1e6237bfe4d6e54daf7f9b49428fece6455f88341fa29bdc39e75a60959a2af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.valorant4jp.com/
Origin: https://www.valorant4jp.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 00:29:00 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51081
x-xss-protection: 0
server: cafe
etag: 7204983381119359673
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 25 Aug 2023 00:29:00 GMT

GET
H2 200 ats.js Show response
anymind360.com/js/6476/ 197 KB
42 KB 37ms
7ms Script
application/javascript 151.101.193.55
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://anymind360.com/js/6476/ats.js

Requested by

Host: www.valorant4jp.com
URL: https://www.valorant4jp.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.55 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

2cc3d46893bad24788c4ad15a5b07dc9d6c5b111677ab542dfd6fcad2faff116

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.valorant4jp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

expires: Thu, 24 Aug 2023 16:23:56 GMT
date: Fri, 25 Aug 2023 00:29:00 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
age: 29104
x-guploader-uploadid: ADPycduobnL_HJNK4vP0Ay8_em3UUwzdp5Dm2_-nSR9xhwV1yA5H-4-DjdnEpCB_O5z9WE-4AmoxxuHmBikSP8dv16cP
x-cache: HIT, HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 42025
x-served-by: cache-tyo11925-TYO, cache-fra-eddf8230120-FRA
last-modified: Tue, 15 Aug 2023 07:52:56 GMT
server: UploadServer
x-timer: S1692923340.418547,VS0,VE1
etag: "86070cffdf2fa749de359219931941f4"
vary: Accept-Encoding
x-goog-generation: 1692085976773724
x-goog-hash: crc32c=GFzo0g==, md5=hgcM/98vp0neNZIZkxlB9A==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: max-age=1200
x-goog-stored-content-length: 42025
content-type: application/javascript; charset=UTF-8
accept-ranges: bytes
x-cache-hits: 48, 1

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 98 KB
29 KB 76ms
24ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.valorant4jp.com
URL: https://www.valorant4jp.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f97359c79cc8152db43855e101e88880e1df68495093aece750edcf1d0e10705

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.valorant4jp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 00:29:00 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28935
x-xss-protection: 0
server: cafe
etag: 331 / 19594 / 31077354 / config-hash: 11948005394286062217
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 25 Aug 2023 00:29:00 GMT

GET
H2 200 valorant4jp.png
1.bp.blogspot.com/-AtcEFW1JpYs/YHVHxAdhlaI/AAAAAAAAFq4/-I0n39jdGc8h4BG97td2d1c8aStuXVH6wCK4BGAYYCw/s1600/ 5 KB
6 KB 68ms
10ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-AtcEFW1JpYs/YHVHxAdhlaI/AAAAAAAAFq4/-I0n39jdGc8h4BG97td2d1c8aStuXVH6wCK4BGAYYCw/s1600/valorant4jp.png

Requested by

Host: www.valorant4jp.com
URL: https://www.valorant4jp.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

8d1082f39d6b9107d39a7c8aa0af093942dd8a0ca7991d30c3d52d40cc518cf5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.valorant4jp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 00:06:23 GMT
x-content-type-options: nosniff
age: 1357
content-disposition: inline;filename="valorant4jp.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5426
x-xss-protection: 0
server: fife
etag: "v16af"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 26 Aug 2023 00:06:23 GMT

GET
H2 200 image.webp
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgDME60rN5pi4809qAoyBaXKohJ2XoM43_umFpbkXEw9i0ylRA6ebKcKBNnlzLt2ndY1WFpmxpDIUbqqFZzDrfhi3J7PlquKjGTdol1LAzbd2-4QdhrUGbsBfEC7A3UB0AVIyVZpY7RP49tHNXg... 17 KB
17 KB 348ms
324ms Image
image/jpeg 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgDME60rN5pi4809qAoyBaXKohJ2XoM43_umFpbkXEw9i0ylRA6ebKcKBNnlzLt2ndY1WFpmxpDIUbqqFZzDrfhi3J7PlquKjGTdol1LAzbd2-4QdhrUGbsBfEC7A3UB0AVIyVZpY7RP49tHNXgfdFo95YyMrYZMZD-1t-JnFzfj6fMWcoARt9_G1AT/s16000/image.webp

Requested by

Host: www.valorant4jp.com
URL: https://www.valorant4jp.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

96cd4176cb5868f4d1491eb9c70ec0eb104e40e7da453f0c69346638af3a3b85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.valorant4jp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 00:29:00 GMT
x-content-type-options: nosniff
server: fife
etag: "v32c8"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="image.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17268
x-xss-protection: 0
expires: Sat, 26 Aug 2023 00:29:00 GMT

GET
H2 200 valorant4jp.png
2.bp.blogspot.com/-9ApgTSuZaJ8/X6wdl0jQEeI/AAAAAAAAHf8/zeLJYWAcF80ZNAbq6VTBvyDF4VKnkuA0wCK4BGAYYCw/s440/ 18 KB
18 KB 66ms
8ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2.bp.blogspot.com/-9ApgTSuZaJ8/X6wdl0jQEeI/AAAAAAAAHf8/zeLJYWAcF80ZNAbq6VTBvyDF4VKnkuA0wCK4BGAYYCw/s440/valorant4jp.png

Requested by

Host: www.valorant4jp.com
URL: https://www.valorant4jp.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

c5870676493bee314ad014fa97fd92e97bcbe180ebe8a12edb0c5999bf337180

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.valorant4jp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 22:30:55 GMT
x-content-type-options: nosniff
age: 7085
content-disposition: inline;filename="valorant4jp.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18515
x-xss-protection: 0
server: fife
etag: "v1e00"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Fri, 25 Aug 2023 22:30:55 GMT

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/ 84 KB
27 KB 16ms
13ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js

Requested by

Host: www.valorant4jp.com
URL: https://www.valorant4jp.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.valorant4jp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 00:29:00 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2524780
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 26972
last-modified: Thu, 22 Jun 2023 11:06:06 GMT
server: cloudflare
cf-cdnjs-via: cfworker/r2
etag: "64942b1e-695c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MEPKT5K6P0rjlFnyKjsxwenYg7gKW0xQ8JLr94%2BNnYLDnhaXhxg9mvMfImOkdefzqXOQAKSzPWk1r7VdBwaEH147JxhAlokb8cJqGC37f1Uy0%2BkqR1EfzmwRVwN49rF2elGdUk2kMKYNGei0kWNcTDvm"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7fbfb7dd9f978fe9-FRA
expires: Wed, 14 Aug 2024 00:29:00 GMT

GET
H2

200

BeerSlider.js Show response
unpkg.com/beerslider@1.0.3/dist/
Redirect Chain

https://unpkg.com/beerslider/dist/BeerSlider.js
https://unpkg.com/beerslider@1.0.3/dist/BeerSlider.js

25 KB
9 KB

18ms
18ms

Script
application/javascript

2606:4700::6810:7eaf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/beerslider@1.0.3/dist/BeerSlider.js

Requested by

Host: www.valorant4jp.com
URL: https://www.valorant4jp.com/

Protocol

Server

2606:4700::6810:7eaf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e30c5ee018c4b780ba605976a97f2cb2f36ae630e2c172e95e3117fc6f095597

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.valorant4jp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 00:29:01 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 10432811
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01GYY4073EA6ZD5GRX1T1YQQ7F-fra
server: cloudflare
etag: W/"6347-JjgsIw2Kakpg1rmJ9ubYQunJJ1Y"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7fbfb7e29c733631-FRA

Redirect headers

date: Fri, 25 Aug 2023 00:29:01 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: EXPIRED
fly-request-id: 01H8N1G9N53TJX0ZST70WP8DS0-fra
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
location: /beerslider@1.0.3/dist/BeerSlider.js
cache-control: public, s-maxage=600, max-age=60
cf-ray: 7fbfb7ddc9783631-FRA

GET
H2 200 cookienotice.js Show response
www.valorant4jp.com/js/ 6 KB
2 KB 17ms
15ms Script
text/javascript 2a00:1450:4001:82a::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.valorant4jp.com/js/cookienotice.js

Requested by

Host: www.valorant4jp.com
URL: https://www.valorant4jp.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.valorant4jp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 00:29:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 24 Aug 2023 15:03:27 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/javascript
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 2026
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Fri, 01 Sep 2023 00:29:00 GMT

GET
H2 200 315554011-widgets.js Show response
www.blogger.com/static/v1/widgets/ 157 KB
157 KB 67ms
9ms Script
text/javascript 2a00:1450:4001:80b::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/315554011-widgets.js

Requested by

Host: www.valorant4jp.com
URL: https://www.valorant4jp.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b9bda45768bf40df841f59aa483bc7fd9c4481f8c9e96ca8bde21a4c51bf42bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.valorant4jp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 05:54:45 GMT
x-content-type-options: nosniff
age: 66855
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 160359
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 03:55:46 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Fri, 23 Aug 2024 05:54:45 GMT

GET
H2 200 /
www.valorant4jp.com/ 145 KB
145 KB 226ms
226ms Image
text/html 2a00:1450:4001:82a::2013
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.valorant4jp.com/

Requested by

Host: www.valorant4jp.com
URL: https://www.valorant4jp.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.valorant4jp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 00:29:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 25 Aug 2023 00:24:44 GMT
server: GSE
etag: W/"712f404fb5dc8f96e9e1323ed4ed9c2a6f20904221140bc868877fe91d66ec76"
content-type: text/html; charset=UTF-8
cache-control: private, max-age=0
x-robots-tag: all,noodp
content-length: 52924
x-xss-protection: 1; mode=block
expires: Fri, 25 Aug 2023 00:29:00 GMT

GET
H2 200 prebid_2023_8_15_7_52_36.js Show response
anymind360.com/js/6476/ 453 KB
146 KB 13ms
11ms Script
application/javascript 151.101.193.55
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://anymind360.com/js/6476/prebid_2023_8_15_7_52_36.js

Requested by

Host: anymind360.com
URL: https://anymind360.com/js/6476/ats.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.55 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

5c0a9aa486348faea862e7ad0b3345d534e508a634759f46bbe8c9c08d093cb0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.valorant4jp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

expires: Tue, 15 Aug 2023 07:53:13 GMT
date: Fri, 25 Aug 2023 00:29:00 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
age: 753994
x-guploader-uploadid: ADPycdu8PpE9LapVKMLJvJdQ4reOf3No190Xusfvg1_IASRZpSKSIjnDd9MfQQ7g-4LZyJ5rRPGjoU1kfmNUlvnoBpa93Or1Ja--
x-cache: HIT, HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 148696
x-served-by: cache-tyo11920-TYO, cache-fra-eddf8230120-FRA
last-modified: Tue, 15 Aug 2023 07:52:56 GMT
server: UploadServer
x-timer: S1692923340.449503,VS0,VE1
etag: "e743669f42b02e1364cb363d8a63b925"
vary: Accept-Encoding
x-goog-generation: 1692085976794949
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-goog-hash: crc32c=+wWLFw==, md5=50Nmn0KwLhNkyzY9imO5JQ==
access-control-expose-headers: Content-Type
cache-control: max-age=31536000, public
x-goog-stored-content-length: 148696
accept-ranges: bytes
x-cache-hits: 1706, 1

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 98 KB
28 KB 76ms
59ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.valorant4jp.com
URL: https://www.valorant4jp.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bde434425bdf0435a0a99b77056cbad180e9637dc4a70c198d68f9df9af98f80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.valorant4jp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 00:29:00 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28927
x-xss-protection: 0
server: cafe
etag: 788 / 19594 / m202308210101 / config-hash: 11948005394286062217
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 25 Aug 2023 00:29:00 GMT

GET
H3 200 fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.8.2/webfonts/ 73 KB
73 KB 52ms
38ms Font
application/octet-stream 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.8.2/webfonts/fa-solid-900.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.8.2/css/all.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

091c8d18b18ad6979e690fbebe9cab8362beef4fbfc810b8170020013debec8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.8.2/css/all.min.css
Origin: https://www.valorant4jp.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 00:29:00 GMT
strict-transport-security: max-age=15780000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 712864
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 74328
last-modified: Thu, 22 Jun 2023 11:02:20 GMT
server: cloudflare
cf-cdnjs-via: cfworker/r2
etag: "64942a3c-12258"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wJkbd5E%2F1nB2gMNMnAUODx0NhvD0Rm921ZJDYht8b3vZmXLBwocera%2BC0%2BaWeHKlrqHfrTIdPtno2W%2FEO8JLpzCzumma3BU03eC2qxmZfa4cCQIQ8GvmPEDXSkuiQw5vzvPv%2FzDOZ2jc9pSCitg3dhKN"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7fbfb7de1fa3bba4-FRA
expires: Wed, 14 Aug 2024 00:29:00 GMT

GET
H3 200 fa-regular-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.8.2/webfonts/ 13 KB
14 KB 53ms
40ms Font
application/octet-stream 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.8.2/webfonts/fa-regular-400.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.8.2/css/all.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3bca595b1e3228fcfa8edc95a7c4ae364c4589e7e6e440a426cf4bbdc6687088

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.8.2/css/all.min.css
Origin: https://www.valorant4jp.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 00:29:00 GMT
strict-transport-security: max-age=15780000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1316814
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 13584
last-modified: Thu, 22 Jun 2023 11:02:20 GMT
server: cloudflare
cf-cdnjs-via: cfworker/r2
etag: "64942a3c-3510"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=poAmsEz4%2FWMFYwHwEfYTtRRl0pEbd0KfEc7u%2F9OzorRu%2FynQgJ8U75WTby6BbTKe42BTsIkSlfKiigQ1E9T8pcYSnLApyvyuxHI%2F61wxeP5jivzZ1WlfBrAd9Yo9djuG92d5JF3jJjtjatgg2rlzmceH"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7fbfb7de1fa4bba4-FRA
expires: Wed, 14 Aug 2024 00:29:00 GMT

GET
H3 200 fa-brands-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.8.2/webfonts/ 73 KB
74 KB 28ms
16ms Font
application/octet-stream 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.8.2/webfonts/fa-brands-400.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.8.2/css/all.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8e6435769dea358b59b3472298f81ca14ea97c5de7fdda93aa1e01708d14cc44

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.8.2/css/all.min.css
Origin: https://www.valorant4jp.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 00:29:00 GMT
strict-transport-security: max-age=15780000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 9952722
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 74656
last-modified: Mon, 04 May 2020 16:10:08 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e60-123a0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mBTN074XFgpWqzuuhPHTNqeIoJZ14EQPR%2FNGVz%2B1HBwaf9julaB9ZcipDIoRLA3Oe7gLV%2F9H9HsYBr1DnBCGy68nv2tWypOvvNRcee3SeYyVx%2Bn3W1%2F%2BJtRmYW%2BUEflanl6r%2BskblRU21dakC9r%2Bhjan"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7fbfb7de1fa2bba4-FRA
expires: Wed, 14 Aug 2024 00:29:00 GMT

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/valorant4jpcom/ 403 KB
51 KB 81ms
51ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/valorant4jpcom/loader.js
Requested by: Host: www.valorant4jp.com
URL: https://www.valorant4jp.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: c4a5beca996a1d4ea5e1e72f5760323d6bc7e30fdf6b2b8675301e0d6f0cc121

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.valorant4jp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-amz-version-id: fJIa5sr6CaT740Hihh.tY0ugXjTAL77s
content-encoding: gzip
via: 1.1 varnish
date: Fri, 25 Aug 2023 00:29:00 GMT
x-amz-request-id: 5MEVXHYNZR36RAZ8
age: 0
x-amz-server-side-encryption: AES256
x-cache: MISS
x-from-cache: 1
x-envoy-upstream-service-time: 10
x-amz-replication-status: FAILED
content-length: 51465
x-amz-id-2: QUPc7qm0iZVA9IClMLRsLTtCWEmh5KaRiSuT9s+1bc1cdTCVe+QRHeFAKRAGC1CrJePXaFoleO4=
x-served-by: cache-fra-eddf8230063-FRA
last-modified: Fri, 25 Aug 2023 00:29:00 UTC
server: nginx
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1692923341.602663,VS0,VE44
etag: "eeb5b1e56ab8f0b193126b1603853508495f00ba"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
abp: 18
cache-control: private,max-age=14400
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 252 KB
86 KB 32ms
31ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-0WCDZZLS7T&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-130672182-2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0308aa40f701a99e2225b502f81731ae9427809a23f9830e48b775cf2488d0be

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.valorant4jp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 00:29:00 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 87648
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 25 Aug 2023 00:29:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 29ms
6ms Script
text/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-130672182-2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.valorant4jp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 24 Aug 2023 23:49:43 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 2357
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Fri, 25 Aug 2023 01:49:43 GMT

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 73ms
12ms Preflight
application/json 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.valorant4jp.com%2F&domain=www.valorant4jp.com&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.valorant4jp.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://www.valorant4jp.com
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Fri, 25 Aug 2023 00:29:00 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 172433
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
2 KB 32ms
13ms XHR
application/json 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json

Requested by

Host: anymind360.com
URL: https://anymind360.com/js/6476/prebid_2023_8_15_7_52_36.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5e29a5238b1f20db9187804ef67247a84c5dcb46e31411584a22302d62f63b42

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.valorant4jp.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 25 Aug 2023 00:29:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 30491
x-jsd-version: 1.0.1791
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230103-FRA, cache-yyz4553-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"636-RXmghB52criuWaj+rRMhqe4rIPo"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HMyeTlCVW4bciGxeLxDjn4nQx67pgBdEc53b9gfdYzvmfhkaU45gSUi9vifn%2Fi6yvWZSL8HBwz4NYWMLxxGIFkcCbeXfDZlf1zGcbxU7HYIHJFQ5kgwP7zUXnVYyqiwvh%2BUd2%2B4AJXfViFq25Fc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 7fbfb7df1811bb7f-FRA

GET
H2 200 json Show response
gum.criteo.com/sid/ 2 B
378 B 42ms
15ms XHR
application/json 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.valorant4jp.com%2F&domain=www.valorant4jp.com&cw=1&lsw=1

Requested by

Host: anymind360.com
URL: https://anymind360.com/js/6476/prebid_2023_8_15_7_52_36.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.valorant4jp.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Fri, 25 Aug 2023 00:28:59 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.valorant4jp.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 233648
expires: 0

POST
H/1.1 200 prebid Show response
id5-sync.com/api/config/ 136 B
549 B 32ms
9ms XHR
application/json 162.19.138.118
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/config/prebid

Requested by

Host: anymind360.com
URL: https://anymind360.com/js/6476/prebid_2023_8_15_7_52_36.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.118 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533569.ip-162-19-138.eu

Software

Resource Hash

5eaacc542b2131f831f5d46e1b73bb049c87a3af02b635cf88e8cfd77250728c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.valorant4jp.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.valorant4jp.com
date: Fri, 25 Aug 2023 00:29:00 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H/1.1 200
OK pid Show response
sync6.im-apps.net/1008868/ 20 B
288 B 279ms
248ms XHR
application/json 2a02:26f0:7100::210:118
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://sync6.im-apps.net/1008868/pid
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/6476/prebid_2023_8_15_7_52_36.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100::210:118 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: a96da6903649898ab56f4309e6eb61e248f59f4c95efff3bc5e5fdd284f58c3e

Request headers

Referer: https://www.valorant4jp.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.valorant4jp.com
Date: Fri, 25 Aug 2023 00:29:00 GMT
Cache-Control: private, max-age=1800
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20
Content-Type: application/json

GET
H2 204 sync Show response
spadsync.com/ 0
92 B 90ms
26ms XHR
text/plain 35.177.20.185
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://spadsync.com/sync?snowflake=0af5b78b-7a2e-4aef-bad9-fd827daaec48
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/6476/prebid_2023_8_15_7_52_36.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.177.20.185 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-177-20-185.eu-west-2.compute.amazonaws.com
Software: openresty /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.valorant4jp.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.valorant4jp.com
date: Fri, 25 Aug 2023 00:29:00 GMT
server: openresty

GET
H/1.1 200
OK localstore.js Show response
script.4dex.io/ 4 KB
2 KB 39ms
13ms Script
application/javascript 2606:4700:20::681a:9a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/6476/prebid_2023_8_15_7_52_36.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 19037f548c23b16f66ac2e1cede1fe5bdc253589a37bd985334ca3adedd110dc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.valorant4jp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Fri, 25 Aug 2023 00:29:00 GMT
Content-Encoding: br
CF-Cache-Status: HIT
Last-Modified: Fri, 11 Aug 2023 11:58:31 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Age: 1168185
ETag: W/"7a2ddf8932b862ed5d75aa7b27e3f8c1"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3qECfmMXK0Jz5Kme0XWNEvEbSUUi%2FcQLM3a8lsts0pFRpl%2BU1Nn%2F0b2ngSE7HrgHGOWhGmub%2BdtEi33pGar3Sg8G3Iyh0Dbl3XPFpUkgJ%2FqyTx5R4Uf6Q1yCK7pB8ofZjOht7J52Rk57mCsc"}],"group":"cf-nel","max_age":604800}
Cache-Control: public, max-age=1800
Connection: keep-alive
CF-RAY: 7fbfb7df4ab8906c-FRA

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308230101/ 404 KB
127 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308230101/pubads_impl.js?cb=31077354

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

580733d61dd4adc764fe449357c79da92993563a4e24283535d7019ea15852f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.valorant4jp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 12:50:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41924
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 129911
x-xss-protection: 0
server: cafe
etag: 14269624574612719477
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Fri, 23 Aug 2024 12:50:16 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308210101/ 392 KB
132 KB 57ms
40ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308210101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7834217715001771&plah=www.valorant4jp.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7834217715001771

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7c6207c4e5cd3e8264bab376d9071076808f59c3cd6a19f40983b579f5f3e463

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.valorant4jp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 00:29:00 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 134686
x-xss-protection: 0
server: cafe
etag: 5823788859654251016
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 25 Aug 2023 00:29:00 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230823/r20190131/ Frame 4416 10 KB
5 KB 33ms
7ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230823/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7834217715001771

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0907e75ab7f4aa03bcbc01778262abd0671f8742abaca30e9816cc90a6b28935

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.valorant4jp.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2527
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4437
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 24 Aug 2023 23:46:53 GMT
etag: 9878862242593084568
expires: Thu, 07 Sep 2023 23:46:53 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 33 B
406 B 45ms
8ms XHR
application/json 162.19.138.116
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: anymind360.com
URL: https://anymind360.com/js/6476/prebid_2023_8_15_7_52_36.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.116 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533567.ip-162-19-138.eu

Software

Resource Hash

aa64aa9454d40f1368722fc4eafe6512d13352eb6ba04bb9bb71b1ed574ade5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.valorant4jp.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.valorant4jp.com
date: Fri, 25 Aug 2023 00:29:00 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H2 200 impl.20230824-7-RELEASE.js Show response
cdn.taboola.com/libtrc/ 803 KB
166 KB 10ms
10ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20230824-7-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/valorant4jpcom/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 10bc1ddaa8ccac7fa5976588a935480272d02a96579db043e71e2bbdf340552c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.valorant4jp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-amz-version-id: ah.lfLepgdAz6iY3yiij8UzqprCWXPzu
content-encoding: br
via: 1.1 varnish
date: Fri, 25 Aug 2023 00:29:00 GMT
x-amz-request-id: 1VHWCXDKR6EHTWYH
age: 22844
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 170052
x-amz-id-2: M2sV1pFxTirXuXEx0UFSsb85ARYLt3DUeaUekC7ikqB0JMfUD0wjxRjMt7I7+Nlq59zOg1EplD0=
x-served-by: cache-fra-eddf8230063-FRA
last-modified: Thu, 24 Aug 2023 10:07:31 GMT
server: AmazonS3-br
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1692923341.776427,VS0,VE0
etag: "4b3db6f26f8a3dcbe888b2a4084b9b55"
vary: Accept-Encoding
content-type: application/javascript
abp: 43
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 51324

POST
H2 204 collect
region1.analytics.google.com/g/ 0
248 B 39ms
14ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-0WCDZZLS7T&gtm=45je38n0&_p=2004088850&_gaz=1&cid=964544171.1692923341&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=1&sid=1692923340&sct=1&seg=0&dl=https%3A%2F%2Fwww.valorant4jp.com%2F&dt=VALORANT4JP%20%7C%20%E5%9B%BD%E5%86%85%E5%A4%96%E3%81%AEVALORANT%E3%81%AB%E9%96%A2%E3%81%99%E3%82%8B%E6%83%85%E5%A0%B1%E3%82%92%E6%8E%B2%E8%BC%89%E3%81%99%E3%82%8B%E3%83%8B%E3%83%A5%E3%83%BC%E3%82%B9%E3%82%B5%E3%82%A4%E3%83%88&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0WCDZZLS7T&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.valorant4jp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Aug 2023 00:29:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.valorant4jp.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
257 B 69ms
22ms Ping
text/plain 2a00:1450:400c:c07::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-0WCDZZLS7T&cid=964544171.1692923341&gtm=45je38n0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0WCDZZLS7T&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c07::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.valorant4jp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Aug 2023 00:29:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.valorant4jp.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 47ms
20ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-0WCDZZLS7T&cid=964544171.1692923341&gtm=45je38n0&aip=1&z=781758657

Requested by

Host: www.valorant4jp.com
URL: https://www.valorant4jp.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.valorant4jp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Aug 2023 00:29:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200 1027.json Show response
id5-sync.com/g/v2/ 276 B
690 B 26ms
7ms XHR
application/json 162.19.138.118
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/1027.json

Requested by

Host: anymind360.com
URL: https://anymind360.com/js/6476/prebid_2023_8_15_7_52_36.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.118 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533569.ip-162-19-138.eu

Software

Resource Hash

0d1b644ceb5a772a91e8f984e222c9e355bbdf70c06d3b050de2ed1983529c77

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.valorant4jp.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.valorant4jp.com
date: Fri, 25 Aug 2023 00:28:59 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H2 200 script.js Show response
cadmus.script.ac/dahhc4ozyvjm6/ 3 B
435 B 46ms
13ms Script
application/javascript 2606:4700::6812:1691
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cadmus.script.ac/dahhc4ozyvjm6/script.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1691 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 101ead936a2281d53dcc064b7e2a2ab0d53b92ef3ef7b34b668673007895c860

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.valorant4jp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 00:29:00 GMT
last-modified: Thu, 24 Aug 2023 18:44:35 GMT
server: cloudflare
age: 0
etag: W/"91bb09d4d286439bb4cd0efe5b4f84cf1bc11dfd"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=600,stale-while-revalidate=3600,stale-if-error=86400
cf-ray: 7fbfb7e07e8f35f4-FRA
content-length: 3

GET
H/1.1 200
OK adagio.js Show response
script.4dex.io/ 75 KB
24 KB 40ms
23ms Fetch
application/javascript 2606:4700:20::681a:9a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 773ef390c0650fce7fe2832f5427c428f943a630c21f166a316384937006720f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.valorant4jp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Fri, 25 Aug 2023 00:29:00 GMT
Content-Encoding: br
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 355525
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 11 Aug 2023 11:58:31 GMT
Server: cloudflare
ETag: W/"9d36e722f929b1726cf2a9cba00af489"
Vary: Origin, Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KBjjlJzNi6R%2FzZpTfearlxXR9Lf6Nzc3UWrN6kD%2BJOYmI4xnoCSp5YJI2QZ0fkmfnG%2FwIWfHn6qL3ZzCf1pKXkINPKW8wF%2Fsmow5wxSXTQB%2FYDU2xhTNLJK%2B%2FbZ5hzbdooug%2B5CaqvHw2Q8l"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers
Cache-Control: public, max-age=1800
CF-RAY: 7fbfb7e05e531d84-FRA

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
210 B 15ms
14ms XHR
text/plain 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=2004088850&t=pageview&_s=1&dl=https%3A%2F%2Fwww.valorant4jp.com%2F&ul=en-us&de=UTF-8&dt=VALORANT4JP%20%7C%20%E5%9B%BD%E5%86%85%E5%A4%96%E3%81%AEVALORANT%E3%81%AB%E9%96%A2%E3%81%99%E3%82%8B%E6%83%85%E5%A0%B1%E3%82%92%E6%8E%B2%E8%BC%89%E3%81%99%E3%82%8B%E3%83%8B%E3%83%A5%E3%83%BC%E3%82%B9%E3%82%B5%E3%82%A4%E3%83%88&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=806856221&gjid=2052603572&cid=964544171.1692923341&tid=UA-130672182-2&_gid=407120539.1692923341&_r=1&gtm=457e38n0&jsscut=1&z=1569021996

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.valorant4jp.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 25 Aug 2023 00:29:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.valorant4jp.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 50ms
12ms Script
application/javascript 34.102.146.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308230101/pubads_impl.js?cb=31077354
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.valorant4jp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 23:58:04 GMT
content-encoding: gzip
age: 2507456
x-guploader-uploadid: ADPycdsJEoGEdACkPhEpLcadnh3aQlj77UDinvOmb6bbnYP4ZBIZ1c4FNa4dKEFL9W-lxAEBMvtWjPiKZu_LC3LquNuUVfFyLVER
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7927
last-modified: Thu, 27 May 2021 18:30:51 GMT
server: UploadServer
etag: "df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation: 1622140251693895
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type: application/javascript
cache-control: no-transform
x-goog-stored-content-length: 7927
accept-ranges: bytes
expires: Thu, 25 Jul 2024 23:58:04 GMT

GET
H3 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
1 KB 35ms
22ms Script
application/javascript 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308230101/pubads_impl.js?cb=31077354

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.valorant4jp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 00:29:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 22157
x-jsd-version: master
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230042-FRA, cache-jnb7027-JNB
x-jsd-version-type: branch
server: cloudflare
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oSCyUfX31bQhR4Qn9PBHDcR25rK5cQ713fUN4ZfLGmLNmkGrUNGRhd7jn%2BDHzJRFb00N6R9wsgFYdJ3aoU1b54o2d%2Bx4ugj4lg%2BmgCT3zhNQSBGFnXWzhgSjtV1gXOs3yy%2BHfiguSUSf3b3QQs4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 7fbfb7e0be885c92-FRA

GET
H/1.1 200
OK uid2SecureSignal.js Show response
cdn.prod.uidapi.com/ 2 KB
2 KB 81ms
13ms Script
text/javascript 2600:9000:237d:a800:a:e047:753:6381
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308230101/pubads_impl.js?cb=31077354
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:237d:a800:a:e047:753:6381 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.valorant4jp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-amz-version-id: null
Date: Thu, 24 Aug 2023 05:08:18 GMT
Via: 1.1 73b81cd9bd041c21d2fd170c0f53e030.cloudfront.net (CloudFront)
Last-Modified: Thu, 04 May 2023 00:14:06 GMT
Server: AmazonS3
X-Amz-Cf-Pop: MUC50-P2
Age: 69643
x-amz-server-side-encryption: AES256
ETag: "4d5acbf33f4a0592ac0515db92fe88e6"
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1858
X-Amz-Cf-Id: xDKvbMy-PBvEU2ZDvucu1XB8N79E4E2ddeF30DQCmxYsTS9IxoZiYQ==

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 43 KB
13 KB 57ms
20ms Script
text/javascript 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308230101/pubads_impl.js?cb=31077354

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

14b4caf239342334bf7b8280605e60f67c33c589762047b8bd67c0552fdb80a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.valorant4jp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 00:29:00 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 03 Aug 2023 11:12:29 GMT
server: nginx
etag: W/"64cb8b9d-aa04"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 26 Aug 2023 00:29:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 397 B
608 B 36ms
14ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.valorant4jp.com&callback=_gfp_s_&client=ca-pub-7834217715001771

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308210101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7834217715001771&plah=www.valorant4jp.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ae3657fdcfa0c79eee950faead9d12a66e43a1f794f35eced5643c1eb8a65836

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.valorant4jp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 00:29:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 256
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C11D 0
188 B 85ms
85ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-7834217715001771&output=html&adk=1812271804&adf=3025194257&lmt=1692915884&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x810_l%7C308x810_r&format=0x0&url=https%3A%2F%2Fwww.valorant4jp.com%2F&ea=0&host=ca-host-pub-1556223355139109&pra=5&wgl=1&easpi=0&asro=0&asrtr=1&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692923340695&bpp=4&bdt=342&idt=208&shv=r20230823&mjsv=m202308210101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=658868696872&frm=20&pv=2&ga_vid=964544171.1692923341&ga_sid=1692923341&ga_hid=2004088850&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44796700&oid=2&pvsid=2409868342803026&tmod=1492656488&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=255

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.valorant4jp.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 25 Aug 2023 00:29:01 GMT
expires: Fri, 25 Aug 2023 00:29:01 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
148 B 28ms
26ms XHR
text/plain 2a00:1450:400c:c07::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-130672182-2&cid=964544171.1692923341&jid=806856221&gjid=2052603572&_gid=407120539.1692923341&_u=YADAAUAAAAAAACAAI~&z=1833418573

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.valorant4jp.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 25 Aug 2023 00:29:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.valorant4jp.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sync Show response
gum.criteo.com/ 46 B
287 B 17ms
16ms Script
text/javascript 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS

Requested by

Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230824-7-RELEASE.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.valorant4jp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 00:29:00 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 195235
expires: 60

GET
H2

200

esp Show response
oajs.openx.net/
Redirect Chain

https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.valorant4jp.com%2F&rid=esp
https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.valorant4jp.com%2F&rid=esp&cc=1

85 B
203 B

119ms
119ms

Fetch
application/json

34.120.107.143
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.valorant4jp.com%2F&rid=esp&cc=1
Requested by: Host: www.valorant4jp.com
URL: https://www.valorant4jp.com/
Protocol: H2
Server: 34.120.107.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 143.107.120.34.bc.googleusercontent.com
Software: / Express
Resource Hash: 243425341075713af1aa830e361f127fa434baa3088282310208928bf151cc17

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.valorant4jp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 00:29:01 GMT
via: 1.1 google
x-powered-by: Express
etag: W/"55-FNrksx20pkqP7rjfPkCoRyKbe+M"
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.valorant4jp.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85

Redirect headers

date: Fri, 25 Aug 2023 00:29:01 GMT
via: 1.1 google
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://www.valorant4jp.com
location: /esp?url=https%3A%2F%2Fwww.valorant4jp.com%2F&rid=esp&cc=1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 8549 15 KB
6 KB 16ms
13ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.valorant4jp.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

42b9a15f9b6a86e0bca2678c6a6679ed2e73777ca55d893012e685275249f702

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.valorant4jp.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 25 Aug 2023 00:29:00 GMT
server: Kestrel
server-processing-duration-in-ticks: 226354
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/ Frame 8549
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=valorant4jp.com&sn=ChromeSyncframe&so=0&topUrl=www.valorant4jp.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=n7mQtnxCSjNOU3oxMnZyeWxodlB4YTJGQ0hBSWhsOUhmSzhKaTZtbXZpNlhoRy9lUzhrOHpNaFU3aWE4UmkzTlpmSjRwcE0xYjNVK2IwNjgvTHFIRmJmSjFYbUpZQmpYQTJsdnV2L1JLdDByL2t5b1hxVHlxeFg1ODI3bn...

420 B
667 B

99ms
17ms

Fetch
application/json

178.250.7.13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=n7mQtnxCSjNOU3oxMnZyeWxodlB4YTJGQ0hBSWhsOUhmSzhKaTZtbXZpNlhoRy9lUzhrOHpNaFU3aWE4UmkzTlpmSjRwcE0xYjNVK2IwNjgvTHFIRmJmSjFYbUpZQmpYQTJsdnV2L1JLdDByL2t5b1hxVHlxeFg1ODI3bnNzV1BTN3pEbkJWTUZSSmhlV2Z4UGF6Tm0rNjI5WXliWWp2VGdvc2JnSWg0Y1NwWXBKMW42L2t0WitaNkVzMzVsWEphSEJRbG9pRGdWTmRCMDB6c2JuVHhFeDd4SUZoa1BYVllhNEg2cTEvMXVqVk55b0RlelVPTUVvNldEQW9nOCsxRU9SL2FaNEVyN2VvYi9XRWIySmNzMTg3QzA3cjQrazRPTXBaaHNleTMvK0NBelQ1TT18&cppv=2

Requested by

Host: www.valorant4jp.com
URL: https://www.valorant4jp.com/

Protocol

Server

178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

420c802bdad86b8c4640c7ea073ca85d8871f2b956eee86f79a50a47a12b8091

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Aug 2023 00:29:00 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1113794
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 25 Aug 2023 00:29:00 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=n7mQtnxCSjNOU3oxMnZyeWxodlB4YTJGQ0hBSWhsOUhmSzhKaTZtbXZpNlhoRy9lUzhrOHpNaFU3aWE4UmkzTlpmSjRwcE0xYjNVK2IwNjgvTHFIRmJmSjFYbUpZQmpYQTJsdnV2L1JLdDByL2t5b1hxVHlxeFg1ODI3bnNzV1BTN3pEbkJWTUZSSmhlV2Z4UGF6Tm0rNjI5WXliWWp2VGdvc2JnSWg0Y1NwWXBKMW42L2t0WitaNkVzMzVsWEphSEJRbG9pRGdWTmRCMDB6c2JuVHhFeDd4SUZoa1BYVllhNEg2cTEvMXVqVk55b0RlelVPTUVvNldEQW9nOCsxRU9SL2FaNEVyN2VvYi9XRWIySmNzMTg3QzA3cjQrazRPTXBaaHNleTMvK0NBelQ1TT18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 230792
content-length: 0
expires: 0

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 557 B
1 KB 178ms
132ms XHR
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13136&site_id=412270&zone_id=2318812%3B2318814&size_id=15&rp_schain=1.0,1!fourm.jp,A3177,1,,,&eid_id5-sync.com=0%5E1%5E&eid_pubcid.org=fcb38cd5-453c-4455-8d1f-296015c6de29%5E1&rf=https%3A%2F%2Fwww.valorant4jp.com%2F&tg_i.domain=valorant4jp.com&tg_i.page=https%3A%2F%2Fwww.valorant4jp.com%2F&tg_i.pbadslot=%2F83555300%2C22641570350%2FOkuhira%2FVAROLANT4JP%2FJP_V4J_pc_article_underarticle_left%3B%2F83555300%2C22641570350%2FOkuhira%2FVAROLANT4JP%2FJP_V4J_pc_article_underarticle_right&tk_flint=pbjs_lite_v7.54.4&x_source.tid=8de41aaa-ee10-4bf3-9c4d-b7d4442bcec1%3Bb8addee9-aecf-46c5-aa98-6f1e6374af4b&l_pb_bid_id=2f02da494a50ce%3B3d54f822425984&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=8de41aaa-ee10-4bf3-9c4d-b7d4442bcec1%3Bb8addee9-aecf-46c5-aa98-6f1e6374af4b&rp_maxbids=1&p_gpid=%2F83555300%2C22641570350%2FOkuhira%2FVAROLANT4JP%2FJP_V4J_pc_article_underarticle_left%3B%2F83555300%2C22641570350%2FOkuhira%2FVAROLANT4JP%2FJP_V4J_pc_article_underarticle_right&slots=2&rand=0.0387612324246811
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/6476/prebid_2023_8_15_7_52_36.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: cba3e48e13823bc9909b72fce9af75b685a90ec133091a6be1a11588af530b00

Request headers

Referer: https://www.valorant4jp.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 25 Aug 2023 00:29:01 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.valorant4jp.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 1 KB
1 KB 167ms
125ms XHR
application/json 34.107.148.139
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CUJVS55O
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/6476/prebid_2023_8_15_7_52_36.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 139.148.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 7b057a2c93ac19a0002622d5b274d8434e862f0a94c50f1758ee79ef311323ad

Request headers

Referer: https://www.valorant4jp.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 25 Aug 2023 00:29:01 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
accept-ch: Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.valorant4jp.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
expires: Fri, 25 Aug 2023 00:29:01 GMT

POST
H2 200 cdb Show response
bidder.criteo.com/ 2 KB
2 KB 119ms
65ms XHR
application/json 2a02:2638:d::a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=36&wv=7.54.4&cb=16252575742&lsavail=1

Requested by

Host: anymind360.com
URL: https://anymind360.com/js/6476/prebid_2023_8_15_7_52_36.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

ebfed7db4b0dca97cb5d09ee42f14df82fd8546edb43c7a530bab2e403e776ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.valorant4jp.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 25 Aug 2023 00:29:00 GMT
content-encoding: br
strict-transport-security: max-age=31536000; preload;
server: Kestrel
vary: Accept-Encoding, Origin
content-type: application/json
access-control-allow-origin: https://www.valorant4jp.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin

POST
H2 200 prebid Show response
pb.ladsp.com/adrequest/ 91 B
475 B 719ms
235ms XHR
application/json 18.176.105.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pb.ladsp.com/adrequest/prebid
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/6476/prebid_2023_8_15_7_52_36.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.176.105.61 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-176-105-61.ap-northeast-1.compute.amazonaws.com
Software: Logicad/DADServer /
Resource Hash: e0b196c41e6df68be6b4602f88b102c3d16abeb22175c3b6d0ea80d4fdaefece

Request headers

Referer: https://www.valorant4jp.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 25 Aug 2023 00:29:01 GMT
content-encoding: gzip
server: Logicad/DADServer
vary: Accept-Encoding, User-Agent
p3p: CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.valorant4jp.com
cache-control: private, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 104
expires: -1

POST
H2 200 prebid Show response
pb.ladsp.com/adrequest/ 91 B
476 B 718ms
233ms XHR
application/json 18.176.105.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pb.ladsp.com/adrequest/prebid
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/6476/prebid_2023_8_15_7_52_36.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.176.105.61 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-176-105-61.ap-northeast-1.compute.amazonaws.com
Software: Logicad/DADServer /
Resource Hash: e0b196c41e6df68be6b4602f88b102c3d16abeb22175c3b6d0ea80d4fdaefece

Request headers

Referer: https://www.valorant4jp.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 25 Aug 2023 00:29:01 GMT
content-encoding: gzip
server: Logicad/DADServer
vary: Accept-Encoding, User-Agent
p3p: CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.valorant4jp.com
cache-control: private, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 104
expires: -1

POST
H2 204 bids Show response
prebid-asia.creativecdn.com/bidder/prebid/ 0
182 B 512ms
165ms XHR
text/plain 103.132.192.30
RTBHOUSE-AS-AP RT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/6476/prebid_2023_8_15_7_52_36.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS: ip-103-132-192-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.valorant4jp.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.valorant4jp.com
date: Fri, 25 Aug 2023 00:29:01 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H2 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 37 B
550 B 53ms
25ms XHR
application/json 172.64.148.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=768103
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/6476/prebid_2023_8_15_7_52_36.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.148.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 66b5aef696d3e65b5bacb1c9421efc47cbdad11c9baf97549dfe4b543101987c

Request headers

Referer: https://www.valorant4jp.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 25 Aug 2023 00:29:01 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v0dp3ynXemMcVq6QZ2QCP08rDI0uiGDiWnMfcY%2F4onYdJHyHQv3diWIK0AshDew%2FSeV%2FV2xQMTnOK7NAqrZNhuACVkKigTFmGlxmRuq%2Bbt3hajKdIze3jjmbeMDTvg7h93s6AZGa"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.valorant4jp.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 7fbfb7e28c12927f-FRA
alt-svc: h3=":443"; ma=86400
content-length: 37
expires: 0

POST
H2 200 prebid Show response
mp.4dex.io/ 60 B
466 B 56ms
29ms XHR
application/json 2606:4700::6812:372
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mp.4dex.io/prebid
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/6476/prebid_2023_8_15_7_52_36.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:372 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 77b47b7a038f38916adbe760bc262fe2aa75e9f2a0d67621d19ad74e41acdb39

Request headers

Referer: https://www.valorant4jp.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain

Response headers

x-version: 3.0.0-gcp-ams
date: Fri, 25 Aug 2023 00:29:01 GMT
x-err: Shapings: no adunits with size and seat and mapping
via: 1.1 google
cf-cache-status: DYNAMIC
content-encoding: gzip
x-warn: Process Seats Booster. unable to get the seat booster engine for organization: 1236
pragma: no-cache
server: cloudflare
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.valorant4jp.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 7fbfb7e29d819000-FRA
expires: 0

POST
H/1.1 204
No Content bid.json Show response
ds.uncn.jp/pb/0/ 0
225 B 1033ms
293ms XHR
text/plain 52.192.224.226
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ds.uncn.jp/pb/0/bid.json
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/6476/prebid_2023_8_15_7_52_36.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.192.224.226 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-192-224-226.ap-northeast-1.compute.amazonaws.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.valorant4jp.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.valorant4jp.com
Date: Fri, 25 Aug 2023 00:29:02 GMT
Access-Control-Allow-Credentials: true
Server: Apache
Connection: keep-alive
Vary: Accept-Encoding

GET
H2 200 53123033797_864f1f7680_k.webp
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjGBlSeDVTShsZdiZnHhRRbMfiPCIi9j0MzPX4Oh9t4xkNkrlzzZJHn4KdHb_EOtfaQY_uL0_AiDaqHy-3cyM0wUVD8HCZQzhGqCWlTQAk53U4TUzX2q5KMPARIcIfXnnxPxn1yykTwWrLKSVbF... 24 KB
24 KB 657ms
654ms Image
image/jpeg 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjGBlSeDVTShsZdiZnHhRRbMfiPCIi9j0MzPX4Oh9t4xkNkrlzzZJHn4KdHb_EOtfaQY_uL0_AiDaqHy-3cyM0wUVD8HCZQzhGqCWlTQAk53U4TUzX2q5KMPARIcIfXnnxPxn1yykTwWrLKSVbFSHxX_syPnu9iktsuhZ0NwGCXaA7_N1EjHmDZmvQXfHM/w245-h170-p-k-no-nu/53123033797_864f1f7680_k.webp

Requested by

Host: www.valorant4jp.com
URL: https://www.valorant4jp.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

c4c69a84e3cee44c232f82e66b11602172ccd35c3d793d6708498c6f5f6ad03e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.valorant4jp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 00:29:01 GMT
x-content-type-options: nosniff
server: fife
etag: "v5301"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="53123033797_864f1f7680_k.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24895
x-xss-protection: 0
expires: Sat, 26 Aug 2023 00:29:01 GMT

GET
H2 200 EP7_Act_1_Astra_Skye_1920x1080.webp
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgCrOu8RWhhn1jF-0VJfMKEp6K5mQ_m0xm3up_ijpR-WUBMYpDLyhagJyKw4PqciOWdAZegoGMVqk494zuB6VmMqbMiKQMET-vgCro3_iwjv24ESgoQh4OfasgRxyxkB9sWYfxluah4qn1Di0kt... 28 KB
28 KB 678ms
674ms Image
image/jpeg 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgCrOu8RWhhn1jF-0VJfMKEp6K5mQ_m0xm3up_ijpR-WUBMYpDLyhagJyKw4PqciOWdAZegoGMVqk494zuB6VmMqbMiKQMET-vgCro3_iwjv24ESgoQh4OfasgRxyxkB9sWYfxluah4qn1Di0ktnkOvGZ5q-E6si9QBj_bcb6KoiI1kfCqcDfozJ3jPGSU/w245-h170-p-k-no-nu/EP7_Act_1_Astra_Skye_1920x1080.webp

Requested by

Host: www.valorant4jp.com
URL: https://www.valorant4jp.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

53792c292de0470a36e001716c2566ab99110c45bd59a1171acb808031c8270b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.valorant4jp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 00:29:01 GMT
x-content-type-options: nosniff
server: fife
etag: "v52ff"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="EP7_Act_1_Astra_Skye_1920x1080.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28509
x-xss-protection: 0
expires: Sat, 26 Aug 2023 00:29:01 GMT

GET
H2 200 52987333697_64d95eb807_k.webp
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEikqdbu4WFPdMwHq7RPkSNPI98qZSQhPjCGtJkJuFmMwBr8Hj4jgzSPdjQBT6SpdDHwbyMsYGIVrl2UL1BwAjNeCaqfkq0G_60-i274VcrTAsraNsjB7jCc7awDHIf4nPAK0nyx5q2uqSg5oIKG... 19 KB
19 KB 765ms
762ms Image
image/jpeg 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEikqdbu4WFPdMwHq7RPkSNPI98qZSQhPjCGtJkJuFmMwBr8Hj4jgzSPdjQBT6SpdDHwbyMsYGIVrl2UL1BwAjNeCaqfkq0G_60-i274VcrTAsraNsjB7jCc7awDHIf4nPAK0nyx5q2uqSg5oIKGnhp0gecqf9SvsAXX7DKrks588rHU9TjqwygzgQMnPks/w245-h170-p-k-no-nu/52987333697_64d95eb807_k.webp

Requested by

Host: www.valorant4jp.com
URL: https://www.valorant4jp.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

062bb01d6d85f2dc5800f34516f86884c49b68ed9850c082dc70ef3da218e3be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.valorant4jp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 00:29:02 GMT
x-content-type-options: nosniff
server: fife
etag: "v52fd"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="52987333697_64d95eb807_k.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19726
x-xss-protection: 0
expires: Sat, 26 Aug 2023 00:29:02 GMT

GET
H2 200 53049532887_3e2591bae7_k.webp
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiu3IMZC4TPp7gi2j9LtiI3uVwM3Bs4KBVWd5LK6-H3RWz_BhXMBzKDTHJ6bCmaJRkGSDTAI3yI9a9bCHqFWeEo0gjVRBj7Q3-L7tGU-irDJzYR7mPBxEWeKRoYaWt4IMg7rG1WLPXilwx-xhls... 22 KB
22 KB 763ms
760ms Image
image/jpeg 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiu3IMZC4TPp7gi2j9LtiI3uVwM3Bs4KBVWd5LK6-H3RWz_BhXMBzKDTHJ6bCmaJRkGSDTAI3yI9a9bCHqFWeEo0gjVRBj7Q3-L7tGU-irDJzYR7mPBxEWeKRoYaWt4IMg7rG1WLPXilwx-xhls60MXdsaUh3zNibaW5b-tWi0CWV2lNi7T-bIj_8Ogu2c/w245-h170-p-k-no-nu/53049532887_3e2591bae7_k.webp

Requested by

Host: www.valorant4jp.com
URL: https://www.valorant4jp.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

d3ed26e644d17b32d3f2f1e834120ecbfc4093cee7e6cb69b868cf4504c49693

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.valorant4jp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 00:29:02 GMT
x-content-type-options: nosniff
server: fife
etag: "v52f9"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="53049532887_3e2591bae7_k.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22548
x-xss-protection: 0
expires: Sat, 26 Aug 2023 00:29:02 GMT

GET
H2 200 53109609489_e80692cdd8_k.webp
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhBPzVVj0U3SBFstioxx0uvt5SFkvvYuxiIq0kUgqjaPGv0ph_33w8dWQWduPvYq3YS_Z7B9Ee_PtW_YGFN4_qTBmkhBSp9lNXTVtqgbjWDSTzaTTbu2rpm0nEl7QRI-epKkP8Dr1T7s9VTCdAE... 5 KB
5 KB 405ms
402ms Image
image/jpeg 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhBPzVVj0U3SBFstioxx0uvt5SFkvvYuxiIq0kUgqjaPGv0ph_33w8dWQWduPvYq3YS_Z7B9Ee_PtW_YGFN4_qTBmkhBSp9lNXTVtqgbjWDSTzaTTbu2rpm0nEl7QRI-epKkP8Dr1T7s9VTCdAE6o1deAW5fKnb4UEx_1qIuVyJvSSdlOX58wg5DkKy2U4/w85-h65-p-k-no-nu/53109609489_e80692cdd8_k.webp

Requested by

Host: www.valorant4jp.com
URL: https://www.valorant4jp.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

3cb42dd38616da0283cdd828a5c40cc3042a47f5e13b21a16a258c0c2b97ec9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.valorant4jp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 00:29:01 GMT
x-content-type-options: nosniff
server: fife
etag: "v52b3"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="53109609489_e80692cdd8_k.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4934
x-xss-protection: 0
expires: Sat, 26 Aug 2023 00:29:01 GMT

GET
H2 200 53130767380_f4d65e505d_k.webp
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi_rBbUNzQOKrGnEnNXZf8e_PGW0AlBu8wP84gjCIJdHR7F1enMaLQXgWdHm6xO4gYyrV1Kmcf40NXzqhlVIgiFHtKDLMYF7idN1NZaRyEcT1UsylwBcNu6WWwV6VO0O3oFPHkEYS-nsClGaRUs... 4 KB
4 KB 334ms
331ms Image
image/jpeg 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi_rBbUNzQOKrGnEnNXZf8e_PGW0AlBu8wP84gjCIJdHR7F1enMaLQXgWdHm6xO4gYyrV1Kmcf40NXzqhlVIgiFHtKDLMYF7idN1NZaRyEcT1UsylwBcNu6WWwV6VO0O3oFPHkEYS-nsClGaRUs_bBSEkZpqBCh4YAssNI_OhcVl-1R4ge-YMcMKwNGNZg/w85-h65-p-k-no-nu/53130767380_f4d65e505d_k.webp

Requested by

Host: www.valorant4jp.com
URL: https://www.valorant4jp.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

af70a40b1933f0a2f4b14530302e381b9e6284a0fc8dbeee1d9bef17da9bdc44

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.valorant4jp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 00:29:01 GMT
x-content-type-options: nosniff
server: fife
etag: "v52af"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="53130767380_f4d65e505d_k.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4281
x-xss-protection: 0
expires: Sat, 26 Aug 2023 00:29:01 GMT

GET
H2 200 52990361264_d26e0e0f43_k.webp
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjNJq7bWaJi_cCIWQ-9vaKKTOjn2s_-lWHttiwh6dUPRs2GXL4P7FLIzaul5tCFSygJJwBiqITFYtFb79tTp6Ay1pdtq4BWYzMuQy6voAbUi-STKSgRWofSACm4sOSdk2fl-6uqx4_jQJxX366U... 5 KB
5 KB 403ms
401ms Image
image/jpeg 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjNJq7bWaJi_cCIWQ-9vaKKTOjn2s_-lWHttiwh6dUPRs2GXL4P7FLIzaul5tCFSygJJwBiqITFYtFb79tTp6Ay1pdtq4BWYzMuQy6voAbUi-STKSgRWofSACm4sOSdk2fl-6uqx4_jQJxX366UNVXjhm7Mr1tNqsMkJQhQvc2DmmOjgwz9dauWxFH03b0/w85-h65-p-k-no-nu/52990361264_d26e0e0f43_k.webp

Requested by

Host: www.valorant4jp.com
URL: https://www.valorant4jp.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

288f9a9a17d451f983feafe1450522095760d91396032bf872062495dd495633

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.valorant4jp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 00:29:01 GMT
x-content-type-options: nosniff
server: fife
etag: "v528d"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="52990361264_d26e0e0f43_k.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5273
x-xss-protection: 0
expires: Sat, 26 Aug 2023 00:29:01 GMT

GET
H2 200 valorant4jp.png
1.bp.blogspot.com/-AtcEFW1JpYs/YHVHxAdhlaI/AAAAAAAAFq4/-I0n39jdGc8h4BG97td2d1c8aStuXVH6wCK4BGAYYCw/s1600/ 5 KB
5 KB 9ms
6ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-AtcEFW1JpYs/YHVHxAdhlaI/AAAAAAAAFq4/-I0n39jdGc8h4BG97td2d1c8aStuXVH6wCK4BGAYYCw/s1600/valorant4jp.png

Requested by

Host: www.valorant4jp.com
URL: https://www.valorant4jp.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

8d1082f39d6b9107d39a7c8aa0af093942dd8a0ca7991d30c3d52d40cc518cf5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.valorant4jp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 00:06:23 GMT
x-content-type-options: nosniff
age: 1358
content-disposition: inline;filename="valorant4jp.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5426
x-xss-protection: 0
server: fife
etag: "v16af"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 26 Aug 2023 00:06:23 GMT

GET
H2 200 pd Show response
google-bidout-d.openx.net/w/1.0/ Frame AB6F 0
176 B 55ms
17ms Document
text/html 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by: Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.valorant4jp.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 20
content-type: text/html
date: Fri, 25 Aug 2023 00:29:01 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
12 KB 25ms
24ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230823&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ba1da6de2a3dce72b9bd5f169ee9b32165cd56068e6bc9f6a3ff0dc609cd3153

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.valorant4jp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 00:29:02 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11787
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 39ms
17ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.valorant4jp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 00:29:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 25 Aug 2023 00:29:02 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 307A 13 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.valorant4jp.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 3996
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 24 Aug 2023 23:22:26 GMT
expires: Fri, 23 Aug 2024 23:22:26 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 0FCE 829 B
1 KB 40ms
18ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

1eeaafe4c17f27b565159911f954d9e99dbe384b733757d0ae6049328e576ff3

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-itqaO7pu5R1kvaJNzb85CA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.valorant4jp.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 537
content-security-policy: script-src 'report-sample' 'nonce-itqaO7pu5R1kvaJNzb85CA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 25 Aug 2023 00:29:02 GMT
expires: Fri, 25 Aug 2023 00:29:02 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 PkiGnUWInYwTcBYaxbSZywLcc8a-vvuMSHFzAQqrt4s.js Show response
pagead2.googlesyndication.com/bg/ Frame 307A 37 KB
14 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/PkiGnUWInYwTcBYaxbSZywLcc8a-vvuMSHFzAQqrt4s.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e48869d45889d8c1370161ac5b499cb02dc73c6bebefb8c487173010aabb78b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 22:43:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6308
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14710
x-xss-protection: 0
last-modified: Tue, 22 Aug 2023 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 23 Aug 2024 22:43:54 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 0FCE 0
0 42ms
41ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230823&jk=2409868342803026&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 64 KB
18 KB 325ms
324ms Fetch
text/plain 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2409868342803026&correlator=661751960376684&eid=31076399%2C31077354&output=ldjh&gdfp_req=1&vrg=202308230101&ptt=17&impl=fifs&iu_parts=83555300%3A22641570350%2COkuhira%2CVAROLANT4JP%2CJP_V4J_resp_all_billboard%2CJP_V4J_resp_all_footer_right_1st%2CJP_V4J_resp_all_footer_right_2nd%2CJP_V4J_resp_article_footer_right_1st%2CJP_V4J_resp_article_footer_right_2nd%2CJP_V4J_pc_article_underarticle_left%2CJP_V4J_pc_article_underarticle_right&enc_prev_ius=%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F4%2C%2F0%2F1%2F2%2F5%2C%2F0%2F1%2F2%2F6%2C%2F0%2F1%2F2%2F7%2C%2F0%2F1%2F2%2F8%2C%2F0%2F1%2F2%2F9&prev_iu_szs=320x50%7C970x250%7C1x1%2C300x250%7C1x1%7C300x600%2C300x250%7C1x1%7C300x600%2C300x250%7C300x600%7C1x1%2C300x250%7C300x600%7C1x1%2C1x1%7C300x250%2C1x1%7C300x250&fluid=height%2C0%2C0%2C0%2C0%2C0%2C0&ifi=2&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D8eb31edb873fe1eb-22c784eb59de007b%3AT%3D1692923340%3ART%3D1692923340%3AS%3DALNI_MZ_YygWTqGA_IzlW_vcGIBdcZOllQ&gpic=UID%3D00000c67ee4fcd2b%3AT%3D1692923340%3ART%3D1692923340%3AS%3DALNI_MYBqIS7RshxbjA3M5iQX4uVN7mrTg&abxe=1&dt=1692923342237&lmt=1692915884&adxs=315%2C984%2C984%2C-9%2C-9%2C-9%2C-9&adys=90%2C631%2C2295%2C-9%2C-9%2C-9%2C-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C1%7C-1%7C-1%7C-1%7C-1&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.valorant4jp.com%2F&vis=1&psz=970x250%7C300x250%7C300x250%7C0x-1%7C0x-1%7C0x-1%7C0x-1&msz=970x250%7C300x250%7C300x250%7C0x-1%7C0x-1%7C0x-1%7C0x-1&fws=4%2C4%2C4%2C2%2C2%2C2%2C2&ohw=1600%2C1600%2C1600%2C0%2C0%2C0%2C0&ga_vid=964544171.1692923341&ga_sid=1692923341&ga_hid=2004088850&ga_fc=true&dlt=1692923340353&idt=516&prev_scp=%7C%7C%7C%7C%7Chb_format%3Dbanner%26hb_size%3D300x250%26hb_pb%3D0.02%26hb_adid%3D256f869e34eb2a1%26hb_bidder%3Dcriteo%7C&cust_params=url%3D%252F%26ref%3Dnull&adks=1376641682%2C1398092980%2C3872630840%2C4179853084%2C56111008%2C4060932077%2C2284956125&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308230101/pubads_impl.js?cb=31077354

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

13274959f276dada29d1a5009192e18eb041b2ce07b063a06d14a6598d3616e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.valorant4jp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 00:29:02 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18351
x-xss-protection: 0
google-lineitem-id: -1,-1,-1,-2,-2,-2,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,-1,-1,-2,-2,-2,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.valorant4jp.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
ead0bb94f239b6fc2872c2e7ea8bf768.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2215 6 KB
3 KB 52ms
15ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ead0bb94f239b6fc2872c2e7ea8bf768.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308230101/pubads_impl.js?cb=31077354

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.valorant4jp.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 25 Aug 2023 00:29:02 GMT
expires: Sat, 24 Aug 2024 00:29:02 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 307A 0
10 B 7ms
6ms Image
text/plain 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?vGJ89Q
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 00:29:02 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 container.html Show response
ead0bb94f239b6fc2872c2e7ea8bf768.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 227D 6 KB
3 KB 8ms
7ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ead0bb94f239b6fc2872c2e7ea8bf768.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308230101/pubads_impl.js?cb=31077354

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.valorant4jp.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 25 Aug 2023 00:29:02 GMT
expires: Sat, 24 Aug 2024 00:29:02 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
ead0bb94f239b6fc2872c2e7ea8bf768.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6B07 6 KB
3 KB 9ms
8ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ead0bb94f239b6fc2872c2e7ea8bf768.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308230101/pubads_impl.js?cb=31077354

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.valorant4jp.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 25 Aug 2023 00:29:02 GMT
expires: Sat, 24 Aug 2024 00:29:02 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
ead0bb94f239b6fc2872c2e7ea8bf768.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 38EB 6 KB
3 KB 8ms
7ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ead0bb94f239b6fc2872c2e7ea8bf768.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308230101/pubads_impl.js?cb=31077354

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.valorant4jp.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 25 Aug 2023 00:29:02 GMT
expires: Sat, 24 Aug 2024 00:29:02 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 0341 0
16 B 23ms
19ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHn4wEQ4JWpAhjAhsHjATAB&v=APEucNWEvIBUZk9vf2zflxhu496vbBA814L6dGsWKzn_Wol5qscxlFPvpdsKnHB6DU8V42p-8NFgeYGAWvDU-6n-k9mAEwKDIw

Requested by

Host: ead0bb94f239b6fc2872c2e7ea8bf768.safeframe.googlesyndication.com
URL: https://ead0bb94f239b6fc2872c2e7ea8bf768.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ead0bb94f239b6fc2872c2e7ea8bf768.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 25 Aug 2023 00:29:02 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 227D 86 KB
29 KB 30ms
29ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: ead0bb94f239b6fc2872c2e7ea8bf768.safeframe.googlesyndication.com
URL: https://ead0bb94f239b6fc2872c2e7ea8bf768.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ead0bb94f239b6fc2872c2e7ea8bf768.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 00:29:02 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30167
x-xss-protection: 0
server: cafe
etag: 12949109546734229676
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Fri, 25 Aug 2023 00:29:02 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 227D 42 B
63 B 42ms
40ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CpP5VYYqIggPCb2ArbQUIZCheYFTIfTNfN5fTzbDTj64vCDO-SavwsyFnAIUMRQ_UjWz_TrOxub9EmXcmQWHb7scwa77fgY-0s-FTh2SvFeh5bSnM

Requested by

Host: ead0bb94f239b6fc2872c2e7ea8bf768.safeframe.googlesyndication.com
URL: https://ead0bb94f239b6fc2872c2e7ea8bf768.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ead0bb94f239b6fc2872c2e7ea8bf768.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Aug 2023 00:29:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 227D 0
20 B 44ms
41ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=13411602840827961820&x=1&ct=76

Requested by

Host: ead0bb94f239b6fc2872c2e7ea8bf768.safeframe.googlesyndication.com
URL: https://ead0bb94f239b6fc2872c2e7ea8bf768.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ead0bb94f239b6fc2872c2e7ea8bf768.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Aug 2023 00:29:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230823/r20110914/client/ Frame 227D 3 KB
1 KB 10ms
7ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230823/r20110914/client/window_focus_fy2021.js

Requested by

Host: ead0bb94f239b6fc2872c2e7ea8bf768.safeframe.googlesyndication.com
URL: https://ead0bb94f239b6fc2872c2e7ea8bf768.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ead0bb94f239b6fc2872c2e7ea8bf768.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 19:06:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19358
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 07 Sep 2023 19:06:24 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230823/r20110914/client/ Frame 227D 20 KB
8 KB 13ms
9ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230823/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: ead0bb94f239b6fc2872c2e7ea8bf768.safeframe.googlesyndication.com
URL: https://ead0bb94f239b6fc2872c2e7ea8bf768.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ead0bb94f239b6fc2872c2e7ea8bf768.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 14:13:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36946
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 07 Sep 2023 14:13:16 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 227D 0
0 19ms
14ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaT9oJ2EWl7lygSzMWPO2bEpP5yunkm5bEr2ZkPmYKtrxIn5k8OxEvtbsQStv-YHHqA6vOIK
Requested by: Host: ead0bb94f239b6fc2872c2e7ea8bf768.safeframe.googlesyndication.com
URL: https://ead0bb94f239b6fc2872c2e7ea8bf768.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ead0bb94f239b6fc2872c2e7ea8bf768.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 227D 181 KB
57 KB 51ms
18ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: ead0bb94f239b6fc2872c2e7ea8bf768.safeframe.googlesyndication.com
URL: https://ead0bb94f239b6fc2872c2e7ea8bf768.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e3e377390273cdcadaaa15956be20643d89765dfe7b62c363e9442a68bd4271

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ead0bb94f239b6fc2872c2e7ea8bf768.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 00:29:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57780
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1692792373905140"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 25 Aug 2023 00:29:02 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 35A4 0
16 B 20ms
18ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbFxQEQq9bcARjA-r7cATAB&v=APEucNUzCAY8pwFqpDu7IlFMt-5vMNxUyoOo1Fif2_97x75yifrzjsShv0nuymqGEBFB775NrZlwkenAO87-2MaTG_ECxbbGcw

Requested by

Host: ead0bb94f239b6fc2872c2e7ea8bf768.safeframe.googlesyndication.com
URL: https://ead0bb94f239b6fc2872c2e7ea8bf768.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ead0bb94f239b6fc2872c2e7ea8bf768.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 25 Aug 2023 00:29:02 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 6B07 86 KB
29 KB 42ms
40ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: ead0bb94f239b6fc2872c2e7ea8bf768.safeframe.googlesyndication.com
URL: https://ead0bb94f239b6fc2872c2e7ea8bf768.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ead0bb94f239b6fc2872c2e7ea8bf768.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 00:29:02 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30167
x-xss-protection: 0
server: cafe
etag: 12949109546734229676
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Fri, 25 Aug 2023 00:29:02 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6B07 42 B
63 B 43ms
41ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DYqL5WhlhbAmCY0AFwfEUXuz0Jwt91iBiSe2gxr4Y2gvo9qLYizWFyn5HTd2Lt8Noo-D5Fz4RYYvddaN8oMiOi1PHlMzzbaWLykZ-y3fa-bjHKKY4

Requested by

Host: ead0bb94f239b6fc2872c2e7ea8bf768.safeframe.googlesyndication.com
URL: https://ead0bb94f239b6fc2872c2e7ea8bf768.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ead0bb94f239b6fc2872c2e7ea8bf768.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Aug 2023 00:29:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6B07 0
20 B 43ms
41ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=11049926295367832075&x=1&ct=76

Requested by

Host: ead0bb94f239b6fc2872c2e7ea8bf768.safeframe.googlesyndication.com
URL: https://ead0bb94f239b6fc2872c2e7ea8bf768.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ead0bb94f239b6fc2872c2e7ea8bf768.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Aug 2023 00:29:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230823/r20110914/client/ Frame 6B07 3 KB
1 KB 14ms
11ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230823/r20110914/client/window_focus_fy2021.js

Requested by

Host: ead0bb94f239b6fc2872c2e7ea8bf768.safeframe.googlesyndication.com
URL: https://ead0bb94f239b6fc2872c2e7ea8bf768.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ead0bb94f239b6fc2872c2e7ea8bf768.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 19:06:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19358
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 07 Sep 2023 19:06:24 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230823/r20110914/client/ Frame 6B07 20 KB
8 KB 14ms
10ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230823/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: ead0bb94f239b6fc2872c2e7ea8bf768.safeframe.googlesyndication.com
URL: https://ead0bb94f239b6fc2872c2e7ea8bf768.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ead0bb94f239b6fc2872c2e7ea8bf768.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 14:13:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36946
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 07 Sep 2023 14:13:16 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 6B07 0
0 18ms
14ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTeWjQzoinNpJi3bNw96OzAievIjDkwtbWlBhulkXNjOidZRfDj5cNi18XfwfFvhpi4cwXI
Requested by: Host: ead0bb94f239b6fc2872c2e7ea8bf768.safeframe.googlesyndication.com
URL: https://ead0bb94f239b6fc2872c2e7ea8bf768.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ead0bb94f239b6fc2872c2e7ea8bf768.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6B07 181 KB
57 KB 62ms
34ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: ead0bb94f239b6fc2872c2e7ea8bf768.safeframe.googlesyndication.com
URL: https://ead0bb94f239b6fc2872c2e7ea8bf768.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e3e377390273cdcadaaa15956be20643d89765dfe7b62c363e9442a68bd4271

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ead0bb94f239b6fc2872c2e7ea8bf768.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 00:29:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57780
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1692792373905140"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 25 Aug 2023 00:29:02 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 8918 0
16 B 21ms
19ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHn4wEQ4JWpAhiaqfPvATAB&v=APEucNUyITYT4dbDMo8K1hft3g-_HSJN7WcJeMKOgj2dltTgxjlOLlpW5b6_wHN7pp4SwrLzHrXC2MUJoszr_HR5oHW50bUsEA

Requested by

Host: ead0bb94f239b6fc2872c2e7ea8bf768.safeframe.googlesyndication.com
URL: https://ead0bb94f239b6fc2872c2e7ea8bf768.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ead0bb94f239b6fc2872c2e7ea8bf768.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 25 Aug 2023 00:29:02 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 38EB 86 KB
29 KB 37ms
34ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: ead0bb94f239b6fc2872c2e7ea8bf768.safeframe.googlesyndication.com
URL: https://ead0bb94f239b6fc2872c2e7ea8bf768.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ead0bb94f239b6fc2872c2e7ea8bf768.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 00:29:02 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30167
x-xss-protection: 0
server: cafe
etag: 12949109546734229676
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Fri, 25 Aug 2023 00:29:02 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 38EB 42 B
63 B 45ms
42ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AYVg08MYKh3E0FMBJkwoPEp1zGT781Ps8t6aLPXPKrt2gO8-uikEjf0te0KvyU1ESbTEiEjFkFKHCimp5dxF0qdgDeeXiyAqd-X8zSJE0hCk-lVLo

Requested by

Host: ead0bb94f239b6fc2872c2e7ea8bf768.safeframe.googlesyndication.com
URL: https://ead0bb94f239b6fc2872c2e7ea8bf768.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ead0bb94f239b6fc2872c2e7ea8bf768.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Aug 2023 00:29:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 38EB 0
20 B 45ms
42ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=2315646240196151831&x=1&ct=76

Requested by

Host: ead0bb94f239b6fc2872c2e7ea8bf768.safeframe.googlesyndication.com
URL: https://ead0bb94f239b6fc2872c2e7ea8bf768.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ead0bb94f239b6fc2872c2e7ea8bf768.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Aug 2023 00:29:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230823/r20110914/client/ Frame 38EB 3 KB
1 KB 10ms
7ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230823/r20110914/client/window_focus_fy2021.js

Requested by

Host: ead0bb94f239b6fc2872c2e7ea8bf768.safeframe.googlesyndication.com
URL: https://ead0bb94f239b6fc2872c2e7ea8bf768.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ead0bb94f239b6fc2872c2e7ea8bf768.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 19:06:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19358
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 07 Sep 2023 19:06:24 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230823/r20110914/client/ Frame 38EB 20 KB
8 KB 10ms
8ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230823/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: ead0bb94f239b6fc2872c2e7ea8bf768.safeframe.googlesyndication.com
URL: https://ead0bb94f239b6fc2872c2e7ea8bf768.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ead0bb94f239b6fc2872c2e7ea8bf768.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 14:13:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36946
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 07 Sep 2023 14:13:16 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 38EB 0
0 17ms
15ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTpwuMIhQO8d5NTlWw-RHpTpJUQKM32zdXC1ovhk6Y9hN8M2CT-Kn61T9zZ6QHh3xmwIno_
Requested by: Host: ead0bb94f239b6fc2872c2e7ea8bf768.safeframe.googlesyndication.com
URL: https://ead0bb94f239b6fc2872c2e7ea8bf768.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ead0bb94f239b6fc2872c2e7ea8bf768.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 38EB 181 KB
57 KB 56ms
36ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: ead0bb94f239b6fc2872c2e7ea8bf768.safeframe.googlesyndication.com
URL: https://ead0bb94f239b6fc2872c2e7ea8bf768.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e3e377390273cdcadaaa15956be20643d89765dfe7b62c363e9442a68bd4271

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ead0bb94f239b6fc2872c2e7ea8bf768.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 00:29:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57780
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1692792373905140"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 25 Aug 2023 00:29:02 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 227D 0
20 B 41ms
40ms Ping
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=7928535014256&version=m202307240101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ead0bb94f239b6fc2872c2e7ea8bf768.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Aug 2023 00:29:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 227D 0
20 B 40ms
40ms Ping
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=7928535014256&version=m202307240101&ct=76&x=1&cor=13411602840827961000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ead0bb94f239b6fc2872c2e7ea8bf768.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Aug 2023 00:29:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 227D 78 KB
36 KB 43ms
43ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bz4mg6Up3nJZTmjnfqEgsIvzIzsysLne2Soufe1eFW9upABaFhBDNXkK9P1yJyF6pn7UXncYmTHN3Fc467dUvRaGm80A&cry=1&dbm_d=AKAmf-AqMJk8MdxuiP3-wL6Ckhzwh415KU67T5PDih6sAOxWbshACiFwBVrPNW1sQFbGFKz6PEYAkTV-olkfFaOVAc2mbLmtROjA85XLIUIyE2F9HssCa3jlOKbBUEXSAPPQvPBh_-gpQvJDvnO-Ksp5f8IYAFh4tjFivT7Hjm_uTGgdwkz0q8fgxxmStjwMS_4DaR2VboRyoa_wTEdpleU9Fc1xDCPSNy16kKahka8o7EmK0_4pLC3nd6SXIqLNbPCoZ8iguJfTyvSHsiIKnM3rnRY1wxBu-BIILfG-oa3dUFXPt2nssMFUExstLGNJcmdAezt9xazZSECYkL6ehmDSvQb9T5Ilh1qhfZ84B0Hy3j7GW9zVPcH1U1ceikUKgNj5ty5CRBig-zjTUcam_j0aqKJLpxkheztzCsaG692WGLp3FlCgi1YsdUtOUVYn5cu-cu9aoUfEsYnlREplEyjWpYwcfy7ThvXKnOCoNqb_NdyG4JK8Z3KBApSeVjiOEiYd52iw-EmVBmDvRQ9Ye10klee_FqEbmiKhbPZl6AoSBk_-h8fI1-Ybu-5T4_LOuoUct_EQykWYv_uHKbj6vvvaN7blQkzkiDx7ijcza0RslvCXQ8lQWyxhQj-3RCT0g5hwlLNmJcA6WD6RKhKDHgyZyOh2MLxXMyg8j6sw9H42J-y6atGiU5RbkJz93kI3VzVKTSp42RsNM8Z6byuFNE05YS8yAUxpvpxt3BEwh-L998OrmIrT3qNzLpLWIkAXuL4LhS_SKp_T9nvSE9-ZK3FfEUADCj0tcD3pb1eAWlcLKYdE0LhiKyA9-Fz5qIyYlFYehPLRREBdJiQKFVXD5AY2_f-or0z1pnVwT92PnJ8GmvST0EEtAGmMLxCtwJw6Zx4w5nPr773zEOtQ1caxZEnwC6oUwO1Ko7CjjIcKp7JyIIM-sufKjis-aZ5JDzD8Z0ffMuyKzt0IewWayLa1W-wN_2DxjQLv478OaNIba4qLRwi_ZFy3ichlXJ3K7DVboTTC_8uQOzTXsnVYEYoYyr-AvhfRONQ10lCro5a_S-cxkgyecryiExgxDBjmPkop6v8lTKWdC-wAKxDAUH4h4IPtKjHGHv-5PqsNQNePmP-y4TlaKOXR40xUOyUVn7nOtt6G9GN2txm8XvPwkBuTUVBLY4cSTyajUJWi1KiUwhtxqpU_zv8a1PjyttXVqZkLQho3DojNS3L-_JcCIwXzbifqgr1i3c-L_uYkikZQ7qId-TAeWZ8dfjj4Ix7dHWj4bJ-eEgLyW9CO_hCxAIZXrxMTcK4zxye9DlajpWKY_fL5hNRvT2r3FaUpgZ84rRpcw25DzM57bTV9_l9lQcPR1Mb7mSYdeSM68BtuzfOX7Tj6NSaIkGIQ0N4L23kQ09Kkn5F5ON7GwmtnBbiJq1TQ27vmo394HmN9kPtb8rSwinxMSvsk1doMxN0xxviOgLQmde6TvH0l7Wh_j96BJg1NxSkA1IdLKSoHW0ZZZT_44vjoxETtnrmwgyU_n1LL2cWKY4yb6ih-vAOTucVSRUduzrIJNKBMv73hoNAeRmnCpPLrptq-8KqmrT5N0HdMX1CL9wX67CrxrEz17DVQrqBrBhxpfHWGMZ4ju9RvksjbvOTePH0wrjlEe4OYukUdIAfu-orQhUTyotDBJUUq9eVApfoC-RCAUWyINc1ZmXFZm2IxW0KCo8vp2mK4SGMD561NFlYidrn0f1iTWoj0Qe7HD_ThXGmc7x-S-JWc6yAJYBBiUK4GsBqE_M4QRl9s0Dcb_qYgoymgyPC3ZdaRD4C_Qm7u32ixHIimCwq93pZrMVDgVA3AWejUNFsNTnTmbipjwf659_gFZCS2zKQPHrKNu0Xq_pGFPYCB9ddQnsjEgwYXO5hpkjNNkoCDO0RSeZ1xJFkieb3OlAt2lpnRZ3O8Xptjdi7DqLzSdw8zZcJmrFYRc3ZUrMduE9Mk_o0RAgMHNMiEwm5U1LIhYw_jrt2fJ4qwNqpYxaU9EF4BsRukDlLZr2Gcl_Eww-5qNzZJm19Y5zUTEwcqZ9W6VGg1xeQ4B84k0bMdZ2c3M7BZuB353YIGPe3Q3P7Cy7PGrlDjgj7Dm2EXYRGRS-bcBYlV2J7YfR8YKXUxJ_fVyDEb_0Jkeo-jYf1ff_k-WN6kPvtAVp0S6Ge4-YPsErLiYvZZTqbtecjMTZJ4jEHRAcgVUiFFXBkDbWl1PGicp6rvQWbqMO40WJPGbDL5PiWVMTVP3TXDK7Q-MrWKYMXZ59a9F_E51CdwLBw7c38ju1SxINAnm0Jx0vkS6wzkt5QNeT0rg9LtIAwJp5wCGEC421LWUWW078v1N0xQdPZe2-TWoK6Az33tPfDjkAeHYUe0AIdwAY3nutvYMfdJkBE3x_48gztUPrlS_31xoWoN-YvFEhIWV8geKNVu7SKMVn0TSoACRHg1FJUb5XU1XqNi-dgWDRW79b6z-6sgeH9gU7_n28WpmeaRqWBLVbs5DU6xNOSGpUEbn9sVDJX098FS0rTDNWqeREmL-V1G8xGdoJJq9BRlrASfhf-fW7EvzpjoYkdXmycegB_n3m-z9K6lRuml_IiLNIqVqd8KNDI0f94JXTR-WGR2bfjZHMr-ruLh3ojVUhWe8zkJCXJGr-AOF6j4a1t_HwgXKx5kr0G7hMwi1I64hwJpT4VDRSayy8jdSy0ddZgK3aFS5t1ASmPxEtgGHbmPEn90c0Gksw4Hik1yJdCGKkjUuhTHPyhDBSdiaY-ddYUB5XD9SVxZDPJVcLWtGgRUkhMQa6KnJ14fOG-h2TxL1PKCFXfn1apISoau98AS1zhBBH8t-pEkGKgIQ958uGA7W1qwN1X60YanSaoIm_hJypRN7Um292ZQqsGUqfi8RNhz5ExGKMNeGSmjCg3ZmLP8iT5SoHjO8YTF43Cst8ALr5cNK2xOUWeSy9Eg4nbH4NS7hnOLTdWXxbcLVs14cG3lvsUB0OPYohcoEzq99lSLOAWUHoxgEc_odWycww589DcaYivesco2qQYqx3xvnhqfLxED3YlqftowgWFFOE54KOwMkwtOrBa8Wwd7tz9gQXvDlVlbNfUiAQct9_J_DyD1uA59Jy9KfgFPlEXwN-hB0zDlywN_Dg-PbScojnKqurp9DMT6z-jmYRDT11rqM7i037wA9Q-PQTFXapzIR2zchzsssz9xLlp8dItrxqiULKqhmtqTJ6a4lRh1nLa10wkZolFXFcsLm-MG1d5FVzl2tMglPJzaeprIv6bwfthkk0YOxUCIVA7gQwvviK05MhyLuMI2x_R7RGXoOIBAsl5zCY2iKelDPZ6pZBla4PGI-JMsrqLkRsCe3NMuXhpf7nddy9VFh4y0mudbxsXgJEKNc8Bl7_TV8hcXPBbRNMCbKm-mMwWDhy-8N3ybNDZwov6PvCODrXr9FjXUlYFkMkaFLcnjnpcPkpRRf-iAEPjWm9Myu4UQPadMR2XIuMw7p8INc33MjWfiucfT3dGfHb-t-_ZFWiyAqPR-rZwciZAiGhkQLApVy9_MAWb9EloQKsi5s8QvUeuWZrHF_cX4AqOxdNAHSIRZzIx-N7sKRDIPTby5OaqG_7z8EUlAXrNH6qzaTdx9xGX9lSxAq7_iAZeh5XJBNWyzQlaO5wpzSxbfUk-GyFlElfDfG-tBDrs7fQ0SEsITSrTzuj_hMqY&cid=CAQSPABpAlJW-t1jgfcvie8SDccc5V8A0Qvy7mfQsmfzONFXPaZvn3LHZM-rHcK_6r5tLIL8ffkXQgioIf7pXRgB&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.valorant4jp.com%2F&ds=l&xdt=1&iif=1&cor=13411602840827961000&adk=2857193498&idt=33&cac=0&dtd=36

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a82cc72b1d52bb8f56d39353e91e5d116c1db4e2b0ddd221289114e3a996ba2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ead0bb94f239b6fc2872c2e7ea8bf768.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Aug 2023 00:29:02 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36938
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6B07 0
20 B 40ms
40ms Ping
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=5581594253983&version=m202307240101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ead0bb94f239b6fc2872c2e7ea8bf768.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Aug 2023 00:29:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6B07 0
20 B 40ms
39ms Ping
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=5581594253983&version=m202307240101&ct=76&x=1&cor=11049926295367832000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ead0bb94f239b6fc2872c2e7ea8bf768.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Aug 2023 00:29:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 6B07 78 KB
37 KB 44ms
44ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B9x6K9IBq1HTiUWVag4CEZkAH17vfA49PPm9AVrXW_n0jy8J37UPGT-g38SaNvqRc1D4o2THTjcvPAeShvULQgRfSffw&cry=1&dbm_d=AKAmf-AkYm2ZxorWTdhrU8WyM4vkgXSrj96zCZ-ULe9EOUjiJObVDVkK6DDRlFr7opUHlIpc22FwsxhLMAYFA2r3PvvVaUv4MpYUTt3_8fZNrsgd_HzT6lsP_X1LzO4p7g1alJ3KpGfphApH70RY7LTNdhs_ipXkXpeP39DgD0AexgvG_1edECnWVs8sXpOsjfMjzT7y2b-QaN9F5TaKwzG1wv8BiOOs4KAmTvSnrTm8KPfUnaGPm2bR8vVfAyTLZtqX4IozAJJUV51jO6tE1VnkXdfskpf3YSPRa1-l9gu04xy8PoB71NmXLjvWpLgnKzl7lrv4waCpUgQI8V0naYbMANKqo7XVuavSq292iFVBvK5yKPvaEK56JYTzBJN0Fe7ayxaK9BCNBu0y2D0tnovhBoYTLC2ftS3u5qEu18utmWFwNASVMAO5aneKPi00lxy_Iuzx9Pon8jLsX-jofctfI4RXh751tpYfRiXYG2CpkUAXqytuaFVyDF8Q_GsVX0-Zlj5ozuyq1-998g0eJTydZ4ZYIV2XcSkCLAE7B-TJvSBwSo0qdOfj5h5awVLUIfhLTvIOcZI3074aQt6zGo08MIG8VOMJZOE5Vl4jYn1YN3WGHi4UpkkcnlZomhMBmi6BO9xrk_Vg-sQMULwSWjov4zmpBFPL8ySB_t7nJDGZR255EJB7N_wK9jOy1TdmhEJuJ_-MAn_BpsD_LVTeRXZZsOwn_KuPNNaFnCIqXAz66VUMRk9BDkfgO6p0UmtHzeBSewrWO5YqkhkdJFadkF7Kr-RymgPd1NoAxDow1pnn6avWbkn18dP2GA9lhiopw4I3QctyAqWDKvUp8jYXo3Z-ayC_2l2BykPEP-ErPDQyxNpBGYlaherLu-Si0fK7FVtqOU7EghfHp1Vds8c0uBTe8-mEf0KlZwgjNhOfFdAYWOrVybXeZBk4vIfpNe9PmWRyjfTEXlgK7cMNcHn-oBe4T_SYT3y5qJunvo2yxFK69uQlm2tIutw2BcEsE78GERIFMmyKkWp3UunvwboFYzzzCLgCJaAVLdZnID1UUhOc3OCu-8NT0p9MbEMpW1maM3mHIEfglQtRcUoU7SpVEIiGAjFoFFCfPlxWyz9mDayOhDKluqyWNs8R7JQvs0WPAKOHKidLJNMrCIUIxdUbc22ewwUGhHeImGzuQAeSyK1A84EtUPFAoRY16o2GQ_Kf7RWZnUwWKPiiuuWxziHkhMCe4j0hurMjTAY3OBQZk6QLQto_nGr26hhc2KhWsUdaGTWM6IsvNiCONR0MUMD6Ap3pAw4zgHLhPVbl0Nt7MlblJkYl1jJSPfZtmuvJbiRESrYmcbhx_ebPdaG5CTwgUuB1VHDR5Xd0iPs86Aow3okKZ1whpSGOInYwz9fjzTMunLwtDtJI_dKN8iD0-jIYZdkEF7LfnnvT8hIST9NHQ8EiAUOfiErvGnzLNrchASLsRPEgRXGVPx_uKd8RlqFm0lNRuqzOz4IOZyrXY7uggTd3fu7kbj39-iczAqZ3CHTbedY39q5cdKA2xBDX8723TO0l3aKABX7-5sjg_1uifpvrqW_U4Tcbok3RV2maNKqTg1RjbtB43w-vsJUwFpCMkA3zPb0CZFfUJkJBZc7gvczIYo7g1uO6-nfg9QGXY6GzVwDp3Re3qU7NujUgRPk9PFjkVLWP6VoaiGm0SRqBxSmMBSEPuHVO1vYE0Z49nS4RA33o16jCTMmVzSNlupfvoSrVuvS5sI5zlFZrVswTf6AqA9YIm8yryTt67t0h9Tu4qO3iAfwn-q_iwkDbe8dV8_afte9uQ1oQC3ztJ9OK-bwsy5CUo6S8LETRqfpt_gHNy_evqEczqL05Vp19fAP_LKPskUs4JrjMhIhja5-O8iHE6y4cC0Ygs0_uqT91pEuMDPDSmwP1ovbtSSrpJ7E4tQjHTaF4oJGUVEJQVa5wuYNszF-dxrDz6iVXM6C7QldA1mUs4CPmE0J39X705Vq5OV6NolbGrf7u4TkT6n969MZVQ6mhlEwShwiZ9XRGm-PBsLRNV_v7nbCKwW4YAhuyj7VM-xcN9ZXUnLK60jiGWKxH_eSO_kOakBS1R_WsDc56oGHKfxjB7bq6-cxS777elq21D1a1djfaaA8y2IAo14kDZz-1B6KnlpdHf4lVNmIq1dCea6oDT4qr3yUjJwPkJcH5Ta7VmQ5e2ZqGyHrrv2Ygj7Waq63F9skR_Cw5d2Qdpp6xTAh8_7EQ5ucc-BgMoVTQUAWR96FlOTNGD-MAQuZ5S6JR4DBRZcBaMITV6GZqrskUDeQCirYA399ajnoOsvMqgBpqK0tVo-a9BKJ04ETKUcBscRAxxuFoF4VIAhdJsiVpqSu1ioWDDtRwYnpEl6LRX6cxglFxAxenZx-LYOnwrJ-mpb8fuqgmNqBLCqHu8bdHokq0Yby9hTcklqLBcce6aN31VDVu8tbt1TDe4QH2gwUNvTKVPJPkpq6-gF0T6UR5BdiUrdxkgwWEycxRXfkGIMN3OGoCYspH-LEaRh_rmDL3YiUdUZjehUl92SO7yq5rZ-xU79W8uIp3SngbuTARYD7KwE4KSAMsKodkBHmLUHf8oa0LEl71gu91znhtR0GuAN-85dUgMZmkB507nuSKhuaPoUOhwL2QdDt9bZE5MOOdbEWNhxMEhd0-VzHMrrSnSTbg2mLEBI5ZH0uwbaWm8jU9Of3yC5FOH9IPGlgLw4sCthSPYFdmsHQ6E0EIK4ZzBuGFqKcNUb0XeV_qq_eeD5R6jAMcqEc2Bv8XhQMtPGKTW8I4QUqFQuWAi5Ez9XGl0EiC2X-XA9Pe8yWynuymsHwnQTbhJ6QwEgLcQiql7GmPMyr2iPDCkzUpv1KiTcq6oQMfuhZeNGcoBEX57noxBmVZ9HUHtDq-1NSX4EwsqHd1u2kTyDnLsybX75Bfdf24h3vp0n7EUeqTCFbGKdvBOWBzddlHbhUEcyu_WvizgZYDBP5fRIZ6ajGKElFvcfxNo-O-y9oI2LD72BuVSPVf-vYD3g3vSk4wSo-z27UTJNmqTEXagzH1FfGnIKILH2Zf4nt0tWF_cS0u00l6gSreD_t7KvvUe57AOkdyz4-RGVEH364CQPO7pTK62PGqF-vFxvSIOUGFO_xH7kkoxKRFT-x-BZOgtfQEuQfofCAOK1fopU7hUS3_jgLfF7ZW2ureP9w_Jwn6xxbqnyumfw6G4d-j8KJKGAWcmF-WaAA61hwhdGOMpED65qU8dlIEiVb0QtngW04dt6Kvu-mNAHUo5aDjoanU8YJka9sYKaf07zbiDZyB8a9FviU_mTxY7gHbbnStf-KQ6ZykdiVLq-U9G4nNpoi4QlTSnqJWb0x2Jvj1t-EKRBm7Z7nam70jtqKiURLNDxwsghLLGWuFEtidiWGeOB30bwJ57R3DSnRKRzryY1n1ufSg74PyYHyR0MnJ-d4leUKmej355R31bneJWtPMLtZ2B2W5KRsXCNjwAGuxThzLMV7REE6HUeCQBCUhYnVdltNv7P0J_Xietu2nOmPEv4HpvJPIIxgio0_VQBxDrFmGoFcp1SIgWApJ2FUjj9X8nMLgFTLZ-1vGIRmrqwCx-yUj2pQksnBBb4-8d3e9wwCbdhK6pinvILbFhO9KJXzuQFA4_86cNtp7NjXnNXEWkza3_MGZG9uQoz0UmGHZNOBYY8xAgHvJPGb8aHDoh4Nsx7tQXEW8n8h6bd-ka8ljrqsTyU3XKVWopMqxT3Oo21Y6NRo&cid=CAQSPABpAlJW-t1jgfcvie8SDccc5V8A0Qvy7mfQsmfzONFXPaZvn3LHZM-rHcK_6r5tLIL8ffkXQgioIf7pXRgB&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.valorant4jp.com%2F&ds=l&xdt=1&iif=1&cor=11049926295367832000&adk=2086295851&idt=44&cac=0&dtd=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9d652b912906be1bb8411fb16538c4ada6c51e9b9334e21b7c86975d75812391

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ead0bb94f239b6fc2872c2e7ea8bf768.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Aug 2023 00:29:02 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37395
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 38EB 0
20 B 42ms
42ms Ping
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=8783525220576&version=m202307240101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ead0bb94f239b6fc2872c2e7ea8bf768.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Aug 2023 00:29:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 38EB 0
20 B 40ms
40ms Ping
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=8783525220576&version=m202307240101&ct=76&x=1&cor=2315646240196152000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ead0bb94f239b6fc2872c2e7ea8bf768.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Aug 2023 00:29:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 38EB 78 KB
36 KB 49ms
49ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ClNA_pEcGdzhf-mk4jweeq50-YL65RgjDPgaAkfyEuj7zM111NOftsY21p5_p2zCwm-SD9L0FLcO4b-NvMTP2Z2_GvAQ&cry=1&dbm_d=AKAmf-DGVqZpW8gJzu0cG_XI_Rvgr3YVaPGepk17HSBL5VvHVMB81gPmsE47LWnlix9ekD1BmQYzwutcDDJDVSp7arrCMXpSS4miFwohBscheOQEa3DEOjC8UYUlov0gtU1qWBDXgeN3xhVTvpFiPFusS0RYRQNWlaRe675PZqBo_A8mGfKLxhvimb5KhzH3TnaQ_JZXIgHgdM-C_v3hW59Mmr12W0uB3tob7M8_1LANoBp5xp2iUxUsEB_-a407EU3eZusSvUbLZngnUTtgnZE_qXkQiScVOpUhtix0we-5wgah8eV_vFGtOH6kcUNgSzW_AWwRoUvj7Iz1nPa8jzWjv-ByqtlNzk72q_yOE4gbTxMSel94U5RIH4r315dVxZlP8Lvi5EQa5DVq6z-Hn68Mtzj-6Ex7chnK8BQE5mXDHOhDGPxXagWcqwn8R7ofyi8udGJ0rTPnIOSOsLhfbioB-ueHSjlGuLmGATQaGktr7TwXVtLfVUpPdGADKVsQOUXN8cSdWJ6FXNtrM9RbmCsn18zwYUG7gLlANLAXJMt--fPCiIwHEQiBjIfnYKDPN_nO0m-NZMB6n4CydFd5gTAkwn_vWrP0s8VxEy8lL_CwuQDEhv5A2xrCpxyMQ-Tf_py_a_UQO0EkCtd5ylh-MR8bbencBdmNHPXnYDyoFBWQ__euNEhZfXaNCY-QNgM9HqaKmDM1gAgE5V5jGhsWTNQ0BDvheAYrckZ8HW9s9cllKANEkNiVMCap2ctZhm42x3IOPArda3OhHzPITrOhnpvlsRCUOSpzhHGAQHSqQg7xx5MWKLRJYSUPGIwQ3hjDV92c_p5IooEgFunq5vu8G3byGrtE7cL3vs1jL4kKlVvj53_044LexkShaeZJcNJ8n1HemZDsEUOebOs-JM0yBebFVQp5Deeeak783OqQ43U4h8Zq1rXF1vwS2S4kG7mGJxObkWECKSJPhfSXEQ_C-sH3ei4YhCTiww3LYK5A_Zf1ONLYKtZ-S8cx9xw7ILzF1YYY5n_9s4DMhqJcKQ_xzowLjiyQjygEXDZGFKP-vtGOjPKxpt1U8DpzhBbrzIN7YrnFuOoGjiSJUB2joybEtGxhq86aXGuFAg1_4jiW2gF2-w8FNuea5pt5vQ8tK1V5-P2zW4Ixgg8tRTLh6aWyGiVk6v0c7JdKDwJrgf67N-5-npJ0LX4HSnSyDSNWpQYFjNtQCAbAjiQcrYr4CxyPyDCrBZg9m6mJFNun4vNNuWK9SDLN98-8W4eRvY5BAC05QT5lIiGCJ_zjmllGx0OTlA_u1nN8Tq52O_ct-Qv2ZjY0ZQhRZqRPoPl8-T_V96f-3PcPGtEh3tu8lvJotcbTfHYsw-1OU-h-UEwz7oJ8y9GWUPF_LYQQS53f6giq4a8ikOo_gaZ1U6VhQgg2v2CiIT3fuYq07tB7UckdR4KiHAKOvLIQ6SOqnfTxpjnetLxu9RNh23-ZZsmUXVR31BXqnJVjrDB0tjF3dK0wgDsP6BHzudVOY2SOa94e60qZKULWSilTsaOOl145JuH0RUHJQKFrFcGOV1VgNOerPd-hw6YdJ1TuKnPXs_zVQ7yBQiMpAH6vqGkiThP5QnTvjb-oryMHDcxXJ60pUPNyUN8OXvCCF73qzSiMnjUqxmh8ipts4jSsrPS2Il-v1fcOpFEsZiztF3JxM7FD7mkGiWAfJWlPvdiLQl3ObClwRa7NKH5-OEGybOjulVByTsvDEzuZj54tqRIoLIL3KDR2OJ09OS9fpFf_6bOTywn9ch8PsmWS7ucDZ9KAFR17vi-Px0T6v3ZakTnTaQIaO2RWbmzQiGotRlr6uEX10KL7vduKL4z9d0tppF94DiML0dHuMXi-qZu6o922-GK8oh7f-STcvIWelmMyrZiTfSqZALjFItWeley7_IS-1Nmg9RvarnIwH4hSbE_SoJ82JxzYBmx2vK_qjkyHtjcMIgW3Le_M4KFzLt2ukZJHPd-noSlQgD3m1Li8zqLz6u4fy8AmYD7BfTNgABl-Vw1uHV2ceovls4YfWLZiNJfCj4sN8q2c4tXC5dIwzkSp_RTJZHEJQCvU24ALBlR3g72Ax9UCfKYAEWo4qQEIX4mQd3D-GdOoFors89l4nc8yc91IyplBb_MCSE2pAgHBVxRasn9iG4C2rSVinD1xDpjGKXDe5lcsWnqjCShuYoTi7ddERgWJRE5PcV764rbFfvXxjw90BzU6ZsJjko2dBTDGyrFC-5_-sNy4NnU2A-H1S0HoEpX1FaXQpssIjfbU6TynTVy2P2o90DUteowk5aSDPQGvY1TMCEmxdC5gVlj-HV4iHIhJVL7u0EGOyY9nMfUT1QydX01Z2U54mD9IXosIpw8wRykZLK6TzObC5YfVXJP5oYobxYwvqBSAKJ5roYOLpHISYQvtzuqM_dNTOLJ2aSEOkWhwqqsRMREPhCsMdvJZsea0wgpqHEKPfvhsNOGxam9Y5_8zMw0J_e1OLFHHotTnGDnvq2iSzgRkhpS8pz5z5NOpD2BwiGmfDCBeOJr7j9nMfzn9Khr1I8bheDUGFE3wS26xPmgytzutv_qz8AHjXQDWYYFSv27UBPH3Ejvw-W5paPPS1n1H-SNeHy_fKYQRqrhim_QSH5jqsmbnzQTwEcTNpWOeJTuKsYBtNJhmGy26cXUkifosZPorMRyR220f_uV1RypmSgJtUc6IF1X9XhSXLYAV_pXOkttbbj_WvFErXulgbmAN0iKvqI3CjkN8tDlyQdrz0IZYk_y-BgAAvjNkjq1esTGs06GPXu3jjRsfiqJt17bzRo_RU9EsZMQBKgzAacZVsG9BBaSQmwU4CC27nObp5E0ymVIy65_uM3QBiT-eXKrO31H-PP9SQx07En9iJoijUNxhURtaSBf8W6lbCVoQxeT8aBZeKh1LGDIFI5F3oK1brc9ZysYBKb9Jo7IK8NhfOX-AGIWtCELzTjEGGjZDiDqfurkiW5EM_v53snXNWqJ3vE1IvuWqJMrHa45GeMoOnOKbd1riJFarKS65Zlyrbe3v6SfvUS3hezuGKQfHZCIjm8AQeWiXHAF37qNV5_mJoYNRAJKfjXtHiV5-zUV31X2hJdGjqeA7dZqLPBdswAtu9JCMiGJqyeYTdTFw23Ra3i3NDw3HRWWDEha-RIbyZayzNZr3oOcEht0ZrNQlSPNPAlAlTCoURBfYDg5m1wUd9YSl7ZOULA70-Eqv3i5_5TuliV-aWb7xJh8-VWnwVh-xHDsMZtXu6etfJDrT0PFDzr6vjJPHg5Z3zJvUZfrhosD7XGMbM2Z50UwVaTutdrJXiySNqvx7HaaGVmYu92q4rpiTeGMnmb5-oSMtqT6Z5m9i7YEx3fz3gloloa6G32V3gwc2iqeY8FHdizfHArF-eh1_1ODm9pefzGXDrqtP0AGpM6_kRlLo8TupQpAe3zHnjGe2irpCZxkTRmcm98Pcns_X2uABKRNPxLfJ07BXoJrS_9DHOF4bHJOmmmJzFgXjMsDLyNmvfKSujjMWQMzQ7lGet3sOpirEhtc816WUJ8eDdQsYxi5_SMe55MdTHIUkojusERyS_TB0Sw3fMsF3vZPUAgUD-wjbfPj_XvSrkbSqlpaYZ7JO0El27lXrcSvlm0O_NKgKVjyYioDi7kD3YXYElvzqMikN-fsz6025AM-i-OMBL9Qfk9H6u63M9W5ClDA75jdriWUr&cid=CAQSPABpAlJW-t1jgfcvie8SDccc5V8A0Qvy7mfQsmfzONFXPaZvn3LHZM-rHcK_6r5tLIL8ffkXQgioIf7pXRgB&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.valorant4jp.com%2F&ds=l&xdt=1&iif=1&cor=2315646240196152000&adk=3944675600&idt=39&cac=0&dtd=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b14bd8d5e0f3c78357bf5532af9aa105c5c0c213b7a8709d21fa3329a0e53bc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ead0bb94f239b6fc2872c2e7ea8bf768.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Aug 2023 00:29:02 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36971
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 45ms
45ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230823&jk=2409868342803026&bg=!Q0ClQA_NAAYkVgHwBFY7ADQBe5WfONxr9HqovucdJM5XBjOaEMOEG_AbzVnizuy9pZgY9HM0IpjGuP9-wgnJm42yFZq4AgAAAHBSAAAACGgBB5kCuuxjkt0Azy2St-KNkIzOmPjYrsjLuEfQF7HanXv0gkfmB-d3_M-hXY-BBkAXCnwsR-4s8yHdsQ1eYPd0q6F6_P7JXrmBYpnlzj3_S8KC0JALr8A0603gdw4KTPzVu-CEPPaPFMeyD5c9JQQ3fvdyFaga5xlJY1C6Nfv-iw9lNlBGZmf-tXcGtPCYp-Pb7HW0uk9W3l1SlsfUCwWjTTTFxdGGtzG_tC3i11ZvbmPtHltACHbtc5f5yG5izT7i2sQ33OJR--Ns3e85utwo5w9Ek3Y03_ErqVvP2BxozTq0IuT_oqLrz7GxR4_pxDLsBREv8VpaPmwDFUl9SxWhSTpJIhi56v8FfFjKwKgLTdtGbNHOibvRBalfFvZtq6W3UU8PqLq7YlwSgzTAXhqmuYRZkPJisQBgaOPo1TutPAhpq1-Y_jafe1Af6K0xctSzEOhRip4n2JD1GuyJHPs_MM6C5Nh32qHGDGW999yL1OFs0RX5JCEB2GPSSWaC7mWT_udJFvfh-XYlOaZs3e88J2HiaLpPvQ8filsheMFoRRQMFx2iuoRDOBs-Wet9Y5jRvlbYi4a4Cbiu1qbOrd9S30c_Mi_ybpaZ3syUGhraKwMb9KR_8KOSctAkzSLj6UH0MModAQ79olhSkz3Em9bj3E-GI1eiAh_XMJcat8H_bq3IxXIVy96rN9OI4TnGiASXtjX4jCvTpXZNqScTtHIClnV1KNe4se4fM0LLO_1SiOULR6OGx1MaetZrcQivDwSYTBXngFx-qR0tlnV2Ah9inY2lWe-Cv45F8oUjEIGhaHVRL_08PJpUVsIzHWAZ1LbA33cUyiIETs1bLySmBncfyF8_c9eTldOqCm1UmN8LGb8-Yz6ruHNfVbdFAHlLnPqFxdeTcKETc3g1VFrSaTe7HhE4FlBFcufLDkwR4e4p
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.valorant4jp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230823/r20110914/ Frame 6B07 30 KB
11 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230823/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B9x6K9IBq1HTiUWVag4CEZkAH17vfA49PPm9AVrXW_n0jy8J37UPGT-g38SaNvqRc1D4o2THTjcvPAeShvULQgRfSffw&cry=1&dbm_d=AKAmf-AkYm2ZxorWTdhrU8WyM4vkgXSrj96zCZ-ULe9EOUjiJObVDVkK6DDRlFr7opUHlIpc22FwsxhLMAYFA2r3PvvVaUv4MpYUTt3_8fZNrsgd_HzT6lsP_X1LzO4p7g1alJ3KpGfphApH70RY7LTNdhs_ipXkXpeP39DgD0AexgvG_1edECnWVs8sXpOsjfMjzT7y2b-QaN9F5TaKwzG1wv8BiOOs4KAmTvSnrTm8KPfUnaGPm2bR8vVfAyTLZtqX4IozAJJUV51jO6tE1VnkXdfskpf3YSPRa1-l9gu04xy8PoB71NmXLjvWpLgnKzl7lrv4waCpUgQI8V0naYbMANKqo7XVuavSq292iFVBvK5yKPvaEK56JYTzBJN0Fe7ayxaK9BCNBu0y2D0tnovhBoYTLC2ftS3u5qEu18utmWFwNASVMAO5aneKPi00lxy_Iuzx9Pon8jLsX-jofctfI4RXh751tpYfRiXYG2CpkUAXqytuaFVyDF8Q_GsVX0-Zlj5ozuyq1-998g0eJTydZ4ZYIV2XcSkCLAE7B-TJvSBwSo0qdOfj5h5awVLUIfhLTvIOcZI3074aQt6zGo08MIG8VOMJZOE5Vl4jYn1YN3WGHi4UpkkcnlZomhMBmi6BO9xrk_Vg-sQMULwSWjov4zmpBFPL8ySB_t7nJDGZR255EJB7N_wK9jOy1TdmhEJuJ_-MAn_BpsD_LVTeRXZZsOwn_KuPNNaFnCIqXAz66VUMRk9BDkfgO6p0UmtHzeBSewrWO5YqkhkdJFadkF7Kr-RymgPd1NoAxDow1pnn6avWbkn18dP2GA9lhiopw4I3QctyAqWDKvUp8jYXo3Z-ayC_2l2BykPEP-ErPDQyxNpBGYlaherLu-Si0fK7FVtqOU7EghfHp1Vds8c0uBTe8-mEf0KlZwgjNhOfFdAYWOrVybXeZBk4vIfpNe9PmWRyjfTEXlgK7cMNcHn-oBe4T_SYT3y5qJunvo2yxFK69uQlm2tIutw2BcEsE78GERIFMmyKkWp3UunvwboFYzzzCLgCJaAVLdZnID1UUhOc3OCu-8NT0p9MbEMpW1maM3mHIEfglQtRcUoU7SpVEIiGAjFoFFCfPlxWyz9mDayOhDKluqyWNs8R7JQvs0WPAKOHKidLJNMrCIUIxdUbc22ewwUGhHeImGzuQAeSyK1A84EtUPFAoRY16o2GQ_Kf7RWZnUwWKPiiuuWxziHkhMCe4j0hurMjTAY3OBQZk6QLQto_nGr26hhc2KhWsUdaGTWM6IsvNiCONR0MUMD6Ap3pAw4zgHLhPVbl0Nt7MlblJkYl1jJSPfZtmuvJbiRESrYmcbhx_ebPdaG5CTwgUuB1VHDR5Xd0iPs86Aow3okKZ1whpSGOInYwz9fjzTMunLwtDtJI_dKN8iD0-jIYZdkEF7LfnnvT8hIST9NHQ8EiAUOfiErvGnzLNrchASLsRPEgRXGVPx_uKd8RlqFm0lNRuqzOz4IOZyrXY7uggTd3fu7kbj39-iczAqZ3CHTbedY39q5cdKA2xBDX8723TO0l3aKABX7-5sjg_1uifpvrqW_U4Tcbok3RV2maNKqTg1RjbtB43w-vsJUwFpCMkA3zPb0CZFfUJkJBZc7gvczIYo7g1uO6-nfg9QGXY6GzVwDp3Re3qU7NujUgRPk9PFjkVLWP6VoaiGm0SRqBxSmMBSEPuHVO1vYE0Z49nS4RA33o16jCTMmVzSNlupfvoSrVuvS5sI5zlFZrVswTf6AqA9YIm8yryTt67t0h9Tu4qO3iAfwn-q_iwkDbe8dV8_afte9uQ1oQC3ztJ9OK-bwsy5CUo6S8LETRqfpt_gHNy_evqEczqL05Vp19fAP_LKPskUs4JrjMhIhja5-O8iHE6y4cC0Ygs0_uqT91pEuMDPDSmwP1ovbtSSrpJ7E4tQjHTaF4oJGUVEJQVa5wuYNszF-dxrDz6iVXM6C7QldA1mUs4CPmE0J39X705Vq5OV6NolbGrf7u4TkT6n969MZVQ6mhlEwShwiZ9XRGm-PBsLRNV_v7nbCKwW4YAhuyj7VM-xcN9ZXUnLK60jiGWKxH_eSO_kOakBS1R_WsDc56oGHKfxjB7bq6-cxS777elq21D1a1djfaaA8y2IAo14kDZz-1B6KnlpdHf4lVNmIq1dCea6oDT4qr3yUjJwPkJcH5Ta7VmQ5e2ZqGyHrrv2Ygj7Waq63F9skR_Cw5d2Qdpp6xTAh8_7EQ5ucc-BgMoVTQUAWR96FlOTNGD-MAQuZ5S6JR4DBRZcBaMITV6GZqrskUDeQCirYA399ajnoOsvMqgBpqK0tVo-a9BKJ04ETKUcBscRAxxuFoF4VIAhdJsiVpqSu1ioWDDtRwYnpEl6LRX6cxglFxAxenZx-LYOnwrJ-mpb8fuqgmNqBLCqHu8bdHokq0Yby9hTcklqLBcce6aN31VDVu8tbt1TDe4QH2gwUNvTKVPJPkpq6-gF0T6UR5BdiUrdxkgwWEycxRXfkGIMN3OGoCYspH-LEaRh_rmDL3YiUdUZjehUl92SO7yq5rZ-xU79W8uIp3SngbuTARYD7KwE4KSAMsKodkBHmLUHf8oa0LEl71gu91znhtR0GuAN-85dUgMZmkB507nuSKhuaPoUOhwL2QdDt9bZE5MOOdbEWNhxMEhd0-VzHMrrSnSTbg2mLEBI5ZH0uwbaWm8jU9Of3yC5FOH9IPGlgLw4sCthSPYFdmsHQ6E0EIK4ZzBuGFqKcNUb0XeV_qq_eeD5R6jAMcqEc2Bv8XhQMtPGKTW8I4QUqFQuWAi5Ez9XGl0EiC2X-XA9Pe8yWynuymsHwnQTbhJ6QwEgLcQiql7GmPMyr2iPDCkzUpv1KiTcq6oQMfuhZeNGcoBEX57noxBmVZ9HUHtDq-1NSX4EwsqHd1u2kTyDnLsybX75Bfdf24h3vp0n7EUeqTCFbGKdvBOWBzddlHbhUEcyu_WvizgZYDBP5fRIZ6ajGKElFvcfxNo-O-y9oI2LD72BuVSPVf-vYD3g3vSk4wSo-z27UTJNmqTEXagzH1FfGnIKILH2Zf4nt0tWF_cS0u00l6gSreD_t7KvvUe57AOkdyz4-RGVEH364CQPO7pTK62PGqF-vFxvSIOUGFO_xH7kkoxKRFT-x-BZOgtfQEuQfofCAOK1fopU7hUS3_jgLfF7ZW2ureP9w_Jwn6xxbqnyumfw6G4d-j8KJKGAWcmF-WaAA61hwhdGOMpED65qU8dlIEiVb0QtngW04dt6Kvu-mNAHUo5aDjoanU8YJka9sYKaf07zbiDZyB8a9FviU_mTxY7gHbbnStf-KQ6ZykdiVLq-U9G4nNpoi4QlTSnqJWb0x2Jvj1t-EKRBm7Z7nam70jtqKiURLNDxwsghLLGWuFEtidiWGeOB30bwJ57R3DSnRKRzryY1n1ufSg74PyYHyR0MnJ-d4leUKmej355R31bneJWtPMLtZ2B2W5KRsXCNjwAGuxThzLMV7REE6HUeCQBCUhYnVdltNv7P0J_Xietu2nOmPEv4HpvJPIIxgio0_VQBxDrFmGoFcp1SIgWApJ2FUjj9X8nMLgFTLZ-1vGIRmrqwCx-yUj2pQksnBBb4-8d3e9wwCbdhK6pinvILbFhO9KJXzuQFA4_86cNtp7NjXnNXEWkza3_MGZG9uQoz0UmGHZNOBYY8xAgHvJPGb8aHDoh4Nsx7tQXEW8n8h6bd-ka8ljrqsTyU3XKVWopMqxT3Oo21Y6NRo&cid=CAQSPABpAlJW-t1jgfcvie8SDccc5V8A0Qvy7mfQsmfzONFXPaZvn3LHZM-rHcK_6r5tLIL8ffkXQgioIf7pXRgB&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.valorant4jp.com%2F&ds=l&xdt=1&iif=1&cor=11049926295367832000&adk=2086295851&idt=44&cac=0&dtd=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e64ed909680284310d43b2c1e481c46cdd194084f1df8a605ab46183771add7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ead0bb94f239b6fc2872c2e7ea8bf768.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 14:32:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35808
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11511
x-xss-protection: 0
server: cafe
etag: 961974302080011826
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 07 Sep 2023 14:32:14 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230823/r20110914/elements/html/ Frame 6B07 11 KB
4 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230823/r20110914/elements/html/omrhp.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4b61f735ba127d88a8673f26e34a79bc25968d5be1bb43004958065526d28bb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ead0bb94f239b6fc2872c2e7ea8bf768.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 14:30:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35937
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4196
x-xss-protection: 0
server: cafe
etag: 15907914729094346842
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 07 Sep 2023 14:30:05 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 6B07 0
0 98ms
53ms Fetch
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstZNgh1B9b4rutyIorny6e28Tcd79S-GNVcN9GTOvHX5JPpYBGL8O0GdDWUKeB514j4STRuHe9c0t8HeI5PUrFm2jiC6Pis-kkqz47NTmRAb50KDt_V8CewN6UhzyM_o055f6jwhbtn8n7wlFmdY8RXx_YXH_6fUyWHxN0CIAO7cFk98WiTkUxzivAa3Ft3KcImrWHlughDugjMDARsYSk4wOmVyO9wgS7xoM-56fLzObrOKeCQvBRmfKjDu-ERAYdSNERCIzWhkn3DKgvylO9VdYB7zmtWAmKb1eQaXlwvB5UHfQB2JLU-aYyF9Kq-4FRihl9aqbKOoAKxqh5AUvrWF2MekdzqMiQObJgrrRk2HlL0XNmrlYfJhNA0xffb1bBmqs-SzubTTimJsDdbC0tcZFTvTHBlWkA9wTScmGMo1dJW_DLZC71kafVDnsNV4lK0KuIudJ1mTZEtGuBenB1MpsmeVTY9gJL8PgJqXNgwpI-8EFL239PpYRvCbTXM4LxZsD0EfXDkbfP-jWm77rDZbqNjatPEMaWB3QiXIv2xSwNdQGz0BU0L5bYC4zxclHJbEeynBy6T2BdBTlzNVYgaF8wo2FQgZ9URXwKz01AyyjEObmusWs-18M6_di2d-si5x7jlwXvXQk1esNJ6JrI6q_BjkejDHoF4SK2YPdYQefUyL15e3m58SskgvuVmX2IWOnJBFRPsxeHkEchhc84WD_Sr2FrxUhgumNU-KWq9w-0oPG3us-WXSD37vjDSoicPbzLVFwIal6C62oLmBnMyiQjyRZZFue6UmckSw2_o33MwSzIAQxsGyBhDj9ze-ZeXfdU4OgIDqRnLn7a0LQsTmrjKhprwJ-XvbEDW0uSwdHkBhGraPKsH1_t--5fVfgmRRahwc1rX2pzHmYXouKXHbGAJrZsISKNVxebAWPhaJvjHPZeODY_WxrSXHvweHMlQD1kkE2jXHmze3an3lxQnvpVeARIi_w-_S2jMFE-nWkNmBAke36N57UZsRzATQ36jVcq0uTGWv635JO8wAsFySVJ-kE2aKrX2NTQCbgithno9u31SRerQtcdviil_bAh4UyRlZVHdbb-KguJHKRASiz0BIcwz0nta4v9-Us5n9Mm8lI5B95OG0cPjUHEYBgU-fXg4c8vdOAyYu7oqIAUNWkW67M3I1gpeNR25GYpS8ZamEXsKXSZu0fGCCTnQyJklR97NsT1IUUvpaPKXVVc79bDhAD4olEYAW2fOeCfiCmxCiiT-NJgwbZPc4Kdm6ttWYFbVwK_ui41p0OXrcMDCPUk4E-dDxfcFy1bZ_PAW491hEsrcGHJb6M2fJ_TQvjbx3VncapraAQ&sai=AMfl-YS1R5I6gyU04EVDrAbK2Floaf2SQL09YISzEU8Csz0uA7qKH-KKhNjwTIJUFGI1zTcHXCgWckcrMQVTEJuQqMZMV-h4-d9D25eeDkXjVQhb1CRLCwOJLe-79hFl7Cn7Jq2kkhZQBfd9ZQQCIkinhBcVjRmtejE6ws7wDu-loZIO8cM7QWLalRVqfYxXnnaZcBbwDI90Z96bLncwBgOnzeiaGE58I6yuLXwCdo9FSHHByPRbczFysE1wGw7nrX2uZW-fRxc&sig=Cg0ArKJSzDaeBoLM_P_hEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=0&cisv=r20230823.35768&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ead0bb94f239b6fc2872c2e7ea8bf768.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 25 Aug 2023 00:29:02 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 25 Aug 2023 00:29:02 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 6B07 41 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ead0bb94f239b6fc2872c2e7ea8bf768.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 14:34:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35700
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 23 Aug 2024 14:34:02 GMT

GET
H2 200 17744931471126985119
s0.2mdn.net/simgad/ Frame 6B07 92 KB
92 KB 45ms
7ms Image
image/png 2a00:1450:4001:81c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/17744931471126985119

Requested by

Host: ead0bb94f239b6fc2872c2e7ea8bf768.safeframe.googlesyndication.com
URL: https://ead0bb94f239b6fc2872c2e7ea8bf768.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

32039e80d045eb87a9c0f29c77a25a451edad3cf3703e4b1db48f687a05987c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ead0bb94f239b6fc2872c2e7ea8bf768.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 23:02:39 GMT
x-content-type-options: nosniff
age: 91583
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 93719
x-xss-protection: 0
last-modified: Sun, 11 Dec 2022 07:06:09 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 22 Aug 2024 23:02:39 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230823/r20110914/ Frame 227D 30 KB
11 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230823/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bz4mg6Up3nJZTmjnfqEgsIvzIzsysLne2Soufe1eFW9upABaFhBDNXkK9P1yJyF6pn7UXncYmTHN3Fc467dUvRaGm80A&cry=1&dbm_d=AKAmf-AqMJk8MdxuiP3-wL6Ckhzwh415KU67T5PDih6sAOxWbshACiFwBVrPNW1sQFbGFKz6PEYAkTV-olkfFaOVAc2mbLmtROjA85XLIUIyE2F9HssCa3jlOKbBUEXSAPPQvPBh_-gpQvJDvnO-Ksp5f8IYAFh4tjFivT7Hjm_uTGgdwkz0q8fgxxmStjwMS_4DaR2VboRyoa_wTEdpleU9Fc1xDCPSNy16kKahka8o7EmK0_4pLC3nd6SXIqLNbPCoZ8iguJfTyvSHsiIKnM3rnRY1wxBu-BIILfG-oa3dUFXPt2nssMFUExstLGNJcmdAezt9xazZSECYkL6ehmDSvQb9T5Ilh1qhfZ84B0Hy3j7GW9zVPcH1U1ceikUKgNj5ty5CRBig-zjTUcam_j0aqKJLpxkheztzCsaG692WGLp3FlCgi1YsdUtOUVYn5cu-cu9aoUfEsYnlREplEyjWpYwcfy7ThvXKnOCoNqb_NdyG4JK8Z3KBApSeVjiOEiYd52iw-EmVBmDvRQ9Ye10klee_FqEbmiKhbPZl6AoSBk_-h8fI1-Ybu-5T4_LOuoUct_EQykWYv_uHKbj6vvvaN7blQkzkiDx7ijcza0RslvCXQ8lQWyxhQj-3RCT0g5hwlLNmJcA6WD6RKhKDHgyZyOh2MLxXMyg8j6sw9H42J-y6atGiU5RbkJz93kI3VzVKTSp42RsNM8Z6byuFNE05YS8yAUxpvpxt3BEwh-L998OrmIrT3qNzLpLWIkAXuL4LhS_SKp_T9nvSE9-ZK3FfEUADCj0tcD3pb1eAWlcLKYdE0LhiKyA9-Fz5qIyYlFYehPLRREBdJiQKFVXD5AY2_f-or0z1pnVwT92PnJ8GmvST0EEtAGmMLxCtwJw6Zx4w5nPr773zEOtQ1caxZEnwC6oUwO1Ko7CjjIcKp7JyIIM-sufKjis-aZ5JDzD8Z0ffMuyKzt0IewWayLa1W-wN_2DxjQLv478OaNIba4qLRwi_ZFy3ichlXJ3K7DVboTTC_8uQOzTXsnVYEYoYyr-AvhfRONQ10lCro5a_S-cxkgyecryiExgxDBjmPkop6v8lTKWdC-wAKxDAUH4h4IPtKjHGHv-5PqsNQNePmP-y4TlaKOXR40xUOyUVn7nOtt6G9GN2txm8XvPwkBuTUVBLY4cSTyajUJWi1KiUwhtxqpU_zv8a1PjyttXVqZkLQho3DojNS3L-_JcCIwXzbifqgr1i3c-L_uYkikZQ7qId-TAeWZ8dfjj4Ix7dHWj4bJ-eEgLyW9CO_hCxAIZXrxMTcK4zxye9DlajpWKY_fL5hNRvT2r3FaUpgZ84rRpcw25DzM57bTV9_l9lQcPR1Mb7mSYdeSM68BtuzfOX7Tj6NSaIkGIQ0N4L23kQ09Kkn5F5ON7GwmtnBbiJq1TQ27vmo394HmN9kPtb8rSwinxMSvsk1doMxN0xxviOgLQmde6TvH0l7Wh_j96BJg1NxSkA1IdLKSoHW0ZZZT_44vjoxETtnrmwgyU_n1LL2cWKY4yb6ih-vAOTucVSRUduzrIJNKBMv73hoNAeRmnCpPLrptq-8KqmrT5N0HdMX1CL9wX67CrxrEz17DVQrqBrBhxpfHWGMZ4ju9RvksjbvOTePH0wrjlEe4OYukUdIAfu-orQhUTyotDBJUUq9eVApfoC-RCAUWyINc1ZmXFZm2IxW0KCo8vp2mK4SGMD561NFlYidrn0f1iTWoj0Qe7HD_ThXGmc7x-S-JWc6yAJYBBiUK4GsBqE_M4QRl9s0Dcb_qYgoymgyPC3ZdaRD4C_Qm7u32ixHIimCwq93pZrMVDgVA3AWejUNFsNTnTmbipjwf659_gFZCS2zKQPHrKNu0Xq_pGFPYCB9ddQnsjEgwYXO5hpkjNNkoCDO0RSeZ1xJFkieb3OlAt2lpnRZ3O8Xptjdi7DqLzSdw8zZcJmrFYRc3ZUrMduE9Mk_o0RAgMHNMiEwm5U1LIhYw_jrt2fJ4qwNqpYxaU9EF4BsRukDlLZr2Gcl_Eww-5qNzZJm19Y5zUTEwcqZ9W6VGg1xeQ4B84k0bMdZ2c3M7BZuB353YIGPe3Q3P7Cy7PGrlDjgj7Dm2EXYRGRS-bcBYlV2J7YfR8YKXUxJ_fVyDEb_0Jkeo-jYf1ff_k-WN6kPvtAVp0S6Ge4-YPsErLiYvZZTqbtecjMTZJ4jEHRAcgVUiFFXBkDbWl1PGicp6rvQWbqMO40WJPGbDL5PiWVMTVP3TXDK7Q-MrWKYMXZ59a9F_E51CdwLBw7c38ju1SxINAnm0Jx0vkS6wzkt5QNeT0rg9LtIAwJp5wCGEC421LWUWW078v1N0xQdPZe2-TWoK6Az33tPfDjkAeHYUe0AIdwAY3nutvYMfdJkBE3x_48gztUPrlS_31xoWoN-YvFEhIWV8geKNVu7SKMVn0TSoACRHg1FJUb5XU1XqNi-dgWDRW79b6z-6sgeH9gU7_n28WpmeaRqWBLVbs5DU6xNOSGpUEbn9sVDJX098FS0rTDNWqeREmL-V1G8xGdoJJq9BRlrASfhf-fW7EvzpjoYkdXmycegB_n3m-z9K6lRuml_IiLNIqVqd8KNDI0f94JXTR-WGR2bfjZHMr-ruLh3ojVUhWe8zkJCXJGr-AOF6j4a1t_HwgXKx5kr0G7hMwi1I64hwJpT4VDRSayy8jdSy0ddZgK3aFS5t1ASmPxEtgGHbmPEn90c0Gksw4Hik1yJdCGKkjUuhTHPyhDBSdiaY-ddYUB5XD9SVxZDPJVcLWtGgRUkhMQa6KnJ14fOG-h2TxL1PKCFXfn1apISoau98AS1zhBBH8t-pEkGKgIQ958uGA7W1qwN1X60YanSaoIm_hJypRN7Um292ZQqsGUqfi8RNhz5ExGKMNeGSmjCg3ZmLP8iT5SoHjO8YTF43Cst8ALr5cNK2xOUWeSy9Eg4nbH4NS7hnOLTdWXxbcLVs14cG3lvsUB0OPYohcoEzq99lSLOAWUHoxgEc_odWycww589DcaYivesco2qQYqx3xvnhqfLxED3YlqftowgWFFOE54KOwMkwtOrBa8Wwd7tz9gQXvDlVlbNfUiAQct9_J_DyD1uA59Jy9KfgFPlEXwN-hB0zDlywN_Dg-PbScojnKqurp9DMT6z-jmYRDT11rqM7i037wA9Q-PQTFXapzIR2zchzsssz9xLlp8dItrxqiULKqhmtqTJ6a4lRh1nLa10wkZolFXFcsLm-MG1d5FVzl2tMglPJzaeprIv6bwfthkk0YOxUCIVA7gQwvviK05MhyLuMI2x_R7RGXoOIBAsl5zCY2iKelDPZ6pZBla4PGI-JMsrqLkRsCe3NMuXhpf7nddy9VFh4y0mudbxsXgJEKNc8Bl7_TV8hcXPBbRNMCbKm-mMwWDhy-8N3ybNDZwov6PvCODrXr9FjXUlYFkMkaFLcnjnpcPkpRRf-iAEPjWm9Myu4UQPadMR2XIuMw7p8INc33MjWfiucfT3dGfHb-t-_ZFWiyAqPR-rZwciZAiGhkQLApVy9_MAWb9EloQKsi5s8QvUeuWZrHF_cX4AqOxdNAHSIRZzIx-N7sKRDIPTby5OaqG_7z8EUlAXrNH6qzaTdx9xGX9lSxAq7_iAZeh5XJBNWyzQlaO5wpzSxbfUk-GyFlElfDfG-tBDrs7fQ0SEsITSrTzuj_hMqY&cid=CAQSPABpAlJW-t1jgfcvie8SDccc5V8A0Qvy7mfQsmfzONFXPaZvn3LHZM-rHcK_6r5tLIL8ffkXQgioIf7pXRgB&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.valorant4jp.com%2F&ds=l&xdt=1&iif=1&cor=13411602840827961000&adk=2857193498&idt=33&cac=0&dtd=36

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e64ed909680284310d43b2c1e481c46cdd194084f1df8a605ab46183771add7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ead0bb94f239b6fc2872c2e7ea8bf768.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 14:32:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35808
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11511
x-xss-protection: 0
server: cafe
etag: 961974302080011826
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 07 Sep 2023 14:32:14 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230823/r20110914/elements/html/ Frame 227D 11 KB
4 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230823/r20110914/elements/html/omrhp.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4b61f735ba127d88a8673f26e34a79bc25968d5be1bb43004958065526d28bb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ead0bb94f239b6fc2872c2e7ea8bf768.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 14:30:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35937
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4196
x-xss-protection: 0
server: cafe
etag: 15907914729094346842
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 07 Sep 2023 14:30:05 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 227D 0
0 90ms
54ms Fetch
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuNbm0n4AAEAWwPx1Z_qdLHDjb3ti4-P1dJDZWX4HmJyL9UCG9Jd9mQ5FaaPyWz8tJL8eLSyqjKBqOICC9hPv-AuqGFcO8J6JZlytDX8AX5K55iDEVDBZxhdBSSHqG4Bu5vtmhsPBenRjSY6hX6ydq1Fj54qcCMsPEMvcx1hKg1HzOJNnO5sTueM981YVCC7ph7A7ncI6vU8Ut0ZYLgtHg1K_gcZJJOG-nE9Bx9KBcisZMtfSjbsXIJzJARmXHV7IZoxnjTliFOWYjst5n-9dLYK7eODTGwrwU0ewQQyGTeIQDjLDYeld0qkjXc-JEYk5__81_Q7hbrFAFhlk9c_LX4zXHMBrtB0eaoWFF55FNCmodMSUnMSeYhI06pxU89fQh9aZB4ViUNmCrJa9jDxWqNygG_0dhW3oo0SlfuHdzMCA8koAY5fmxcL16gBkVsHLLhhuITzVFc9HmmmOfn4XYAX8jGFX4Cs2kXd8dLVOMtLsLgt1D--0ueV0dIdfKLdfAAaXz7V7GxZ63DIFhH48q4jEioM5lkgfLgBG53_TMQ3bhY8-1NguULaAle5GYX65xzh8_f84FnXS4pAoF_iTVFOT4GjVP8QcfZbaQxSeqGx5Sf3fD-6nJWUjbuYeG_ZokQFADQkcKhPEB4YWPJXL1DB1OgdkvncC6KfQ_UUhj1MFWoS-Z7AqI-sg00HDuUSVKX83Qci-3Y8XUUkqmPy1pKEqZ7Wjx9L8g0CSxbtUpyd06gG9jTCB7-XBfXI0lqYgLYs_GJCCFXJUL-B_uugxU_SrqOwAPCuBUQ9xd9nPcF6Z1bTd4YkIQ4uiWEyQdHYxUrPguQjLxtQWgne4e55-JiIAKFWvrKdG_SmV9vFZ-8mvLLjcshH0c-01HPoz6aRE44mAVgZR7sBgGOm90QutvwBSQXptf4mVoAbKFp9IGS3b6oxWU1j2xBubhEViOIyTex32JJCUOP3Ey9t96d67SQSKfzUt1JShXrq3-FJ0_IzDFF1I_TPmNRITx9qkoivdJv6rL-m2cKLhSCdcr69u0720kChdnTsYYKYpgMiWSHDdTLif62dHMhyWoKxnzcEH3h3d1e6-9XK4WSiRPzYmeBoiKdAgQRt6DrxAdf3mdVmKSN4my7oDbun3hOjD3P2WRvmCrOX8IJvEQwnGuZ0G-LcMA01tZwj-D62dpOSbqIe3bi5zQ_vRqmFH6QMqWuCl4hAkplimOnrCq4pkl41FmCtM1-X0HkHCmZXN2iuSSRfQ1_U350LnqpwKVKAMGnJigoRUkAnMxdw9PRaU2f60vjmLBaz-mW0Uigr2WEmzXxIVig3gSfynvJ0X10gH98hgldEqC-N7ti-6B_qQ5q0p2x&sai=AMfl-YQgg5qbPjLo4LdczzMYmYPmAf2jCTL2BxdfDLzzNEwDX2x4K9AhpJwJjz-nymO7_SvyhHDfVlvvMLs_f0iJ-kk6DHyUObY3wqLAC_Ji6mxR0RVkoCHi0ShvoeQjy2Yi6qAWIkqTDAW5o1dKnA2EI4JO9XOa3PzpYUShKKkTAHCv0NKzI6TFWFm4r2G10AaRrcWcIIy8ZaxC9mt0eEZrffCYZzDmZNa7mU60qp-iCyA388nLLcZ6FsQv80vg4I6_OS69_hw&sig=Cg0ArKJSzOy16lvbElMoEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=0&cisv=r20230823.07358&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ead0bb94f239b6fc2872c2e7ea8bf768.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 25 Aug 2023 00:29:02 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 25 Aug 2023 00:29:02 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 227D 41 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ead0bb94f239b6fc2872c2e7ea8bf768.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 14:34:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35700
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 23 Aug 2024 14:34:02 GMT

GET
H2 200 859946642154228691
s0.2mdn.net/simgad/ Frame 227D 102 KB
102 KB 42ms
13ms Image
image/jpeg 2a00:1450:4001:81c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/859946642154228691

Requested by

Host: ead0bb94f239b6fc2872c2e7ea8bf768.safeframe.googlesyndication.com
URL: https://ead0bb94f239b6fc2872c2e7ea8bf768.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

512273e8d454edde250416038c73b4752bc4deecaf8bcad90bab27cbf9e4e497

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ead0bb94f239b6fc2872c2e7ea8bf768.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 03:45:40 GMT
x-content-type-options: nosniff
age: 593002
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 104453
x-xss-protection: 0
last-modified: Tue, 18 Apr 2023 13:52:14 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 17 Aug 2024 03:45:40 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230823/r20110914/ Frame 38EB 30 KB
11 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230823/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ClNA_pEcGdzhf-mk4jweeq50-YL65RgjDPgaAkfyEuj7zM111NOftsY21p5_p2zCwm-SD9L0FLcO4b-NvMTP2Z2_GvAQ&cry=1&dbm_d=AKAmf-DGVqZpW8gJzu0cG_XI_Rvgr3YVaPGepk17HSBL5VvHVMB81gPmsE47LWnlix9ekD1BmQYzwutcDDJDVSp7arrCMXpSS4miFwohBscheOQEa3DEOjC8UYUlov0gtU1qWBDXgeN3xhVTvpFiPFusS0RYRQNWlaRe675PZqBo_A8mGfKLxhvimb5KhzH3TnaQ_JZXIgHgdM-C_v3hW59Mmr12W0uB3tob7M8_1LANoBp5xp2iUxUsEB_-a407EU3eZusSvUbLZngnUTtgnZE_qXkQiScVOpUhtix0we-5wgah8eV_vFGtOH6kcUNgSzW_AWwRoUvj7Iz1nPa8jzWjv-ByqtlNzk72q_yOE4gbTxMSel94U5RIH4r315dVxZlP8Lvi5EQa5DVq6z-Hn68Mtzj-6Ex7chnK8BQE5mXDHOhDGPxXagWcqwn8R7ofyi8udGJ0rTPnIOSOsLhfbioB-ueHSjlGuLmGATQaGktr7TwXVtLfVUpPdGADKVsQOUXN8cSdWJ6FXNtrM9RbmCsn18zwYUG7gLlANLAXJMt--fPCiIwHEQiBjIfnYKDPN_nO0m-NZMB6n4CydFd5gTAkwn_vWrP0s8VxEy8lL_CwuQDEhv5A2xrCpxyMQ-Tf_py_a_UQO0EkCtd5ylh-MR8bbencBdmNHPXnYDyoFBWQ__euNEhZfXaNCY-QNgM9HqaKmDM1gAgE5V5jGhsWTNQ0BDvheAYrckZ8HW9s9cllKANEkNiVMCap2ctZhm42x3IOPArda3OhHzPITrOhnpvlsRCUOSpzhHGAQHSqQg7xx5MWKLRJYSUPGIwQ3hjDV92c_p5IooEgFunq5vu8G3byGrtE7cL3vs1jL4kKlVvj53_044LexkShaeZJcNJ8n1HemZDsEUOebOs-JM0yBebFVQp5Deeeak783OqQ43U4h8Zq1rXF1vwS2S4kG7mGJxObkWECKSJPhfSXEQ_C-sH3ei4YhCTiww3LYK5A_Zf1ONLYKtZ-S8cx9xw7ILzF1YYY5n_9s4DMhqJcKQ_xzowLjiyQjygEXDZGFKP-vtGOjPKxpt1U8DpzhBbrzIN7YrnFuOoGjiSJUB2joybEtGxhq86aXGuFAg1_4jiW2gF2-w8FNuea5pt5vQ8tK1V5-P2zW4Ixgg8tRTLh6aWyGiVk6v0c7JdKDwJrgf67N-5-npJ0LX4HSnSyDSNWpQYFjNtQCAbAjiQcrYr4CxyPyDCrBZg9m6mJFNun4vNNuWK9SDLN98-8W4eRvY5BAC05QT5lIiGCJ_zjmllGx0OTlA_u1nN8Tq52O_ct-Qv2ZjY0ZQhRZqRPoPl8-T_V96f-3PcPGtEh3tu8lvJotcbTfHYsw-1OU-h-UEwz7oJ8y9GWUPF_LYQQS53f6giq4a8ikOo_gaZ1U6VhQgg2v2CiIT3fuYq07tB7UckdR4KiHAKOvLIQ6SOqnfTxpjnetLxu9RNh23-ZZsmUXVR31BXqnJVjrDB0tjF3dK0wgDsP6BHzudVOY2SOa94e60qZKULWSilTsaOOl145JuH0RUHJQKFrFcGOV1VgNOerPd-hw6YdJ1TuKnPXs_zVQ7yBQiMpAH6vqGkiThP5QnTvjb-oryMHDcxXJ60pUPNyUN8OXvCCF73qzSiMnjUqxmh8ipts4jSsrPS2Il-v1fcOpFEsZiztF3JxM7FD7mkGiWAfJWlPvdiLQl3ObClwRa7NKH5-OEGybOjulVByTsvDEzuZj54tqRIoLIL3KDR2OJ09OS9fpFf_6bOTywn9ch8PsmWS7ucDZ9KAFR17vi-Px0T6v3ZakTnTaQIaO2RWbmzQiGotRlr6uEX10KL7vduKL4z9d0tppF94DiML0dHuMXi-qZu6o922-GK8oh7f-STcvIWelmMyrZiTfSqZALjFItWeley7_IS-1Nmg9RvarnIwH4hSbE_SoJ82JxzYBmx2vK_qjkyHtjcMIgW3Le_M4KFzLt2ukZJHPd-noSlQgD3m1Li8zqLz6u4fy8AmYD7BfTNgABl-Vw1uHV2ceovls4YfWLZiNJfCj4sN8q2c4tXC5dIwzkSp_RTJZHEJQCvU24ALBlR3g72Ax9UCfKYAEWo4qQEIX4mQd3D-GdOoFors89l4nc8yc91IyplBb_MCSE2pAgHBVxRasn9iG4C2rSVinD1xDpjGKXDe5lcsWnqjCShuYoTi7ddERgWJRE5PcV764rbFfvXxjw90BzU6ZsJjko2dBTDGyrFC-5_-sNy4NnU2A-H1S0HoEpX1FaXQpssIjfbU6TynTVy2P2o90DUteowk5aSDPQGvY1TMCEmxdC5gVlj-HV4iHIhJVL7u0EGOyY9nMfUT1QydX01Z2U54mD9IXosIpw8wRykZLK6TzObC5YfVXJP5oYobxYwvqBSAKJ5roYOLpHISYQvtzuqM_dNTOLJ2aSEOkWhwqqsRMREPhCsMdvJZsea0wgpqHEKPfvhsNOGxam9Y5_8zMw0J_e1OLFHHotTnGDnvq2iSzgRkhpS8pz5z5NOpD2BwiGmfDCBeOJr7j9nMfzn9Khr1I8bheDUGFE3wS26xPmgytzutv_qz8AHjXQDWYYFSv27UBPH3Ejvw-W5paPPS1n1H-SNeHy_fKYQRqrhim_QSH5jqsmbnzQTwEcTNpWOeJTuKsYBtNJhmGy26cXUkifosZPorMRyR220f_uV1RypmSgJtUc6IF1X9XhSXLYAV_pXOkttbbj_WvFErXulgbmAN0iKvqI3CjkN8tDlyQdrz0IZYk_y-BgAAvjNkjq1esTGs06GPXu3jjRsfiqJt17bzRo_RU9EsZMQBKgzAacZVsG9BBaSQmwU4CC27nObp5E0ymVIy65_uM3QBiT-eXKrO31H-PP9SQx07En9iJoijUNxhURtaSBf8W6lbCVoQxeT8aBZeKh1LGDIFI5F3oK1brc9ZysYBKb9Jo7IK8NhfOX-AGIWtCELzTjEGGjZDiDqfurkiW5EM_v53snXNWqJ3vE1IvuWqJMrHa45GeMoOnOKbd1riJFarKS65Zlyrbe3v6SfvUS3hezuGKQfHZCIjm8AQeWiXHAF37qNV5_mJoYNRAJKfjXtHiV5-zUV31X2hJdGjqeA7dZqLPBdswAtu9JCMiGJqyeYTdTFw23Ra3i3NDw3HRWWDEha-RIbyZayzNZr3oOcEht0ZrNQlSPNPAlAlTCoURBfYDg5m1wUd9YSl7ZOULA70-Eqv3i5_5TuliV-aWb7xJh8-VWnwVh-xHDsMZtXu6etfJDrT0PFDzr6vjJPHg5Z3zJvUZfrhosD7XGMbM2Z50UwVaTutdrJXiySNqvx7HaaGVmYu92q4rpiTeGMnmb5-oSMtqT6Z5m9i7YEx3fz3gloloa6G32V3gwc2iqeY8FHdizfHArF-eh1_1ODm9pefzGXDrqtP0AGpM6_kRlLo8TupQpAe3zHnjGe2irpCZxkTRmcm98Pcns_X2uABKRNPxLfJ07BXoJrS_9DHOF4bHJOmmmJzFgXjMsDLyNmvfKSujjMWQMzQ7lGet3sOpirEhtc816WUJ8eDdQsYxi5_SMe55MdTHIUkojusERyS_TB0Sw3fMsF3vZPUAgUD-wjbfPj_XvSrkbSqlpaYZ7JO0El27lXrcSvlm0O_NKgKVjyYioDi7kD3YXYElvzqMikN-fsz6025AM-i-OMBL9Qfk9H6u63M9W5ClDA75jdriWUr&cid=CAQSPABpAlJW-t1jgfcvie8SDccc5V8A0Qvy7mfQsmfzONFXPaZvn3LHZM-rHcK_6r5tLIL8ffkXQgioIf7pXRgB&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.valorant4jp.com%2F&ds=l&xdt=1&iif=1&cor=2315646240196152000&adk=3944675600&idt=39&cac=0&dtd=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e64ed909680284310d43b2c1e481c46cdd194084f1df8a605ab46183771add7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ead0bb94f239b6fc2872c2e7ea8bf768.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 14:32:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35808
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11511
x-xss-protection: 0
server: cafe
etag: 961974302080011826
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 07 Sep 2023 14:32:14 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230823/r20110914/elements/html/ Frame 38EB 11 KB
4 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230823/r20110914/elements/html/omrhp.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4b61f735ba127d88a8673f26e34a79bc25968d5be1bb43004958065526d28bb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ead0bb94f239b6fc2872c2e7ea8bf768.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 14:30:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35937
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4196
x-xss-protection: 0
server: cafe
etag: 15907914729094346842
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 07 Sep 2023 14:30:05 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 38EB 0
0 55ms
55ms Fetch
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssUI0AUYKYI3OAEfIqqseQFDqHpXwZI3r_xsnVGKBa5mXAknL5hk897FDFvJOfPAJ_QidXTsrctqSZdHxX-X0Ako0-UazZVAfdpG9-xvYl6s-gSE0VWzL2T4CRu40sKVlvRrozyuET0-DpN2PdrYrtYKjxp3OxTi7fv_ZV4CBUYqh10Rhbzf_9k224UJ-3eRGN-ue6w23h9EkeYEFhHmow5j9z1ggrlRt2s_e4t7_aNogNA1t4N5uTqjbEZB-7jn1NTCUaDnbMUcPgGL-cxgC1A85J6g5lMR8g9brExVZl7GNLqA8F5HcQ-D8LzpCES1fJGtHiCc7LxvWoGv5kPiweUWSGqvNyE21BeSGzUzMQLbvPMfCnh6scZtJUE_kp0SJKWz_Jtk2bnFhtOp7Cn2RVuH7iwHBrK0G9y-aNiM11z1x1IHzRbhyZKsSLRf0yxQnD86ejDWKSjNbmND1cfiy_MSPt2wmuOdTszfbyUIKNKUsaGtrPMGyj66pFtqkKaXPpJSH86mMF6NfQNP5bMnNczOErZfG9MJoBJoBjIT1IB-Yj13pC5oKryI2stRv2E4G2Sw6aQuvKhpbT9JwUMPQCeaVhfDlFUGBraJIwMOUf6a42Og1A5FrWcql90VCvWT4fhMjnvyHP3RCY1yvuN3UwqndPGKhyC-Q88YekWJHW7AC2PdKsFWo5t6tR3oyAFd-9BJL1gf8POm3Hao9aRuD34QZ1Rth9lP7YjmLy1Nl3T6JpLoeUk2vfd6UPQyrHNhy9a5DtYvJDQp6O1N-dFDCZfE48ginVsQ_12OlvPpgVWm8LoWVuMXsHiVhUHZLDZZ9YMx9pabQSbdiDy86YKQvDSY8DyjRS5_9KXDuLJ4YNkgx0XxZ3_N4vovc-nfMsBRyv7rPdUPR6GydnSQejmsYYbwofuUuys1jLchx-eqOUqdOzWHOIEUxfPh85Sew-hePuLep0z9QSWsxIgrPOYw5HrexFBULnSi_64y9Ddr1K1ll-YRg1si1tRnM85D0DrZnIEq_xlOLw3Oy8zzbT9JuzdFpNFmMVI_oxORSI0hFWc7pcJ6D9umXkJ37K9t_47guX1a6VXgbXoXeBqu0er0NoJe90kF2Db_tietZm-9gXT6cIcuOyVTP-0SegVYFV4t-47C5gVF9HYHZrOP4oe8VcVZUwtQ4Uk8I19FBqD9E2eIfsb8mhMQ5-j51vr1ceUj3K2AZ5v2GX-F_eN5-bz0S8G7Rgk5cG0tqBSk4U9uRf9PVototNaOcmq6uS-uGboKcpo0qwE7Zap4u0AJddNUQdR4sX6x4xzMVNCRYXJCAseL3N1LXM1rpkXrpr9BD18TT38Lbsg-TUCu1-mZWFa6gqZRzVpE5DbEGM721CN3BsFGbQSNGs&sai=AMfl-YQFIGltwbNpClUSPp8e2CBT3TPn-7BYBg5faf9eHH57hFd1Gj0caFaoknuo8YxJcOhe6CMdUwfN3DWgohFOCAE1LRC8rTfh3vZxtsa1CyB3aByg0P2tktxXiTBmOaIDkBe2nhWXyySj84XgCVjKlvgsIqkiVDygP1vYmrlywTBfN2urcGdLi4DesYUQKPo5ecVCnA-AvsJN22JgBl6rdpLonmXD7uosdyMAAUft-Y-bAmcTJkDj22q57jxGwXNEy0DPXzg&sig=Cg0ArKJSzEDNjta5Z67oEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20230823.95494&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ead0bb94f239b6fc2872c2e7ea8bf768.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 25 Aug 2023 00:29:02 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 25 Aug 2023 00:29:02 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 38EB 41 KB
13 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ead0bb94f239b6fc2872c2e7ea8bf768.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 14:34:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35700
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 23 Aug 2024 14:34:02 GMT

GET
H2 200 15308890966134294045
s0.2mdn.net/simgad/ Frame 38EB 46 KB
46 KB 8ms
7ms Image
image/jpeg 2a00:1450:4001:81c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/15308890966134294045

Requested by

Host: ead0bb94f239b6fc2872c2e7ea8bf768.safeframe.googlesyndication.com
URL: https://ead0bb94f239b6fc2872c2e7ea8bf768.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

90b154c964c7c3bde021d890dd03a82f2acf4c3d524e771e75ba3795a3207cde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ead0bb94f239b6fc2872c2e7ea8bf768.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 03:46:29 GMT
x-content-type-options: nosniff
age: 74553
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46724
x-xss-protection: 0
last-modified: Wed, 05 Jul 2023 11:13:05 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 23 Aug 2024 03:46:29 GMT

GET
DATA 200
OK truncated
/ Frame 227D 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cbcf505e9ba3b19a4200478291d820f2e112829b67d383db1ff0b2feb24c2998

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 6B07 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 132cc9b523ca39c4daa3d12b96987ab6d430cf374f18e4ad9e0f18662df82bc5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 6B07 0
0 46ms
45ms Fetch
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstZNgh1B9b4rutyIorny6e28Tcd79S-GNVcN9GTOvHX5JPpYBGL8O0GdDWUKeB514j4STRuHe9c0t8HeI5PUrFm2jiC6Pis-kkqz47NTmRAb50KDt_V8CewN6UhzyM_o055f6jwhbtn8n7wlFmdY8RXx_YXH_6fUyWHxN0CIAO7cFk98WiTkUxzivAa3Ft3KcImrWHlughDugjMDARsYSk4wOmVyO9wgS7xoM-56fLzObrOKeCQvBRmfKjDu-ERAYdSNERCIzWhkn3DKgvylO9VdYB7zmtWAmKb1eQaXlwvB5UHfQB2JLU-aYyF9Kq-4FRihl9aqbKOoAKxqh5AUvrWF2MekdzqMiQObJgrrRk2HlL0XNmrlYfJhNA0xffb1bBmqs-SzubTTimJsDdbC0tcZFTvTHBlWkA9wTScmGMo1dJW_DLZC71kafVDnsNV4lK0KuIudJ1mTZEtGuBenB1MpsmeVTY9gJL8PgJqXNgwpI-8EFL239PpYRvCbTXM4LxZsD0EfXDkbfP-jWm77rDZbqNjatPEMaWB3QiXIv2xSwNdQGz0BU0L5bYC4zxclHJbEeynBy6T2BdBTlzNVYgaF8wo2FQgZ9URXwKz01AyyjEObmusWs-18M6_di2d-si5x7jlwXvXQk1esNJ6JrI6q_BjkejDHoF4SK2YPdYQefUyL15e3m58SskgvuVmX2IWOnJBFRPsxeHkEchhc84WD_Sr2FrxUhgumNU-KWq9w-0oPG3us-WXSD37vjDSoicPbzLVFwIal6C62oLmBnMyiQjyRZZFue6UmckSw2_o33MwSzIAQxsGyBhDj9ze-ZeXfdU4OgIDqRnLn7a0LQsTmrjKhprwJ-XvbEDW0uSwdHkBhGraPKsH1_t--5fVfgmRRahwc1rX2pzHmYXouKXHbGAJrZsISKNVxebAWPhaJvjHPZeODY_WxrSXHvweHMlQD1kkE2jXHmze3an3lxQnvpVeARIi_w-_S2jMFE-nWkNmBAke36N57UZsRzATQ36jVcq0uTGWv635JO8wAsFySVJ-kE2aKrX2NTQCbgithno9u31SRerQtcdviil_bAh4UyRlZVHdbb-KguJHKRASiz0BIcwz0nta4v9-Us5n9Mm8lI5B95OG0cPjUHEYBgU-fXg4c8vdOAyYu7oqIAUNWkW67M3I1gpeNR25GYpS8ZamEXsKXSZu0fGCCTnQyJklR97NsT1IUUvpaPKXVVc79bDhAD4olEYAW2fOeCfiCmxCiiT-NJgwbZPc4Kdm6ttWYFbVwK_ui41p0OXrcMDCPUk4E-dDxfcFy1bZ_PAW491hEsrcGHJb6M2fJ_TQvjbx3VncapraAQ&sai=AMfl-YS1R5I6gyU04EVDrAbK2Floaf2SQL09YISzEU8Csz0uA7qKH-KKhNjwTIJUFGI1zTcHXCgWckcrMQVTEJuQqMZMV-h4-d9D25eeDkXjVQhb1CRLCwOJLe-79hFl7Cn7Jq2kkhZQBfd9ZQQCIkinhBcVjRmtejE6ws7wDu-loZIO8cM7QWLalRVqfYxXnnaZcBbwDI90Z96bLncwBgOnzeiaGE58I6yuLXwCdo9FSHHByPRbczFysE1wGw7nrX2uZW-fRxc&sig=Cg0ArKJSzDaeBoLM_P_hEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=129&vt=11&dtpt=127&dett=2&cstd=0&cisv=r20230823.35768&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ead0bb94f239b6fc2872c2e7ea8bf768.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 00:29:03 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 25 Aug 2023 00:29:03 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 227D 0
0 45ms
44ms Fetch
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuNbm0n4AAEAWwPx1Z_qdLHDjb3ti4-P1dJDZWX4HmJyL9UCG9Jd9mQ5FaaPyWz8tJL8eLSyqjKBqOICC9hPv-AuqGFcO8J6JZlytDX8AX5K55iDEVDBZxhdBSSHqG4Bu5vtmhsPBenRjSY6hX6ydq1Fj54qcCMsPEMvcx1hKg1HzOJNnO5sTueM981YVCC7ph7A7ncI6vU8Ut0ZYLgtHg1K_gcZJJOG-nE9Bx9KBcisZMtfSjbsXIJzJARmXHV7IZoxnjTliFOWYjst5n-9dLYK7eODTGwrwU0ewQQyGTeIQDjLDYeld0qkjXc-JEYk5__81_Q7hbrFAFhlk9c_LX4zXHMBrtB0eaoWFF55FNCmodMSUnMSeYhI06pxU89fQh9aZB4ViUNmCrJa9jDxWqNygG_0dhW3oo0SlfuHdzMCA8koAY5fmxcL16gBkVsHLLhhuITzVFc9HmmmOfn4XYAX8jGFX4Cs2kXd8dLVOMtLsLgt1D--0ueV0dIdfKLdfAAaXz7V7GxZ63DIFhH48q4jEioM5lkgfLgBG53_TMQ3bhY8-1NguULaAle5GYX65xzh8_f84FnXS4pAoF_iTVFOT4GjVP8QcfZbaQxSeqGx5Sf3fD-6nJWUjbuYeG_ZokQFADQkcKhPEB4YWPJXL1DB1OgdkvncC6KfQ_UUhj1MFWoS-Z7AqI-sg00HDuUSVKX83Qci-3Y8XUUkqmPy1pKEqZ7Wjx9L8g0CSxbtUpyd06gG9jTCB7-XBfXI0lqYgLYs_GJCCFXJUL-B_uugxU_SrqOwAPCuBUQ9xd9nPcF6Z1bTd4YkIQ4uiWEyQdHYxUrPguQjLxtQWgne4e55-JiIAKFWvrKdG_SmV9vFZ-8mvLLjcshH0c-01HPoz6aRE44mAVgZR7sBgGOm90QutvwBSQXptf4mVoAbKFp9IGS3b6oxWU1j2xBubhEViOIyTex32JJCUOP3Ey9t96d67SQSKfzUt1JShXrq3-FJ0_IzDFF1I_TPmNRITx9qkoivdJv6rL-m2cKLhSCdcr69u0720kChdnTsYYKYpgMiWSHDdTLif62dHMhyWoKxnzcEH3h3d1e6-9XK4WSiRPzYmeBoiKdAgQRt6DrxAdf3mdVmKSN4my7oDbun3hOjD3P2WRvmCrOX8IJvEQwnGuZ0G-LcMA01tZwj-D62dpOSbqIe3bi5zQ_vRqmFH6QMqWuCl4hAkplimOnrCq4pkl41FmCtM1-X0HkHCmZXN2iuSSRfQ1_U350LnqpwKVKAMGnJigoRUkAnMxdw9PRaU2f60vjmLBaz-mW0Uigr2WEmzXxIVig3gSfynvJ0X10gH98hgldEqC-N7ti-6B_qQ5q0p2x&sai=AMfl-YQgg5qbPjLo4LdczzMYmYPmAf2jCTL2BxdfDLzzNEwDX2x4K9AhpJwJjz-nymO7_SvyhHDfVlvvMLs_f0iJ-kk6DHyUObY3wqLAC_Ji6mxR0RVkoCHi0ShvoeQjy2Yi6qAWIkqTDAW5o1dKnA2EI4JO9XOa3PzpYUShKKkTAHCv0NKzI6TFWFm4r2G10AaRrcWcIIy8ZaxC9mt0eEZrffCYZzDmZNa7mU60qp-iCyA388nLLcZ6FsQv80vg4I6_OS69_hw&sig=Cg0ArKJSzOy16lvbElMoEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=125&vt=11&dtpt=123&dett=2&cstd=0&cisv=r20230823.07358&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ead0bb94f239b6fc2872c2e7ea8bf768.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 00:29:03 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 25 Aug 2023 00:29:03 GMT

GET
DATA 200
OK truncated
/ Frame 38EB 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2e52b26b68b59aa4c749f62de662b10d520e1a6996b88ecc4d9b1c7baf74906e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 38EB 0
0 44ms
44ms Fetch
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssUI0AUYKYI3OAEfIqqseQFDqHpXwZI3r_xsnVGKBa5mXAknL5hk897FDFvJOfPAJ_QidXTsrctqSZdHxX-X0Ako0-UazZVAfdpG9-xvYl6s-gSE0VWzL2T4CRu40sKVlvRrozyuET0-DpN2PdrYrtYKjxp3OxTi7fv_ZV4CBUYqh10Rhbzf_9k224UJ-3eRGN-ue6w23h9EkeYEFhHmow5j9z1ggrlRt2s_e4t7_aNogNA1t4N5uTqjbEZB-7jn1NTCUaDnbMUcPgGL-cxgC1A85J6g5lMR8g9brExVZl7GNLqA8F5HcQ-D8LzpCES1fJGtHiCc7LxvWoGv5kPiweUWSGqvNyE21BeSGzUzMQLbvPMfCnh6scZtJUE_kp0SJKWz_Jtk2bnFhtOp7Cn2RVuH7iwHBrK0G9y-aNiM11z1x1IHzRbhyZKsSLRf0yxQnD86ejDWKSjNbmND1cfiy_MSPt2wmuOdTszfbyUIKNKUsaGtrPMGyj66pFtqkKaXPpJSH86mMF6NfQNP5bMnNczOErZfG9MJoBJoBjIT1IB-Yj13pC5oKryI2stRv2E4G2Sw6aQuvKhpbT9JwUMPQCeaVhfDlFUGBraJIwMOUf6a42Og1A5FrWcql90VCvWT4fhMjnvyHP3RCY1yvuN3UwqndPGKhyC-Q88YekWJHW7AC2PdKsFWo5t6tR3oyAFd-9BJL1gf8POm3Hao9aRuD34QZ1Rth9lP7YjmLy1Nl3T6JpLoeUk2vfd6UPQyrHNhy9a5DtYvJDQp6O1N-dFDCZfE48ginVsQ_12OlvPpgVWm8LoWVuMXsHiVhUHZLDZZ9YMx9pabQSbdiDy86YKQvDSY8DyjRS5_9KXDuLJ4YNkgx0XxZ3_N4vovc-nfMsBRyv7rPdUPR6GydnSQejmsYYbwofuUuys1jLchx-eqOUqdOzWHOIEUxfPh85Sew-hePuLep0z9QSWsxIgrPOYw5HrexFBULnSi_64y9Ddr1K1ll-YRg1si1tRnM85D0DrZnIEq_xlOLw3Oy8zzbT9JuzdFpNFmMVI_oxORSI0hFWc7pcJ6D9umXkJ37K9t_47guX1a6VXgbXoXeBqu0er0NoJe90kF2Db_tietZm-9gXT6cIcuOyVTP-0SegVYFV4t-47C5gVF9HYHZrOP4oe8VcVZUwtQ4Uk8I19FBqD9E2eIfsb8mhMQ5-j51vr1ceUj3K2AZ5v2GX-F_eN5-bz0S8G7Rgk5cG0tqBSk4U9uRf9PVototNaOcmq6uS-uGboKcpo0qwE7Zap4u0AJddNUQdR4sX6x4xzMVNCRYXJCAseL3N1LXM1rpkXrpr9BD18TT38Lbsg-TUCu1-mZWFa6gqZRzVpE5DbEGM721CN3BsFGbQSNGs&sai=AMfl-YQFIGltwbNpClUSPp8e2CBT3TPn-7BYBg5faf9eHH57hFd1Gj0caFaoknuo8YxJcOhe6CMdUwfN3DWgohFOCAE1LRC8rTfh3vZxtsa1CyB3aByg0P2tktxXiTBmOaIDkBe2nhWXyySj84XgCVjKlvgsIqkiVDygP1vYmrlywTBfN2urcGdLi4DesYUQKPo5ecVCnA-AvsJN22JgBl6rdpLonmXD7uosdyMAAUft-Y-bAmcTJkDj22q57jxGwXNEy0DPXzg&sig=Cg0ArKJSzEDNjta5Z67oEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=47&vt=11&dtpt=46&dett=2&cstd=0&cisv=r20230823.95494&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ead0bb94f239b6fc2872c2e7ea8bf768.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 00:29:03 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 25 Aug 2023 00:29:03 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 0DAC 22 KB
8 KB 7ms
6ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ead0bb94f239b6fc2872c2e7ea8bf768.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 140356
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 23 Aug 2023 09:29:47 GMT
expires: Thu, 22 Aug 2024 09:29:47 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 7DFD 22 KB
8 KB 7ms
6ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ead0bb94f239b6fc2872c2e7ea8bf768.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 140356
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 23 Aug 2023 09:29:47 GMT
expires: Thu, 22 Aug 2024 09:29:47 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 6C16 22 KB
8 KB 7ms
6ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ead0bb94f239b6fc2872c2e7ea8bf768.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 140356
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 23 Aug 2023 09:29:47 GMT
expires: Thu, 22 Aug 2024 09:29:47 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 PkiGnUWInYwTcBYaxbSZywLcc8a-vvuMSHFzAQqrt4s.js Show response
pagead2.googlesyndication.com/bg/ Frame 0DAC 37 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/PkiGnUWInYwTcBYaxbSZywLcc8a-vvuMSHFzAQqrt4s.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e48869d45889d8c1370161ac5b499cb02dc73c6bebefb8c487173010aabb78b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 22:43:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6309
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14710
x-xss-protection: 0
last-modified: Tue, 22 Aug 2023 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 23 Aug 2024 22:43:54 GMT

GET
H3 200 PkiGnUWInYwTcBYaxbSZywLcc8a-vvuMSHFzAQqrt4s.js Show response
pagead2.googlesyndication.com/bg/ Frame 7DFD 37 KB
14 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/PkiGnUWInYwTcBYaxbSZywLcc8a-vvuMSHFzAQqrt4s.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e48869d45889d8c1370161ac5b499cb02dc73c6bebefb8c487173010aabb78b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 22:43:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6309
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14710
x-xss-protection: 0
last-modified: Tue, 22 Aug 2023 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 23 Aug 2024 22:43:54 GMT

GET
H3 200 PkiGnUWInYwTcBYaxbSZywLcc8a-vvuMSHFzAQqrt4s.js Show response
pagead2.googlesyndication.com/bg/ Frame 6C16 37 KB
14 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/PkiGnUWInYwTcBYaxbSZywLcc8a-vvuMSHFzAQqrt4s.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e48869d45889d8c1370161ac5b499cb02dc73c6bebefb8c487173010aabb78b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 22:43:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6309
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14710
x-xss-protection: 0
last-modified: Tue, 22 Aug 2023 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 23 Aug 2024 22:43:54 GMT

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 95 KB
31 KB 23ms
23ms Script
text/javascript 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: anymind360.com
URL: https://anymind360.com/js/6476/prebid_2023_8_15_7_52_36.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

33849beaed6f34c2defe2ea3610a424d05730d79a9af10e3cf67e070af0694e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.valorant4jp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 00:29:03 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 03 Aug 2023 11:12:29 GMT
server: nginx
etag: W/"64cb8b9d-17ba9"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 26 Aug 2023 00:29:03 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 7E88 15 KB
6 KB 15ms
15ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.valorant4jp.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

42b9a15f9b6a86e0bca2678c6a6679ed2e73777ca55d893012e685275249f702

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.valorant4jp.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 25 Aug 2023 00:29:02 GMT
server: Kestrel
server-processing-duration-in-ticks: 744204
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 publishertag.prebid.140.js Show response
static.criteo.net/js/ld/ 95 KB
31 KB 62ms
30ms XHR
text/javascript 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.140.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

33849beaed6f34c2defe2ea3610a424d05730d79a9af10e3cf67e070af0694e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.valorant4jp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 00:29:03 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 03 Aug 2023 11:12:29 GMT
server: nginx
etag: W/"64cb8b9d-17ba9"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 26 Aug 2023 00:29:03 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7DFD 0
20 B 43ms
43ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bl4oUzvXnZImvMZ-6x_APq8-AoAIAAAAAOAHgBAI&bg=!u7iluPfNAAYkVgHwBFY7ADQBe5WfOGvkJR4OcdT7jphJIigcXN2efFlFO2MpjchqqaN5iMWKqiTjS1R1We-tCWnoZftMAgAAAJRSAAAACGgBB5kDCh7GQ5rgxAIj5U2YPda9sudofvuUuFyDOSSvuXuM-630zbQCI1XQHKN5aK4rzSElLmdwRJUDUKXyPpGYOuPytqw2cUQQTMNfpdq1pdlZu0018Xj33zwGiNMy2sGJHGAgdSn3Ti3SZtqvCifV8GRM21JedfGBGbwGjKeMdqwcH5-F9efBdpW8VA7S4BJXHDgdrHDUptN24XpN9ihVFg7ifEGylCB6A--SeSZQ_HoqAeZ95r3697fJO5kbMxuWZNnUSFyp8qvMh5s8X2gNCQXLe5l5qwJaVj87fBxao4lyd_oTJXnuDUOYTgz4mc8ClPvJBEqDd4NOrrEMzZTY2qs-Ib__tHOAFJayEaItfYeFr2L4-p7IrkroZ_8WHiaQx5e4AyPuqcJmbIrEj-kq-LyIlqbaWqw6oh6h1YarF_nsHjhqm8UohoxSnGcBv2g--9UKnM9GeUE4Z02JMfRiB3Wr4P8oT82kfHwdTeiG2skMokmcrLRvgVI3H7ZCoiIszAh0D0E_nCSx6s4Rf3MdyASGuOicxb9Z1_WxYEjulgTDYeG5P2QPZRbvijTyoJavrDomhkUAq_s6NsMLPsajH47ZxJuVkXwot9LTzPkQ_IAtL70epHxh94GlK0RXcNDqdnVTIFwRaqIOaIwHW13wjrsFbWmF-tJeJ-C6Evp2gZbNgLMb-ZZHdm5y0N0o_CAuYrvPKuxzzOhkVaBdzq78I-r-VQthgMCcp8CAP392wGV3IdFWfRRlJl5ZAUYrY_uA7yHGIhajf6QCvMtYyOGwb3COQnnV1WuN81s0KHDiqQlvnFIYE4QGOE5r0HOyN4DSd7qnogTMDCzrQq6rG4eRjDQBrE4BFXRKRXnfeuQUN3iptvxX_tf-LkP5429_xlZ_5gAMGB3e2eqDtJPaG0jL0bnRIkRiM6lm-7kdL-k1ov48u3RG3LAQck0n9gUKLku5wROGj9oV-qk7jbspD3mOIuCKe9JROS5RrE4pYf6BhQ5hcztr8juG3iRXOths7-c_N0kJw8fCsWixr3WEp5c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Aug 2023 00:29:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0DAC 0
20 B 48ms
48ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B9N3EzvXnZOTqMfmfjuwPotGpyAUAAAAAOAHgBAI&bg=!YWKlYi3NAAYkVgHwBFY7ADQBe5WfOACbcEKwV1swBKnfq6hwaZe3zL5d_8FeDGFvVVaKjeyysd-bsOfo3q5CyoF37Z_vAgAAALZSAAAABWgBB5kDBaOCm1M2Pz07KEWlmmgY1jmrZgkuhecRVmj8h0IblsCGhIDvKWRhpUrMWbUAJdsvip3aZXwzXArDVo94AlarslSuwXWEAMz6pG_k2JKfkp2-wO03fY3F4QN7mxrUtP81zTzxXA3qoFJJGP4p-cINpkl7hh_clZt36bjq1jliYzABIDu3DepTl_l5kwFFdaS_dZh2fUW59jXcpMCxECvpmA0pozZjtW8fMkzu7ZqsePSML0IdLar4I5hdR_FpuI4ONxYm3G01vnds3qO3gRZa7egWT7HfQAgHWBx7-OR454KPERyxea2jvdtXpDMVKkCcZuFyNt5GkzTxhaxdK3BiG-YKY0oOtGD4itI3STgNSOUy1_ua1Afef1_H8O6W5eL0dhajL2FA1_BxxtBOlsMia0oBysFh2ojJ2s-KdfnjM_p908V0hRej6w0tX_zB00iyMdEFi2ysp0kODXbFhnS6OYUsUIMVnm0KiEGd7z0Svhu7eOynIekTC8_jbUil-vWQOnEqxfN-Pln6cK7Usd2eP2A4InPbTApBTpzEPD4fBot_l88ZdNImLZX71YCLpBnP9-abRcwJD7KdhWYY7e7xNHvS0ZPoFiDtwYP-PCPKHS_9vRG45Kb-im9Gyz_V-TBdp08jl_JcnGZ_eGICtROuO8W3t8Gr66xdpOyZ9dajOs8XfYjIrKGnFJok18qMmpB0lij9c2pAs4CJZpE_ePYno7gLRXJOJ88qqzRPgPqkWMFyS96mTMGOo9mAuWJWhDbPmPM2FDlkM6LzExdj1TDERr97bBmAsTMBcNcj65Ae_d3JdKBWwC_1sr_U8OpG8eMlbzOl26h43SPlmzusdCmWkQZ6ZgJUMnJkcZVy2MSQ3ADyuFzrkXtfzCoH7gsqecinSjUw05J_BB6dzaNINVkzEEiVEmRlRqHWrTX6_SVFkYAYsTZpfFv7e7hiRygdoEPiHCcmvRc3yr66aZrcerfKSmzheha1TQiExnSJ1_uFU5NqRAt2Fc1El-TlSA86WRhMHrSaIWoS

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Aug 2023 00:29:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 7E88
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=valorant4jp.com&sn=ChromeSyncframe&so=3&topUrl=www.valorant4jp.com&bundle=rYNy319BeHM2NndIbGFQTTRFNWs4aFA5emduR3hJcE9LSUNZalRrT3ZQZExybm1V...
https://mug.criteo.com/sid?cpp=Tr5UjnwrQnZ0MTdCVGdGTFArS0ZYdU1mYk10cDhKanlCbmRWVXkyYnFuQ010TWZKcnFyUmVvMEU3Z21XVTNHWU55WnNENGxrVFBOQlZoUXJObmZZS0toUDNIYzZkZFFrckRjK1h4NlQxcjJIakxTQVF2NDdETGdsZHFkdH...

430 B
650 B

17ms
17ms

Fetch
application/json

178.250.7.13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=Tr5UjnwrQnZ0MTdCVGdGTFArS0ZYdU1mYk10cDhKanlCbmRWVXkyYnFuQ010TWZKcnFyUmVvMEU3Z21XVTNHWU55WnNENGxrVFBOQlZoUXJObmZZS0toUDNIYzZkZFFrckRjK1h4NlQxcjJIakxTQVF2NDdETGdsZHFkdHQzTWdZTmJXaXRxUmlHSFFEZHV6VEpVNkhkSDUyYnR4QVBONFJaTkFkSXc2UTBHaUZtakdrTFAwbGdXLzNkOXl3cHRmWUs5dFVLVmJrT2N1V0FXZkl0dlNRVFNHcWNyamRwWm5xeCtHR2Z5VkxhSDhucm5sczU0RlVkenRzem1pYTlBM2x0TmtBcTFaMkgwaUYrNnFUUUZCYi9PcDF4OXMzbysvclRBQ08va09NQWduYWdHQT18&cppv=2

Protocol

Server

178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

3c5c5858d9ac2131db6fa110ac845d32a7668852731ff5e7ae086902760ce11d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Aug 2023 00:29:03 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 931100
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 25 Aug 2023 00:29:02 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=Tr5UjnwrQnZ0MTdCVGdGTFArS0ZYdU1mYk10cDhKanlCbmRWVXkyYnFuQ010TWZKcnFyUmVvMEU3Z21XVTNHWU55WnNENGxrVFBOQlZoUXJObmZZS0toUDNIYzZkZFFrckRjK1h4NlQxcjJIakxTQVF2NDdETGdsZHFkdHQzTWdZTmJXaXRxUmlHSFFEZHV6VEpVNkhkSDUyYnR4QVBONFJaTkFkSXc2UTBHaUZtakdrTFAwbGdXLzNkOXl3cHRmWUs5dFVLVmJrT2N1V0FXZkl0dlNRVFNHcWNyamRwWm5xeCtHR2Z5VkxhSDhucm5sczU0RlVkenRzem1pYTlBM2x0TmtBcTFaMkgwaUYrNnFUUUZCYi9PcDF4OXMzbysvclRBQ08va09NQWduYWdHQT18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 310103
content-length: 0
expires: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6C16 0
20 B 44ms
44ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BfER2zvXnZNKgMoiyx_APt-m62A4AAAAAOAHgBAI&bg=!_P-l_7DNAAYkVgHwBFY7ADQBe5WfOIIxS94FenFRuTMq_JnZukvHpxTjjGQnCJMnYGmQeIVMU2jQH-UtdxZpZiCz4uQXAgAAAKlSAAAAB2gBBwoAQdbMUILZQG5HRWHkHq2x3PdO5P6c6SB0830zxU9J3d7PAZeGVFh4MPbFGyyaKL8dxdOVB3vCC4JmCehi8aDZ5WEzmQMNSOM7IE9c5wx2_p_K7BH57KUdpZ9YTHhhus0Uv4WRQm0EI-pPiqAjqNQpj1R98x8WJMTJHkixS3tIFdbTYNKtP2WHKIW59YBm8PdFUae8fLVHycmAyyusHtrL2DcxaAn0IN71761JokaYW3MS4t-Z-LS26lhJqxSJV80peUMtGZlAzfiZZZ30YGH6ePxpmoxQm2TxAjCWokYag99wY1BB0BlQi9TrHzMWs4eXKzqztJODz0tCboU_bXF_ZjS-DEyYt-rccWm7LSedW7l36T0zOpY7hvLIFT_yelQQUbL7OX9bPlEMTuGX3brThJMn1_YZzJxdMVet_F3mINAYokQT2sgOTHN02q4dXG_vUCZb3NQNxVmqFGqGAKQ5iy3blE8HpOEY0HG7c3ksx8pHpzmqp8c1jKzvhb4yIhHnj3SAkDx_Q9CODQKmu2OK-IiRcq7ab1SDrWbJ_7ZKKstM29Mm-cuMcyFiRw4tFwilanvd3-xWBiZIFHnvHTfYcadkt33z1L7nD4WTDB9ppy-l2AKClwTCwgbd6A2qR8LZ-hU8fpp3z760MdmugSx0_JsoMBUjfVb4XMUp3Q_G_DxSowGyen5lV5hXfXIHlx_qb_onMetU8gzs8GLf-4slkFqGCOyzpyNghLaJ72rai6YmnqfRcrb3OfJ8gptE-45CVCEAXZ--_dPRCc1_I6I9oK5PWSn986r7eJ7VK-16MTAB77p5Cp5Q5jblFi-kAEMNhtO6ZRm0efALwXLWp4J1aunkUi9kNuNYR8lUhVP78iTaaB89z47qERof99gwxOf6ct4Omir2PPzTf26WuJbCu4hm3x1hmhfWJeMU-FkWfZ7fypLj-SeHYNu0j5owAn2pI2yK0-ShVpXOgh2rwaazxrag6pgYdMqNJYL6tdh1F2yNmAE3W8qcMPqwcaxIPykbw7yU4DpGNoTLCRdqYUF_LmC18ASCcSeaBIgkjTkQQh4iMeVBRYwueVjp9H8a0Uub1d0kuEYk0xt3OXdSLPquDSXpS7Ff1J8uxnOytSFIuU1Cfg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Aug 2023 00:29:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 227D 42 B
64 B 47ms
46ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvthOmE5M5KuWOsJKARAx0kbTdNwEVKEmtKLa4-9EQt421uWiQzqlczY0C8AvY3t6hYYWE5XXMOKIEaPZclZ7cvzVn1EL9GTWK0Gm-isw5J0kRL1JxQM9cbeV_-C1JOVdE906gcLpUbRTuy&sai=AMfl-YRkRXw5h9a03sjh2Bynud-60n0-B7a74vFfBdinwPuptIsCvthpGomGwyXCiURcx24R8WcBnF6ZcbzfAthmUq6wnUGJe_f9hzqPUHtEJJDb3kFJZu3owbsW0yqK&sig=Cg0ArKJSzOShyfcvYj4hEAE&cid=CAQSPABpAlJW-t1jgfcvie8SDccc5V8A0Qvy7mfQsmfzONFXPaZvn3LHZM-rHcK_6r5tLIL8ffkXQgioIf7pXRgB&id=lidar2&mcvt=1000&p=90,315,340,1285&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230823&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1376641682&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1692923342586&rpt=404&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ead0bb94f239b6fc2872c2e7ea8bf768.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Aug 2023 00:29:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 6B07 42 B
64 B 45ms
44ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstyx3Dd6nXpPhJSL34JEGS-RIPNAhAaN8k8xBIDTWxi4itXKuZgTrZJKORZ36rGXBWnj235LL2FKrJ_b9MOVsHfWzsW_1h0mHTNhXd9_Ruk-fFI4S-3hFfaDahaGUyAc2gEE2Ucb0Ce6HH2&sai=AMfl-YTTGGZBfmAv391yGF5wUnKrlTHg1tLixhdFAe5uqHll0zp0rMgzJcEggqaiiolkuIiTNbSjcAhpHdjhQle0FhevnhgbVUUmQM0kVk3LLIh9NDOOcEtJPPELDY6T&sig=Cg0ArKJSzB9VA6M6SkuBEAE&cid=CAQSPABpAlJW-t1jgfcvie8SDccc5V8A0Qvy7mfQsmfzONFXPaZvn3LHZM-rHcK_6r5tLIL8ffkXQgioIf7pXRgB&id=lidar2&mcvt=1002&p=631,984,1231,1284&mtos=0,1002,1002,1002,1002&tos=0,1002,0,0,0&v=20230823&bin=7&avms=nio&bs=0,0&mc=0.95&if=1&vu=1&app=0&itpl=20&adk=1398092980&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1692923342597&rpt=387&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ead0bb94f239b6fc2872c2e7ea8bf768.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Aug 2023 00:29:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6B07 0
20 B 41ms
40ms Ping
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=5581594253983&version=m202307240101&ct=76&x=1&cor=11049926295367832000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ead0bb94f239b6fc2872c2e7ea8bf768.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Aug 2023 00:29:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 227D 0
20 B 41ms
40ms Ping
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=7928535014256&version=m202307240101&ct=76&x=1&cor=13411602840827961000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ead0bb94f239b6fc2872c2e7ea8bf768.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Aug 2023 00:29:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 38EB 0
20 B 41ms
40ms Ping
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=8783525220576&version=m202307240101&ct=76&x=1&cor=2315646240196152000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ead0bb94f239b6fc2872c2e7ea8bf768.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Aug 2023 00:29:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ixmatch.html Show response
js-sec.indexww.com/um/ Frame D2E0 3 KB
2 KB 43ms
16ms Document
text/html 104.18.38.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/6476/prebid_2023_8_15_7_52_36.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.38.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer: https://www.valorant4jp.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 96
cache-control: public, max-age=14400
cf-cache-status: HIT
cf-ray: 7fbfb7fbef550497-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 25 Aug 2023 00:29:05 GMT
expires: Fri, 25 Aug 2023 04:29:05 GMT
last-modified: Mon, 25 Jul 2022 19:18:26 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server: cloudflare
vary: Accept-Encoding

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame FC2F 281 B
554 B 68ms
6ms Document
text/html 23.218.210.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/6476/prebid_2023_8_15_7_52_36.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.218.210.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-210-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.valorant4jp.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Fri, 25 Aug 2023 00:29:05 GMT
ETag: "40010-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2 200 checksync.php Show response
contextual.media.net/ Frame 4CBF 24 KB
8 KB 59ms
18ms Document
text/html 23.218.208.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUJVS55O&prvid=2034%2C2033%2C2031%2C2030%2C273%2C2029%2C233%2C2028%2C2027%2C236%2C2025%2C237%2C117%2C359%2C97%2C55%2C99%2C3012%2C3010%2C2041%2C201%2C2039%2C3007%2C246%2C4%2C203%2C2037%2C446%2C326%2C9%2C2011%2C2055%2C3022%2C3020%2C173%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C336%2C3014%2C337%2C338%2C459%2C77%2C38%2C2022%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C225%2C10000%2C228%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1

Requested by

Host: anymind360.com
URL: https://anymind360.com/js/6476/prebid_2023_8_15_7_52_36.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.218.208.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-218-208-23.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

0a3bc12cd2823235ef67b726445e0d9b21bc1555faf7cc69eb7977a0302b7799

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.valorant4jp.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=172800
content-encoding: gzip
content-length: 8491
content-type: text/html; charset=UTF-8
date: Fri, 25 Aug 2023 00:29:05 GMT
expires: Sun, 27 Aug 2023 00:29:05 GMT
server: Apache
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-mnet-hl2: E

GET
H2

200

31
cr-p31.ladsp.com/cookiesender/
Redirect Chain

https://cr-p31.ladsp.com/cookiesender/31
https://cr-p31.ladsp.com/cookiesender/31?cr=true

43 B
508 B

675ms
674ms

Image
image/gif

108.138.7.126
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cr-p31.ladsp.com/cookiesender/31?cr=true
Protocol: H2
Server: 108.138.7.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-126.fra56.r.cloudfront.net
Software: Logicad /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.valorant4jp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Aug 2023 00:29:06 GMT
via: 1.1 6c2674fb15c38f5458794dd680986b8e.cloudfront.net (CloudFront)
server: Logicad
x-amz-cf-pop: FRA56-P6
x-cache: Miss from cloudfront
content-type: image/gif
p3p: CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
cache-control: no-cache
content-length: 43
x-amz-cf-id: ngR6MxNMjY3io0ANnLYqI5ooK329xjhsfNdSF_gF1jZ_wMrXSia4xA==
expires: -1

Redirect headers

pragma: no-cache
date: Fri, 25 Aug 2023 00:29:05 GMT
via: 1.1 6c2674fb15c38f5458794dd680986b8e.cloudfront.net (CloudFront)
server: Logicad
x-amz-cf-pop: FRA56-P6
x-cache: Miss from cloudfront
p3p: CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
location: https://cr-p31.ladsp.com/cookiesender/31?cr=true
content-type: text/html;charset=utf-8
cache-control: no-cache
content-length: 0
x-amz-cf-id: pu9KhweP5B2ZtP-mgqDtX3BRi9_nzFBElLBEN-901gSSrIiMdjX8UQ==
expires: -1

GET
H2

200

usermatch Show response
ssum-sec.casalemedia.com/ Frame 1577
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.valorant4jp.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.valorant4jp.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

2 KB
892 B

22ms
21ms

Document
text/html

172.64.148.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.valorant4jp.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.148.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82de5e36d9fb2018b1b2dfc3f5d705739f0d9da5c97e78f30a2179c01cb849e9

Request headers

Referer: https://js-sec.indexww.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 7fbfb7fc4fd9927f-FRA
content-encoding: br
content-type: text/html
date: Fri, 25 Aug 2023 00:29:05 GMT
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n4HDtOtsVfSJqEKA%2BFpkzp7%2FoUgrN%2FNTky%2BZPKfqLTe2NP%2FwLw%2B%2Fh312XfagO7VHn4T3XvpJh1IoAh06NpYMKwhar1kdsAwXnbvVC%2FcbfuBgPNHHMwU2Yl%2BVGgTil7bRQqI4UAK0qpnJXg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 7fbfb7fc1fc6927f-FRA
content-length: 0
date: Fri, 25 Aug 2023 00:29:05 GMT
expires: 0
location: /usermatch?d=https%3A%2F%2Fwww.valorant4jp.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SaSJLDMkwvBTV4aET8%2BZuZWvOy32qSzoKiOZ%2BKDd1iUhGGwzll%2FH7eBn%2F7lEYqx%2FjAS4GK761XXUcZjiKxLo%2Fa93MtfMKOZ7rEJ9P0pMe%2B6J2ze4hu1R7f1uc1qXAtO%2BnSBmmaU9eUwegg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame FC2F 34 KB
10 KB 16ms
16ms Script
text/html 23.218.210.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.218.210.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-210-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: fde5a9632ca50447dfda31d892b73e627ad065cc6c2cb0c016d1e6463fa9372a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Fri, 25 Aug 2023 00:29:05 GMT
Content-Encoding: gzip
Last-Modified: Thu, 24 Aug 2023 05:19:17 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=17332
Connection: keep-alive
Content-Length: 10116
Expires: Fri, 25 Aug 2023 05:17:57 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 1577
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZOf10egdveBsFBdopx3hxwAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEC63SX61ZB37BsXImAfRjuk&google_cver=1

43 B
632 B

8ms
7ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEC63SX61ZB37BsXImAfRjuk&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.valorant4jp.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 25 Aug 2023 00:29:05 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Fri, 25 Aug 2023 00:29:05 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEC63SX61ZB37BsXImAfRjuk&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 1577
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZOf10egdveBsFBdopx3hxwAAFD8AAAAB&gpp=&gpp_sid=
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZOf10egdveBsFBdopx3hxwAAFD8AAAAB&gpp=&gpp_sid=&dcc=t

43 B
855 B

125ms
124ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZOf10egdveBsFBdopx3hxwAAFD8AAAAB&gpp=&gpp_sid=&dcc=t

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.valorant4jp.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 25 Aug 2023 00:29:05 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: D92KCQS36NVM0SG05KW6
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 25 Aug 2023 00:29:05 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: DX0CTFN0T8GBSA8YRF2M
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZOf10egdveBsFBdopx3hxwAAFD8AAAAB&gpp=&gpp_sid=&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

usermatchredir
ssum-sec.casalemedia.com/ Frame 1577
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZOf10egdveBsFBdopx3hxwAAFD8AAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEE0YUgJZ6JQaes7dpMHPHlA&google_cver=1

43 B
768 B

20ms
19ms

Image
image/gif

104.18.39.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEE0YUgJZ6JQaes7dpMHPHlA&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.valorant4jp.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H3
Server: 104.18.39.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Aug 2023 00:29:05 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LcKyK%2FgAT7xOjveFu%2BqaKonzhr3IvWwtgqopKT%2FunIyw3lFyykrQPiPzX%2Bn%2BIKRNy0PFrWRahd9QyC535Q7ni1JMrR5dg10rTO2kLeHZotmaeKkuVzKLFvzyos9dDf8u24ggItm0qpn5mQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 7fbfb7fccd819baa-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 25 Aug 2023 00:29:05 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEE0YUgJZ6JQaes7dpMHPHlA&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 364
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 1577 70 B
265 B 131ms
59ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.valorant4jp.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 25 Aug 2023 00:29:05 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1 200
OK user-registering
ads.stickyadstv.com/ Frame 1577 43 B
653 B 105ms
18ms Image
image/gif 2.16.107.130
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=ZOf10egdveBsFBdopx3hxwAAFD8AAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.valorant4jp.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.107.130 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-107-130.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 25 Aug 2023 00:29:05 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 43
x-sticky-vk: 1692923345249051-332
Expires: Fri, 25 Aug 2023 00:29:05 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 1577
Redirect Chain

https://ad.turn.com/r/cs?pid=21
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3673689741505518637

43 B
632 B

7ms
7ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3673689741505518637
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.valorant4jp.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 25 Aug 2023 00:29:05 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3673689741505518637
pragma: no-cache
date: Fri, 25 Aug 2023 00:29:04 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 1577
Redirect Chain

https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D46%26external_user_id%3D%24UID
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=4590427558788019863

43 B
632 B

8ms
7ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=4590427558788019863
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.valorant4jp.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 25 Aug 2023 00:29:05 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Fri, 25 Aug 2023 00:29:05 GMT
an-x-request-uuid: efd646cd-a6cb-4a9f-a286-c5631dcaa2e3
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=4590427558788019863
x-proxy-origin: 45.141.152.77; 45.141.152.77; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 404
Not Found sync
ssbsync.smartadserver.com/api/ Frame 1577 9 B
132 B 221ms
13ms Image
text/plain 81.17.55.109
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=82&gdpr=$%7bGDPR%7d&gdpr_consent=$%7bGDPR_CONSENT%7d
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.valorant4jp.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.109 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: 0019dfc4b32d63c1392aa264aed2253c1e0c2fb09216f8e2cc269bbfb8bb49b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 00:29:05 GMT
content-length: 9
content-type: text/plain; charset=utf-8

GET
H2 200 htw-pixel.gif
cdn.indexww.com/ht/ Frame 1577 43 B
353 B 48ms
12ms Image
image/gif 104.18.38.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.indexww.com/ht/htw-pixel.gif?ZOf10egdveBsFBdopx3hxwAA%265183
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.valorant4jp.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.38.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 00:29:05 GMT
cf-cache-status: HIT
last-modified: Tue, 24 Jan 2017 19:36:04 GMT
server: cloudflare
age: 21008
etag: "761e21-2b-546dc3a097100"
vary: Accept-Encoding
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control: cache-maxage=1h
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7fbfb7fcab663834-FRA
content-length: 43
expires: Sat, 26 Aug 2023 00:29:05 GMT

GET
H/1.1

200
OK

ecm3
aax-eu.amazon-adsystem.com/s/ Frame FC2F
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=gXz9BKYnS1iIfblDmLrDpA&rk=usync-other
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=gXz9BKYnS1iIfblDmLrDpA

43 B
720 B

180ms
180ms

Image
image/gif

52.94.222.140
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=gXz9BKYnS1iIfblDmLrDpA

Protocol

HTTP/1.1

Server

52.94.222.140 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 25 Aug 2023 00:29:05 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 19PG1246459C78M175AS
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=gXz9BKYnS1iIfblDmLrDpA
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame FC2F
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
https://pr-bh.ybp.yahoo.com/sync/rubicon/53DpHrC3LZhSsNTm2TkRTA?csrc=
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-pIf5C6BE2oJaqEox9rt1HMNvWTEUkgBX3OJq1Q--~A

0
239 B

7ms
7ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-pIf5C6BE2oJaqEox9rt1HMNvWTEUkgBX3OJq1Q--~A
Protocol: HTTP/1.1
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Fri, 25 Aug 2023 00:29:05 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-pIf5C6BE2oJaqEox9rt1HMNvWTEUkgBX3OJq1Q--~A
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FC2F
Redirect Chain

https://token.rubiconproject.com/token?pid=25470
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TExQVVVJNzgtSy02Q1hT
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEGvYGVX5ig2_YOEqBv4YqK8&google_cver=1
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TExQVVVJNzgtSy02Q1hT&google_push=

170 B
188 B

17ms
17ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TExQVVVJNzgtSy02Q1hT&google_push=

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Aug 2023 00:29:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TExQVVVJNzgtSy02Q1hT&google_push=
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
Expires: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame FC2F
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=bIrgJ8-eR_W_G_g__5L0Ww&rk=usync-na
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=bIrgJ8-eR_W_G_g__5L0Ww

43 B
479 B

112ms
111ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=bIrgJ8-eR_W_G_g__5L0Ww

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 25 Aug 2023 00:29:06 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 8XHMVCSAWVPAHT7B7QCN
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=bIrgJ8-eR_W_G_g__5L0Ww
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

setuid
px.ads.linkedin.com/ Frame FC2F
Redirect Chain

https://token.rubiconproject.com/token?pid=36584
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LLPUUI78-K-6CXS

0
648 B

129ms
109ms

Image
text/plain

2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LLPUUI78-K-6CXS
Protocol: H2
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 00:29:05 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: B4D0C20CFF214760A262BACB31A7086F Ref B: FRAEDGE1716 Ref C: 2023-08-25T00:29:05Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYDtG6kttxnZQ9QaqA6UQ==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LLPUUI78-K-6CXS
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: c1913d0f161dfd12bb229b87994a2d1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FC2F
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MDJiN2IzODgyZjczNjkxMzY4NTFkYWZkZjYzZmY4NGMzZTY0NDk5Mw

170 B
188 B

17ms
17ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MDJiN2IzODgyZjczNjkxMzY4NTFkYWZkZjYzZmY4NGMzZTY0NDk5Mw

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Aug 2023 00:29:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MDJiN2IzODgyZjczNjkxMzY4NTFkYWZkZjYzZmY4NGMzZTY0NDk5Mw
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: c1913d0f161dfd12bb229b87994a2d1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame FC2F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESELbmBJBnIM1AsW8xP-YCPQI&google_cver=1

0
239 B

30ms
7ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESELbmBJBnIM1AsW8xP-YCPQI&google_cver=1
Protocol: HTTP/1.1
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Fri, 25 Aug 2023 00:29:05 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESELbmBJBnIM1AsW8xP-YCPQI&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame FC2F 70 B
264 B 45ms
44ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 25 Aug 2023 00:29:05 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 14ms
14ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-0WCDZZLS7T&gtm=45je38n0&_p=2004088850&cid=964544171.1692923341&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEII&sid=1692923340&sct=1&seg=0&dl=https%3A%2F%2Fwww.valorant4jp.com%2F&dt=VALORANT4JP%20%7C%20%E5%9B%BD%E5%86%85%E5%A4%96%E3%81%AEVALORANT%E3%81%AB%E9%96%A2%E3%81%99%E3%82%8B%E6%83%85%E5%A0%B1%E3%82%92%E6%8E%B2%E8%BC%89%E3%81%99%E3%82%8B%E3%83%8B%E3%83%A5%E3%83%BC%E3%82%B9%E3%82%B5%E3%82%A4%E3%83%88&_s=2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0WCDZZLS7T&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.valorant4jp.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 25 Aug 2023 00:29:07 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.valorant4jp.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

174 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

30 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.valorant4jp.com/	1970-01-20 14:58:35	Name: _pbjs_userid_consent_data Value: 3524755945110770
.valorant4jp.com/	1970-01-20 16:24:59	Name: _sharedID Value: fcb38cd5-453c-4455-8d1f-296015c6de29
.valorant4jp.com/	1970-01-20 23:51:23	Name: _ga Value: GA1.2.964544171.1692923341
.valorant4jp.com/	1970-01-20 14:16:49	Name: _gid Value: GA1.2.407120539.1692923341
.valorant4jp.com/	1970-01-20 14:15:23	Name: _gat_gtag_UA_130672182_2 Value: 1
.script.ac/	1970-01-20 14:15:25	Name: __cf_bm Value: v6UUln7e3Dh6_VaCGzYQwPT3qfZkbFjROuE4n389p38-1692923340-0-AWOnn3Yt+F+PCtrepPik42WzVLvXXjU1e0HSQhLCPQM28jbE/fl1Hx9I5pqc1SWKy6yxVQl9UBpCORG9pJpizHA=
.valorant4jp.com/	1970-01-20 23:36:59	Name: __gads Value: ID=8eb31edb873fe1eb-22c784eb59de007b:T=1692923340:RT=1692923340:S=ALNI_MZ_YygWTqGA_IzlW_vcGIBdcZOllQ
.valorant4jp.com/	1970-01-20 23:36:59	Name: __gpi Value: UID=00000c67ee4fcd2b:T=1692923340:RT=1692923340:S=ALNI_MYBqIS7RshxbjA3M5iQX4uVN7mrTg
.criteo.com/	1970-01-20 23:36:59	Name: uid Value: c4efb55c-d85e-4790-a831-f7a2d26f2fd6
www.valorant4jp.com/	1970-01-20 14:29:47	Name: __pb_unicorn_aud Value: %7B%22uid%22%3A%228b57150d-e569-444d-a7b8-24ecc6690d58%22%7D
.openx.net/	1970-01-20 23:00:59	Name: i Value: fd221896-1b1f-4d3e-bbb1-f03f9106604d\|1692923341
.rubiconproject.com/	1970-01-20 23:00:59	Name: khaos Value: LLPUUI78-K-6CXS
.rubiconproject.com/	1970-01-20 23:00:59	Name: audit Value: 1\|hLZGFuTafB0WiIYNX+HRLCAkF7RiBdb4AgvEG2sPPZosxPxU5qr+6JIH4PNXTyrxIham/T9UD6SqK7kwxc6oK6OStvzY0m3ajb0hJKSSfohJztlSbZdkBL7FQD2yB//hsqlSNZOaaDQ=
.doubleclick.net/	1970-01-20 23:36:59	Name: IDE Value: AHWqTUkrOkld8Xnnp5mCjIBOkLHJt6S5Oki4-wErtwicVkolLl7jK8xQlcb6PS-8bsE
.valorant4jp.com/	1970-01-20 23:51:23	Name: _ga_0WCDZZLS7T Value: GS1.1.1692923340.1.0.1692923342.58.0.0
.doubleclick.net/	1970-01-20 18:34:35	Name: APC Value: AfxxVi4HlQadJkOFNeZKjj5mk-m8J6xzW_LgFFi66udoRFFN0Uvw9Q
.valorant4jp.com/	1970-01-20 23:36:59	Name: cto_bundle Value: D3xyVV9BeHM2NndIbGFQTTRFNWs4aFA5emdtczNsOVYlMkJYN2FJNUVNMmdyUDBQVlhGMEl1QzRldXUxWXhSajAwTGwydUR3MWNBVHZWOFQwZFZVUUF2Y1VjM21TSyUyRld2JTJGVjh0RHRncFZ3dDlSMmVvQkJoeXp5MGdrTWo5JTJCaHVRT1FGb05MZWMzc3VGJTJGMyUyRm5kREF1ZmRRSjBaYlElM0QlM0Q
.casalemedia.com/	1970-01-20 23:00:59	Name: CMID Value: ZOf10egdveBsFBdopx3hxwAA
.casalemedia.com/	1970-01-20 16:24:59	Name: CMPS Value: 5183
.casalemedia.com/	1970-01-20 16:24:59	Name: CMPRO Value: 5183
.adnxs.com/	1970-01-20 16:24:59	Name: uuid2 Value: 4590427558788019863
.turn.com/	1970-01-20 18:34:35	Name: uid Value: 3673689741505518637
.ladsp.com/	1970-01-20 14:15:26	Name: cr Value: 1
.yahoo.com/	1970-01-20 23:01:20	Name: A3 Value: d=AQABBNH152QCELjf-vmDWdihKi8vSmfQeIUFEgEBAQFH6WTxZAAAAAAA_eMAAA&S=AQAAApXJ_bzct0QTV-B616AkR8Q
.linkedin.com/	1970-01-20 23:00:59	Name: bcookie Value: "v=2&f1fae3c3-3ca8-4b87-8849-6346300d7e45"
.linkedin.com/	1970-01-20 18:34:35	Name: li_gc Value: MTswOzE2OTI5MjMzNDU7MjswMjHnaOEbzLtm1dAeoZsx3am95SEa1mzQgyyxRm3YdDvxPg==
.linkedin.com/	1970-01-20 14:16:49	Name: lidc Value: "b=VGST01:s=V:r=V:a=V:p=V:g=2985:u=1:x=1:i=1692923345:t=1693009745:v=2:sig=AQEtBHygQZDbx0TJZopOqzktPLVdEDyz"
.amazon-adsystem.com/	1970-01-20 23:51:23	Name: ad-privacy Value: 0
.amazon-adsystem.com/	1970-01-20 19:32:11	Name: ad-id Value: A3cJV9SPRkxItoRAft7RbYA
.ladsp.com/	1970-01-20 23:51:23	Name: smn_uid Value: uRyEWZx6L8ULZTv1rt-V8Q-yJgSrmHE

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
deprecation	warning	URL: https://script.4dex.io/localstore.js Message: Listener added for a synchronous 'DOMNodeRemoved' DOM Mutation Event. This event type is deprecated (https://w3c.github.io/uievents/#legacy-event-types) and work is underway to remove it from this browser. Usage of this event listener will cause performance issues today, and represents a risk of future incompatibility. Consider using MutationObserver instead.
network	error	URL: https://ssbsync.smartadserver.com/api/sync?callerId=82&gdpr=$%7bGDPR%7d&gdpr_consent=$%7bGDPR_CONSENT%7d Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
2.bp.blogspot.com
aax-eu.amazon-adsystem.com
ad.turn.com
ads.stickyadstv.com
anymind360.com
bidder.criteo.com
blogger.googleusercontent.com
cadmus.script.ac
cdn.indexww.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
cdn.taboola.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
contextual.media.net
cr-p31.ladsp.com
ds.uncn.jp
dsum-sec.casalemedia.com
ead0bb94f239b6fc2872c2e7ea8bf768.safeframe.googlesyndication.com
eus.rubiconproject.com
fastlane.rubiconproject.com
google-bidout-d.openx.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
htlb.casalemedia.com
id5-sync.com
js-sec.indexww.com
lb.eu-1-id5-sync.com
match.adsrvr.org
mp.4dex.io
mug.criteo.com
oa.openxcdn.net
oajs.openx.net
pagead2.googlesyndication.com
partner.googleadservices.com
pb.ladsp.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
prebid-asia.creativecdn.com
prebid.media.net
px.ads.linkedin.com
region1.analytics.google.com
s.amazon-adsystem.com
s0.2mdn.net
script.4dex.io
secure.adnxs.com
securepubads.g.doubleclick.net
spadsync.com
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
static.criteo.net
stats.g.doubleclick.net
sync6.im-apps.net
token.rubiconproject.com
tpc.googlesyndication.com
unpkg.com
valorant4jp.com
www.blogger.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.valorant4jp.com
103.132.192.30
104.18.38.76
104.18.39.155
108.138.7.126
142.250.184.194
142.250.186.98
15.197.193.217
151.101.193.55
151.101.65.44
162.19.138.116
162.19.138.118
172.64.148.101
178.250.7.13
18.176.105.61
185.80.39.216
2.16.107.130
2001:4860:4802:32::36
2001:4860:4802:36::15
2001:678:cb4:bbbb::11
23.218.208.23
23.218.210.30
2600:9000:237d:a800:a:e047:753:6381
2602:803:c004:200::140
2606:4700:20::681a:9a9
2606:4700::6810:5714
2606:4700::6810:7eaf
2606:4700::6811:180e
2606:4700::6812:1691
2606:4700::6812:372
2620:1ec:21::14
2a00:1450:4001:802::200e
2a00:1450:4001:806::2002
2a00:1450:4001:808::2008
2a00:1450:4001:809::2002
2a00:1450:4001:80b::2001
2a00:1450:4001:80b::2009
2a00:1450:4001:810::2002
2a00:1450:4001:810::2003
2a00:1450:4001:81c::2006
2a00:1450:4001:828::2004
2a00:1450:4001:829::2001
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2013
2a00:1450:4001:82f::2001
2a00:1450:4001:830::2001
2a00:1450:4001:831::2002
2a00:1450:400c:c07::9b
2a02:2638:3::c
2a02:2638:d::2
2a02:2638:d::a
2a02:26f0:7100::210:118
2a05:d018:d29:3605:f14:89f9:e156:6aa1
34.102.146.192
34.107.148.139
34.120.107.143
34.98.64.218
35.177.20.185
37.252.171.53
52.192.224.226
52.46.128.147
52.94.222.140
69.173.144.138
81.17.55.109
0019dfc4b32d63c1392aa264aed2253c1e0c2fb09216f8e2cc269bbfb8bb49b5
0308aa40f701a99e2225b502f81731ae9427809a23f9830e48b775cf2488d0be
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
062bb01d6d85f2dc5800f34516f86884c49b68ed9850c082dc70ef3da218e3be
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
06d6e10886ed7de5561acab1935bce1c46174baa9cbd0bcb319aa3b69594131f
0907e75ab7f4aa03bcbc01778262abd0671f8742abaca30e9816cc90a6b28935
091c8d18b18ad6979e690fbebe9cab8362beef4fbfc810b8170020013debec8d
09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14
0a3bc12cd2823235ef67b726445e0d9b21bc1555faf7cc69eb7977a0302b7799
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d1b644ceb5a772a91e8f984e222c9e355bbdf70c06d3b050de2ed1983529c77
101ead936a2281d53dcc064b7e2a2ab0d53b92ef3ef7b34b668673007895c860
10bc1ddaa8ccac7fa5976588a935480272d02a96579db043e71e2bbdf340552c
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
13274959f276dada29d1a5009192e18eb041b2ce07b063a06d14a6598d3616e8
132cc9b523ca39c4daa3d12b96987ab6d430cf374f18e4ad9e0f18662df82bc5
14b4caf239342334bf7b8280605e60f67c33c589762047b8bd67c0552fdb80a6
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
19037f548c23b16f66ac2e1cede1fe5bdc253589a37bd985334ca3adedd110dc
1eeaafe4c17f27b565159911f954d9e99dbe384b733757d0ae6049328e576ff3
243425341075713af1aa830e361f127fa434baa3088282310208928bf151cc17
288f9a9a17d451f983feafe1450522095760d91396032bf872062495dd495633
2cc3d46893bad24788c4ad15a5b07dc9d6c5b111677ab542dfd6fcad2faff116
2e52b26b68b59aa4c749f62de662b10d520e1a6996b88ecc4d9b1c7baf74906e
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
32039e80d045eb87a9c0f29c77a25a451edad3cf3703e4b1db48f687a05987c2
33849beaed6f34c2defe2ea3610a424d05730d79a9af10e3cf67e070af0694e0
3bca595b1e3228fcfa8edc95a7c4ae364c4589e7e6e440a426cf4bbdc6687088
3c5c5858d9ac2131db6fa110ac845d32a7668852731ff5e7ae086902760ce11d
3cb42dd38616da0283cdd828a5c40cc3042a47f5e13b21a16a258c0c2b97ec9e
3e48869d45889d8c1370161ac5b499cb02dc73c6bebefb8c487173010aabb78b
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
420c802bdad86b8c4640c7ea073ca85d8871f2b956eee86f79a50a47a12b8091
42b9a15f9b6a86e0bca2678c6a6679ed2e73777ca55d893012e685275249f702
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4b61f735ba127d88a8673f26e34a79bc25968d5be1bb43004958065526d28bb9
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
512273e8d454edde250416038c73b4752bc4deecaf8bcad90bab27cbf9e4e497
51cacbaf840ec3fb163bec67d015c67328592a000552bda26ff396e6ddbf9a66
53792c292de0470a36e001716c2566ab99110c45bd59a1171acb808031c8270b
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
580733d61dd4adc764fe449357c79da92993563a4e24283535d7019ea15852f8
5c0a9aa486348faea862e7ad0b3345d534e508a634759f46bbe8c9c08d093cb0
5e29a5238b1f20db9187804ef67247a84c5dcb46e31411584a22302d62f63b42
5e3e377390273cdcadaaa15956be20643d89765dfe7b62c363e9442a68bd4271
5eaacc542b2131f831f5d46e1b73bb049c87a3af02b635cf88e8cfd77250728c
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
66b5aef696d3e65b5bacb1c9421efc47cbdad11c9baf97549dfe4b543101987c
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
773ef390c0650fce7fe2832f5427c428f943a630c21f166a316384937006720f
77b47b7a038f38916adbe760bc262fe2aa75e9f2a0d67621d19ad74e41acdb39
7a82cc72b1d52bb8f56d39353e91e5d116c1db4e2b0ddd221289114e3a996ba2
7b057a2c93ac19a0002622d5b274d8434e862f0a94c50f1758ee79ef311323ad
7c6207c4e5cd3e8264bab376d9071076808f59c3cd6a19f40983b579f5f3e463
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
82de5e36d9fb2018b1b2dfc3f5d705739f0d9da5c97e78f30a2179c01cb849e9
8d1082f39d6b9107d39a7c8aa0af093942dd8a0ca7991d30c3d52d40cc518cf5
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e6435769dea358b59b3472298f81ca14ea97c5de7fdda93aa1e01708d14cc44
90b154c964c7c3bde021d890dd03a82f2acf4c3d524e771e75ba3795a3207cde
96cd4176cb5868f4d1491eb9c70ec0eb104e40e7da453f0c69346638af3a3b85
9d652b912906be1bb8411fb16538c4ada6c51e9b9334e21b7c86975d75812391
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032
a96da6903649898ab56f4309e6eb61e248f59f4c95efff3bc5e5fdd284f58c3e
aa64aa9454d40f1368722fc4eafe6512d13352eb6ba04bb9bb71b1ed574ade5b
ae3657fdcfa0c79eee950faead9d12a66e43a1f794f35eced5643c1eb8a65836
af70a40b1933f0a2f4b14530302e381b9e6284a0fc8dbeee1d9bef17da9bdc44
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b14bd8d5e0f3c78357bf5532af9aa105c5c0c213b7a8709d21fa3329a0e53bc6
b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2
b9bda45768bf40df841f59aa483bc7fd9c4481f8c9e96ca8bde21a4c51bf42bf
ba1da6de2a3dce72b9bd5f169ee9b32165cd56068e6bc9f6a3ff0dc609cd3153
bde434425bdf0435a0a99b77056cbad180e9637dc4a70c198d68f9df9af98f80
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c4a5beca996a1d4ea5e1e72f5760323d6bc7e30fdf6b2b8675301e0d6f0cc121
c4c69a84e3cee44c232f82e66b11602172ccd35c3d793d6708498c6f5f6ad03e
c5870676493bee314ad014fa97fd92e97bcbe180ebe8a12edb0c5999bf337180
cba3e48e13823bc9909b72fce9af75b685a90ec133091a6be1a11588af530b00
cbcf505e9ba3b19a4200478291d820f2e112829b67d383db1ff0b2feb24c2998
ce9e1bcbbb8b17ccf19ee7dad655809264095a1c6ab324952a7ea3874fef3dc7
d3ed26e644d17b32d3f2f1e834120ecbfc4093cee7e6cb69b868cf4504c49693
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e0b196c41e6df68be6b4602f88b102c3d16abeb22175c3b6d0ea80d4fdaefece
e1e6237bfe4d6e54daf7f9b49428fece6455f88341fa29bdc39e75a60959a2af
e30c5ee018c4b780ba605976a97f2cb2f36ae630e2c172e95e3117fc6f095597
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e64ed909680284310d43b2c1e481c46cdd194084f1df8a605ab46183771add7e
ebfed7db4b0dca97cb5d09ee42f14df82fd8546edb43c7a530bab2e403e776ad
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f97359c79cc8152db43855e101e88880e1df68495093aece750edcf1d0e10705
fde5a9632ca50447dfda31d892b73e627ad065cc6c2cb0c016d1e6463fa9372a

www.valorant4jp.com Open in urlscan Pro 2a00:1450:4001:82a::2013 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

176 Requests

90 %HTTPS

54 %IPv6

44 Domains

66 Subdomains

60 IPs

11 Countries

2676 kBTransfer

6827 kBSize

30 Cookies

5 Outgoing links

Page URL History

Redirected requests

176 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.valorant4jp.com Open in urlscan Pro
2a00:1450:4001:82a::2013 Public Scan

Screenshot
Live screenshot

Full Image

176
Requests

90 %
HTTPS

54 %
IPv6

44
Domains

66
Subdomains

60
IPs

11
Countries

2676 kB
Transfer

6827 kB
Size

30
Cookies

176 HTTP transactions
3 data transactions