deathball.net Open in urlscan Pro
91.203.110.219 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://deathball.net/notpron/notpron.htm
Submission: On February 15 via manual (February 15th 2024, 9:07:03 pm UTC) from CH — Scanned from CH

Summary HTTP 52 Redirects Behaviour Indicators

Summary

This website contacted 7 IPs in 2 countries across 5 domains to perform 52 HTTP transactions. The main IP is 91.203.110.219, located in Germany and belongs to CLOUDPIT, DE. The main domain is deathball.net.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on September 23rd 2023. Valid for: a year.

This is the only time deathball.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
28	91.203.110.219 91.203.110.219	45012 (CLOUDPIT) (CLOUDPIT)
9	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1 5	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:828::2001	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:80b::2004	15169 (GOOGLE) (GOOGLE)
2	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
52	7

28 91.203.110.219 (Germany)

ASN45012 (CLOUDPIT, DE)
PTR: host219.checkdomain.de

deathball.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	deathball.net deathball.net	312 KB
17	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 120 tpc.googlesyndication.com — Cisco Umbrella Rank: 158	358 KB
5	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 43	46 KB
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 141
2	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2	1 KB
52	5

	Domain	Requested by
28	deathball.net	deathball.net
9	pagead2.googlesyndication.com	deathball.net pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
8	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
5	googleads.g.doubleclick.net	1 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net
2	www.googleadservices.com
2	www.google.com	1 redirects tpc.googlesyndication.com
52	6

This site contains no links.

Subject Issuer	Validity	Valid
deathball.net Sectigo RSA Domain Validation Secure Server CA	`2023-09-23` - `2024-10-05`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
www.google.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh

This page contains 9 frames:

Primary Page: https://deathball.net/notpron/notpron.htm
Frame ID: 99EDF39A33DA40464340B6E928DCD38D
Requests: 1 HTTP requests in this frame

Frame: https://deathball.net/notpron/menu.htm
Frame ID: F0A1AEEEB21C0AC2F401210D1D94B297
Requests: 25 HTTP requests in this frame

Frame: https://deathball.net/notpron/start.htm
Frame ID: AC8E3AF1BC688A964C5F984F2E9D16FE
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240213/r20190131/zrt_lookup_fy2021.html
Frame ID: 4CB05931242DDA1F2C9FC34CD3BAA752
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3851982126860168&output=html&h=200&slotname=1616044294&adk=2365266410&adf=1507960139&pi=t.ma~as.1616044294&w=1200&fwrn=3&lmt=1697403635&rafmt=11&format=1200x200&url=https%3A%2F%2Fdeathball.net%2Fnotpron%2Fstart.htm&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708031219999&bpp=5&bdt=170&idt=168&shv=r20240213&mjsv=m202402080301&ptt=9&saldr=aa&correlator=7461468609034&frm=21&ife=1&pv=2&ga_vid=1245967325.1708031220&ga_sid=1708031220&ga_hid=454186621&ga_fc=0&nhd=1&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=862&biw=1600&bih=1200&isw=1600&ish=900&ifk=4019781112&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808397%2C31081141%2C95324581%2C95325069%2C31081134%2C95320376%2C95320868%2C95324155%2C95324161&oid=2&pvsid=4178544822168738&tmod=1165254812&uas=0&nvt=1&top=https%3A%2F%2Fdeathball.net%2Fnotpron%2Fnotpron.htm&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C900&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=132&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.cwshwys1zysd&fsb=1&dtd=176
Frame ID: 0CA1FC278936AD6B8E8CF4C59A0AA215
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 70A4ADC6208541529750A0DC15B00A6E
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/-nfEL6nT6hMAPyjdoOzOb1jP1Zjk2lcitOv7Rt98uqU.js
Frame ID: 0DB5E1C1FB71CE79A196E18654083921
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D4B0BB1D3295F505271E4311A32AE0F4
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A607377ACF21242785F13E79DAE058CD
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

not pr0n

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Page Statistics

52
Requests

98 %
HTTPS

67 %
IPv6

5
Domains

6
Subdomains

7
IPs

2
Countries

717 kB
Transfer

1425 kB
Size

6
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 38

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 40

https://googleads.g.doubleclick.net/pagead/adview?ai=Cxhyi9HzOZY-UFNfp7OsP0fO5uAbeob6ZdfrT04CtEgoQASCGyeYVYPWVzoHgBKAB7LPywAHIAQKoAwHIA8kEqgTZAU_QaN3MmyuAHP6_xbfyjhYNkqnoCcqdI955T1hleAiqC66YGDiVgl9gvk6eDL1PEiifPTwO0xb7Kkoufpw4L6gKFD1kIKxYjFQjII780DEnyDbFZUrWGZhcwfwTd0Fc0K6eYQRHigTDIvweI0Fxq-AsQIlqTw_D40gQNXlaU5QKMSIQd3IRbSXxIxpg1fhAfgrW9ppMRs4FL6WGDdgZSLS3Tn_TWFWggTj_w7qYVGETHcSVyZPDEt_Hyy5laJ_yeW-NUZ_sejZ0WnX874xeTnk2nL3-up-NA0zABPitzu3TBIgF3-ixgUWSBQQIBBgBkgUECAUYBKAGAoAH_MuNvwKoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAevvrECqAfVyRuoB6a-G9gHAfIHBBCs-AbSCCQIgGEQARgfMgKKAjoJgECAwICAgKAISL39wTpYmdCUkaCuhAOaCSBodHRwczovL21hZG11c2NsZXMuY29tL3N0ZXAtZ29hbIAKAcgLAdoMEQoLEMCmysa35vHc_AESAgED2BMM0BUBmBYBgBcBshccChoIABIUcHViLTM4NTE5ODIxMjY4NjAxNjgYAA&sigh=E0BxBBsfTVk&uach_m=%5BUACH%5D&ase=2&cid=CAQSTgAvHhf_Bj5D907aES4v_8t2LU_gwH2qxKM48GbP1pWgr6JExN4BAOcO2jeb4auzI8qIYeG5kSmt2r88ACCVoMzpmosew0cWwa43dJf4ZBgB&cbvp=2&vis=1&nis=5 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x30c007eb7603aae0000000000000000%22,%222%22:%220xdfb29fe52afc38980000000000000000%22,%223%22:%220x2349c4f7398b115a0000000000000000%22,%224%22:%220xa53f6a11aac68b360000000000000000%22,%225%22:%220xd8b052f9833e0310000000000000000%22},%22debug_key%22:%2216199693223611868317%22,%22debug_reporting%22:true,%22destination%22:%22https://madmuscles.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22404527596%22],%2222%22:[%22true%22],%224%22:[%2202-15%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2215545069373084343585%22}&andc=true

52 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request notpron.htm Show response
deathball.net/notpron/ 416 B
509 B 132ms
36ms Document
text/html 91.203.110.219
CLOUDPIT

General

Check archive.org

Show headers Download Go to

Full URL: https://deathball.net/notpron/notpron.htm
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 91.203.110.219 , Germany, ASN45012 (CLOUDPIT, DE),
Reverse DNS: host219.checkdomain.de
Software: nginx /
Resource Hash: 66d8c00683e128e2f2241c3bf90675f7ac2ea07b59f2c8af9b2a05cd0d1ff380

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=3600, public
content-encoding: gzip
content-length: 275
content-type: text/html
date: Thu, 15 Feb 2024 21:06:59 GMT
etag: "1a0-607c794b8cae0-gzip"
last-modified: Sun, 15 Oct 2023 21:00:35 GMT
server: nginx
vary: Accept-Encoding
x-accel-version: 0.01
x-robots-tag: noindex

GET
H2 200 menu.htm Show response
deathball.net/notpron/ Frame F0A1 4 KB
1 KB 37ms
37ms Document
text/html 91.203.110.219
CLOUDPIT

General

Check archive.org

Show headers Download Go to

Full URL: https://deathball.net/notpron/menu.htm
Requested by: Host: deathball.net
URL: https://deathball.net/notpron/notpron.htm
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 91.203.110.219 , Germany, ASN45012 (CLOUDPIT, DE),
Reverse DNS: host219.checkdomain.de
Software: nginx /
Resource Hash: d4c98d273afd648e1f710da26376e0d7ceb4245caf66914261d4aeb6a4347766

Request headers

Referer: https://deathball.net/notpron/notpron.htm
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

cache-control: max-age=3600, public
content-encoding: br
content-type: text/html
date: Thu, 15 Feb 2024 21:06:59 GMT
etag: W/"652c52f3-1174"
last-modified: Sun, 15 Oct 2023 21:00:35 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 start.htm Show response
deathball.net/notpron/ Frame AC8E 1 KB
705 B 37ms
37ms Document
text/html 91.203.110.219
CLOUDPIT

General

Check archive.org

Show headers Download Go to

Full URL: https://deathball.net/notpron/start.htm
Requested by: Host: deathball.net
URL: https://deathball.net/notpron/notpron.htm
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 91.203.110.219 , Germany, ASN45012 (CLOUDPIT, DE),
Reverse DNS: host219.checkdomain.de
Software: nginx /
Resource Hash: 939d501e9e0fa27d2e54f382cb05ac9f9bba1e5e97d8aa3f92e38672c82f1f9a

Request headers

Referer: https://deathball.net/notpron/notpron.htm
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

cache-control: max-age=3600, public
content-encoding: br
content-type: text/html
date: Thu, 15 Feb 2024 21:06:59 GMT
etag: W/"652c52f3-547"
last-modified: Sun, 15 Oct 2023 21:00:35 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 2aa.gif
deathball.net/notpron/gfx/ Frame F0A1 11 KB
11 KB 69ms
69ms Image
image/gif 91.203.110.219
CLOUDPIT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://deathball.net/notpron/gfx/2aa.gif
Requested by: Host: deathball.net
URL: https://deathball.net/notpron/menu.htm
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 91.203.110.219 , Germany, ASN45012 (CLOUDPIT, DE),
Reverse DNS: host219.checkdomain.de
Software: nginx /
Resource Hash: b9d03f293e4510707411bfc37abd6e6feb875a97d2f5acea18e65bfbd7b4586b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://deathball.net/notpron/menu.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 21:06:59 GMT
last-modified: Thu, 30 Jul 2009 20:50:21 GMT
server: nginx
etag: "4a72078d-2bd7"
content-type: image/gif
cache-control: max-age=3600, public
accept-ranges: bytes
content-length: 11223

GET
H2 200 not1.gif
deathball.net/notpron/gfx/ Frame F0A1 4 KB
4 KB 37ms
37ms Image
image/gif 91.203.110.219
CLOUDPIT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://deathball.net/notpron/gfx/not1.gif
Requested by: Host: deathball.net
URL: https://deathball.net/notpron/menu.htm
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 91.203.110.219 , Germany, ASN45012 (CLOUDPIT, DE),
Reverse DNS: host219.checkdomain.de
Software: nginx /
Resource Hash: 64428d416d966d65923bd3fc07fa1a3d275f51c49ade382dc609e04d07f950c1

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://deathball.net/notpron/menu.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 21:06:59 GMT
last-modified: Thu, 30 Jul 2009 20:50:28 GMT
server: nginx
etag: "4a720794-109d"
content-type: image/gif
cache-control: max-age=3600, public
accept-ranges: bytes
content-length: 4253

GET
H2 200 pron1.gif
deathball.net/notpron/gfx/ Frame F0A1 5 KB
5 KB 93ms
92ms Image
image/gif 91.203.110.219
CLOUDPIT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://deathball.net/notpron/gfx/pron1.gif
Requested by: Host: deathball.net
URL: https://deathball.net/notpron/menu.htm
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 91.203.110.219 , Germany, ASN45012 (CLOUDPIT, DE),
Reverse DNS: host219.checkdomain.de
Software: nginx /
Resource Hash: 6fc332ba90da87be13accd5be282b32081bf3a55d662254de0c43969c85032d9

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://deathball.net/notpron/menu.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 21:06:59 GMT
last-modified: Thu, 30 Jul 2009 20:50:28 GMT
server: nginx
etag: "4a720794-14e2"
content-type: image/gif
cache-control: max-age=3600, public
accept-ranges: bytes
content-length: 5346

GET
H2 200 2c.gif
deathball.net/notpron/gfx/ Frame F0A1 15 KB
15 KB 93ms
92ms Image
image/gif 91.203.110.219
CLOUDPIT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://deathball.net/notpron/gfx/2c.gif
Requested by: Host: deathball.net
URL: https://deathball.net/notpron/menu.htm
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 91.203.110.219 , Germany, ASN45012 (CLOUDPIT, DE),
Reverse DNS: host219.checkdomain.de
Software: nginx /
Resource Hash: 936a882f01649d3ec0d2d5af5bd95fc0645bfbdd2a4403cd0045143674c354ba

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://deathball.net/notpron/menu.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 21:06:59 GMT
last-modified: Thu, 30 Jul 2009 20:50:21 GMT
server: nginx
etag: "4a72078d-3b51"
content-type: image/gif
cache-control: max-age=3600, public
accept-ranges: bytes
content-length: 15185

GET
H2 200 2d.gif
deathball.net/notpron/gfx/ Frame F0A1 15 KB
15 KB 123ms
122ms Image
image/gif 91.203.110.219
CLOUDPIT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://deathball.net/notpron/gfx/2d.gif
Requested by: Host: deathball.net
URL: https://deathball.net/notpron/menu.htm
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 91.203.110.219 , Germany, ASN45012 (CLOUDPIT, DE),
Reverse DNS: host219.checkdomain.de
Software: nginx /
Resource Hash: eba8f6f5083919c45a0f31643984e72da78a8cae3d10ac5241c3b92d749c30c4

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://deathball.net/notpron/menu.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 21:06:59 GMT
last-modified: Thu, 30 Jul 2009 20:50:21 GMT
server: nginx
etag: "4a72078d-3ab4"
content-type: image/gif
cache-control: max-age=3600, public
accept-ranges: bytes
content-length: 15028

GET
H2 200 2e.gif
deathball.net/notpron/gfx/ Frame F0A1 14 KB
14 KB 124ms
123ms Image
image/gif 91.203.110.219
CLOUDPIT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://deathball.net/notpron/gfx/2e.gif
Requested by: Host: deathball.net
URL: https://deathball.net/notpron/menu.htm
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 91.203.110.219 , Germany, ASN45012 (CLOUDPIT, DE),
Reverse DNS: host219.checkdomain.de
Software: nginx /
Resource Hash: 60db3be456b81756307fbf577abc735fd0caf5ec655568a81f41994c53cb4fc5

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://deathball.net/notpron/menu.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 21:06:59 GMT
last-modified: Thu, 30 Jul 2009 20:50:21 GMT
server: nginx
etag: "4a72078d-360e"
content-type: image/gif
cache-control: max-age=3600, public
accept-ranges: bytes
content-length: 13838

GET
H2 200 donate1.gif
deathball.net/notpron/gfx/ Frame F0A1 3 KB
3 KB 124ms
123ms Image
image/gif 91.203.110.219
CLOUDPIT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://deathball.net/notpron/gfx/donate1.gif
Requested by: Host: deathball.net
URL: https://deathball.net/notpron/menu.htm
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 91.203.110.219 , Germany, ASN45012 (CLOUDPIT, DE),
Reverse DNS: host219.checkdomain.de
Software: nginx /
Resource Hash: dfee336e9b7f8af42d0298c7314b07e049c74a06a6391184e324c325d4dac64d

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://deathball.net/notpron/menu.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 21:06:59 GMT
last-modified: Thu, 30 Jul 2009 20:50:23 GMT
server: nginx
etag: "4a72078f-d2e"
content-type: image/gif
cache-control: max-age=3600, public
accept-ranges: bytes
content-length: 3374

GET
H2 200 2f.gif
deathball.net/notpron/gfx/ Frame F0A1 10 KB
11 KB 124ms
124ms Image
image/gif 91.203.110.219
CLOUDPIT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://deathball.net/notpron/gfx/2f.gif
Requested by: Host: deathball.net
URL: https://deathball.net/notpron/menu.htm
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 91.203.110.219 , Germany, ASN45012 (CLOUDPIT, DE),
Reverse DNS: host219.checkdomain.de
Software: nginx /
Resource Hash: e074f1288abacf2dfcd434af09fa079d162f200b3a10b0689d2cd4d50d44529e

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://deathball.net/notpron/menu.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 21:06:59 GMT
last-modified: Thu, 30 Jul 2009 20:50:21 GMT
server: nginx
etag: "4a72078d-29d0"
content-type: image/gif
cache-control: max-age=3600, public
accept-ranges: bytes
content-length: 10704

GET
H2 200 2g.gif
deathball.net/notpron/gfx/ Frame F0A1 11 KB
11 KB 124ms
123ms Image
image/gif 91.203.110.219
CLOUDPIT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://deathball.net/notpron/gfx/2g.gif
Requested by: Host: deathball.net
URL: https://deathball.net/notpron/menu.htm
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 91.203.110.219 , Germany, ASN45012 (CLOUDPIT, DE),
Reverse DNS: host219.checkdomain.de
Software: nginx /
Resource Hash: 61417582a6f1d19f170160350cdd324801c2392844b8b58409a41e6d1962c5a7

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://deathball.net/notpron/menu.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 21:06:59 GMT
last-modified: Thu, 30 Jul 2009 20:50:21 GMT
server: nginx
etag: "4a72078d-2c15"
content-type: image/gif
cache-control: max-age=3600, public
accept-ranges: bytes
content-length: 11285

GET
H2 200 2h.gif
deathball.net/notpron/gfx/ Frame F0A1 12 KB
12 KB 124ms
124ms Image
image/gif 91.203.110.219
CLOUDPIT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://deathball.net/notpron/gfx/2h.gif
Requested by: Host: deathball.net
URL: https://deathball.net/notpron/menu.htm
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 91.203.110.219 , Germany, ASN45012 (CLOUDPIT, DE),
Reverse DNS: host219.checkdomain.de
Software: nginx /
Resource Hash: f84ae32fefefcc2ae2a56a9905f040e8e2b6964c2630ba86957763482c641e64

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://deathball.net/notpron/menu.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 21:06:59 GMT
last-modified: Thu, 30 Jul 2009 20:50:21 GMT
server: nginx
etag: "4a72078d-3106"
content-type: image/gif
cache-control: max-age=3600, public
accept-ranges: bytes
content-length: 12550

GET
H2 200 2i.gif
deathball.net/notpron/gfx/ Frame F0A1 14 KB
14 KB 124ms
124ms Image
image/gif 91.203.110.219
CLOUDPIT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://deathball.net/notpron/gfx/2i.gif
Requested by: Host: deathball.net
URL: https://deathball.net/notpron/menu.htm
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 91.203.110.219 , Germany, ASN45012 (CLOUDPIT, DE),
Reverse DNS: host219.checkdomain.de
Software: nginx /
Resource Hash: b9b3b3fe57bcd3af6a30edf78b06ffc2c5a6a3c4c54da126eaeb24c81e5daa5b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://deathball.net/notpron/menu.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 21:06:59 GMT
last-modified: Thu, 30 Jul 2009 20:50:21 GMT
server: nginx
etag: "4a72078d-360e"
content-type: image/gif
cache-control: max-age=3600, public
accept-ranges: bytes
content-length: 13838

GET
H2 200 2j.gif
deathball.net/notpron/gfx/ Frame F0A1 14 KB
14 KB 124ms
124ms Image
image/gif 91.203.110.219
CLOUDPIT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://deathball.net/notpron/gfx/2j.gif
Requested by: Host: deathball.net
URL: https://deathball.net/notpron/menu.htm
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 91.203.110.219 , Germany, ASN45012 (CLOUDPIT, DE),
Reverse DNS: host219.checkdomain.de
Software: nginx /
Resource Hash: 17d9c47eb0490da4848cb5970191caf73fa24c9aa88cf4e54734163274022071

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://deathball.net/notpron/menu.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 21:06:59 GMT
last-modified: Thu, 30 Jul 2009 20:50:21 GMT
server: nginx
etag: "4a72078d-363b"
content-type: image/gif
cache-control: max-age=3600, public
accept-ranges: bytes
content-length: 13883

GET
H2 200 silv.jpg
deathball.net/notpron/gfx/ Frame AC8E 60 KB
60 KB 70ms
69ms Image
image/jpeg 91.203.110.219
CLOUDPIT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://deathball.net/notpron/gfx/silv.jpg
Requested by: Host: deathball.net
URL: https://deathball.net/notpron/start.htm
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 91.203.110.219 , Germany, ASN45012 (CLOUDPIT, DE),
Reverse DNS: host219.checkdomain.de
Software: nginx /
Resource Hash: 282499933eb741a8faa28ab8d1e0d3b99d4e447b1752c5992a474328583a4e5c

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://deathball.net/notpron/start.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 21:06:59 GMT
last-modified: Thu, 30 Jul 2009 20:50:30 GMT
server: nginx
etag: "4a720796-f0ce"
content-type: image/jpeg
cache-control: max-age=3600, public
accept-ranges: bytes
content-length: 61646

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame AC8E 146 KB
50 KB 124ms
71ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: deathball.net
URL: https://deathball.net/notpron/start.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5b3d81c284bdfe5b6eecb2045358260b1d2f7bf983c8787da91c178912aff59e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://deathball.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 21:06:59 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51090
x-xss-protection: 0
server: cafe
etag: 1208538115828724229
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Thu, 15 Feb 2024 21:06:59 GMT

GET
H2 200 1d.gif
deathball.net/notpron/gfx/ Frame F0A1 13 KB
13 KB 38ms
37ms Image
image/gif 91.203.110.219
CLOUDPIT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://deathball.net/notpron/gfx/1d.gif
Requested by: Host: deathball.net
URL: https://deathball.net/notpron/notpron.htm
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 91.203.110.219 , Germany, ASN45012 (CLOUDPIT, DE),
Reverse DNS: host219.checkdomain.de
Software: nginx /
Resource Hash: 07a8f1aedc7d825b29185eb07aa260833d33ee1a8b4b1b6bcb17c6ad38c92229

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://deathball.net/notpron/menu.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 21:06:59 GMT
last-modified: Thu, 30 Jul 2009 20:50:20 GMT
server: nginx
etag: "4a72078c-34f1"
content-type: image/gif
cache-control: max-age=3600, public
accept-ranges: bytes
content-length: 13553

GET
H2 200 1aa.gif
deathball.net/notpron/gfx/ Frame F0A1 10 KB
10 KB 39ms
38ms Image
image/gif 91.203.110.219
CLOUDPIT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://deathball.net/notpron/gfx/1aa.gif
Requested by: Host: deathball.net
URL: https://deathball.net/notpron/notpron.htm
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 91.203.110.219 , Germany, ASN45012 (CLOUDPIT, DE),
Reverse DNS: host219.checkdomain.de
Software: nginx /
Resource Hash: d8cfd962bc12bcbad1467e02b8d468b16fe7ae6157ed767083932f467b6a0f9b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://deathball.net/notpron/menu.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 21:06:59 GMT
last-modified: Thu, 30 Jul 2009 20:50:20 GMT
server: nginx
etag: "4a72078c-28f8"
content-type: image/gif
cache-control: max-age=3600, public
accept-ranges: bytes
content-length: 10488

GET
H2 200 not2.gif
deathball.net/notpron/gfx/ Frame F0A1 3 KB
3 KB 40ms
39ms Image
image/gif 91.203.110.219
CLOUDPIT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://deathball.net/notpron/gfx/not2.gif
Requested by: Host: deathball.net
URL: https://deathball.net/notpron/notpron.htm
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 91.203.110.219 , Germany, ASN45012 (CLOUDPIT, DE),
Reverse DNS: host219.checkdomain.de
Software: nginx /
Resource Hash: b5cce6325cf001ec05ed9a06e04bb9232309ec2fddae5d2f2f521f997312e7c2

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://deathball.net/notpron/menu.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 21:06:59 GMT
last-modified: Thu, 30 Jul 2009 20:50:27 GMT
server: nginx
etag: "4a720793-d08"
content-type: image/gif
cache-control: max-age=3600, public
accept-ranges: bytes
content-length: 3336

GET
H2 200 1e.gif
deathball.net/notpron/gfx/ Frame F0A1 13 KB
13 KB 40ms
40ms Image
image/gif 91.203.110.219
CLOUDPIT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://deathball.net/notpron/gfx/1e.gif
Requested by: Host: deathball.net
URL: https://deathball.net/notpron/notpron.htm
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 91.203.110.219 , Germany, ASN45012 (CLOUDPIT, DE),
Reverse DNS: host219.checkdomain.de
Software: nginx /
Resource Hash: 305417edaaf25938dc04fffa144df10ff4accac4ab167fc1942bad1055c24c6b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://deathball.net/notpron/menu.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 21:06:59 GMT
last-modified: Thu, 30 Jul 2009 20:50:20 GMT
server: nginx
etag: "4a72078c-3252"
content-type: image/gif
cache-control: max-age=3600, public
accept-ranges: bytes
content-length: 12882

GET
H2 200 1j.gif
deathball.net/notpron/gfx/ Frame F0A1 13 KB
13 KB 42ms
41ms Image
image/gif 91.203.110.219
CLOUDPIT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://deathball.net/notpron/gfx/1j.gif
Requested by: Host: deathball.net
URL: https://deathball.net/notpron/notpron.htm
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 91.203.110.219 , Germany, ASN45012 (CLOUDPIT, DE),
Reverse DNS: host219.checkdomain.de
Software: nginx /
Resource Hash: 3c21abe95ca4e1deb4b426cdbb7cb98ef4d6246f01d3baec7d0c5f862410d87f

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://deathball.net/notpron/menu.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 21:06:59 GMT
last-modified: Thu, 30 Jul 2009 20:50:21 GMT
server: nginx
etag: "4a72078d-352b"
content-type: image/gif
cache-control: max-age=3600, public
accept-ranges: bytes
content-length: 13611

GET
H2 200 1i.gif
deathball.net/notpron/gfx/ Frame F0A1 13 KB
13 KB 41ms
41ms Image
image/gif 91.203.110.219
CLOUDPIT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://deathball.net/notpron/gfx/1i.gif
Requested by: Host: deathball.net
URL: https://deathball.net/notpron/notpron.htm
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 91.203.110.219 , Germany, ASN45012 (CLOUDPIT, DE),
Reverse DNS: host219.checkdomain.de
Software: nginx /
Resource Hash: 1e619e89f3c5d82c4361765803c7d95aff9c9bd4df1983155dae4d9f2bd2df04

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://deathball.net/notpron/menu.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 21:06:59 GMT
last-modified: Thu, 30 Jul 2009 20:50:20 GMT
server: nginx
etag: "4a72078c-338a"
content-type: image/gif
cache-control: max-age=3600, public
accept-ranges: bytes
content-length: 13194

GET
H2 200 1c.gif
deathball.net/notpron/gfx/ Frame F0A1 14 KB
14 KB 43ms
42ms Image
image/gif 91.203.110.219
CLOUDPIT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://deathball.net/notpron/gfx/1c.gif
Requested by: Host: deathball.net
URL: https://deathball.net/notpron/notpron.htm
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 91.203.110.219 , Germany, ASN45012 (CLOUDPIT, DE),
Reverse DNS: host219.checkdomain.de
Software: nginx /
Resource Hash: 523d424cff0dad92a9697d17a0ef020b907ff5c7582005ec60202153707122dd

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://deathball.net/notpron/menu.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 21:06:59 GMT
last-modified: Thu, 30 Jul 2009 20:50:20 GMT
server: nginx
etag: "4a72078c-373e"
content-type: image/gif
cache-control: max-age=3600, public
accept-ranges: bytes
content-length: 14142

GET
H2 200 1h.gif
deathball.net/notpron/gfx/ Frame F0A1 12 KB
12 KB 44ms
43ms Image
image/gif 91.203.110.219
CLOUDPIT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://deathball.net/notpron/gfx/1h.gif
Requested by: Host: deathball.net
URL: https://deathball.net/notpron/notpron.htm
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 91.203.110.219 , Germany, ASN45012 (CLOUDPIT, DE),
Reverse DNS: host219.checkdomain.de
Software: nginx /
Resource Hash: ca3660f2dc238e99b9005a8e91af09c505acfa22afb95e6f472cc347294fb9d7

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://deathball.net/notpron/menu.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 21:06:59 GMT
last-modified: Thu, 30 Jul 2009 20:50:20 GMT
server: nginx
etag: "4a72078c-2ebf"
content-type: image/gif
cache-control: max-age=3600, public
accept-ranges: bytes
content-length: 11967

GET
H2 200 pron2.gif
deathball.net/notpron/gfx/ Frame F0A1 4 KB
4 KB 43ms
43ms Image
image/gif 91.203.110.219
CLOUDPIT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://deathball.net/notpron/gfx/pron2.gif
Requested by: Host: deathball.net
URL: https://deathball.net/notpron/notpron.htm
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 91.203.110.219 , Germany, ASN45012 (CLOUDPIT, DE),
Reverse DNS: host219.checkdomain.de
Software: nginx /
Resource Hash: a6ffe46bdc614d7792aee1ff4a675b775c64403a2ca8b1968e9a4d7fdd3d940f

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://deathball.net/notpron/menu.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 21:06:59 GMT
last-modified: Thu, 30 Jul 2009 20:50:29 GMT
server: nginx
etag: "4a720795-10e8"
content-type: image/gif
cache-control: max-age=3600, public
accept-ranges: bytes
content-length: 4328

GET
H2 200 1g.gif
deathball.net/notpron/gfx/ Frame F0A1 10 KB
10 KB 45ms
44ms Image
image/gif 91.203.110.219
CLOUDPIT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://deathball.net/notpron/gfx/1g.gif
Requested by: Host: deathball.net
URL: https://deathball.net/notpron/notpron.htm
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 91.203.110.219 , Germany, ASN45012 (CLOUDPIT, DE),
Reverse DNS: host219.checkdomain.de
Software: nginx /
Resource Hash: 015d780a92e46d4bfe674b95feecd2d47f58f95d300b338cfc25827517cf095a

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://deathball.net/notpron/menu.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 21:06:59 GMT
last-modified: Thu, 30 Jul 2009 20:50:20 GMT
server: nginx
etag: "4a72078c-284c"
content-type: image/gif
cache-control: max-age=3600, public
accept-ranges: bytes
content-length: 10316

GET
H2 200 1f.gif
deathball.net/notpron/gfx/ Frame F0A1 10 KB
10 KB 45ms
45ms Image
image/gif 91.203.110.219
CLOUDPIT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://deathball.net/notpron/gfx/1f.gif
Requested by: Host: deathball.net
URL: https://deathball.net/notpron/notpron.htm
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 91.203.110.219 , Germany, ASN45012 (CLOUDPIT, DE),
Reverse DNS: host219.checkdomain.de
Software: nginx /
Resource Hash: 07c0ad774fd682b82ee63b514e1165f402f3fe832fc4e9ad7523b9b17ee118e7

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://deathball.net/notpron/menu.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 21:06:59 GMT
last-modified: Thu, 30 Jul 2009 20:50:20 GMT
server: nginx
etag: "4a72078c-27ad"
content-type: image/gif
cache-control: max-age=3600, public
accept-ranges: bytes
content-length: 10157

GET
H2 200 donate2.gif
deathball.net/notpron/gfx/ Frame F0A1 3 KB
3 KB 46ms
46ms Image
image/gif 91.203.110.219
CLOUDPIT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://deathball.net/notpron/gfx/donate2.gif
Requested by: Host: deathball.net
URL: https://deathball.net/notpron/notpron.htm
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 91.203.110.219 , Germany, ASN45012 (CLOUDPIT, DE),
Reverse DNS: host219.checkdomain.de
Software: nginx /
Resource Hash: bb5e6623d97e1f8a9d349d96ef82b7970f2c91293f3850a3a17c1f5900215348

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://deathball.net/notpron/menu.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 21:06:59 GMT
last-modified: Thu, 30 Jul 2009 20:50:23 GMT
server: nginx
etag: "4a72078f-d15"
content-type: image/gif
cache-control: max-age=3600, public
accept-ranges: bytes
content-length: 3349

GET
H2 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402080301/ Frame AC8E 406 KB
138 KB 81ms
81ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402080301/show_ads_impl_fy2021.js?bust=31081134

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c2fe7ff2614949f65d7ce6aaab175df7deef92ad191a96acf38b246ed0f9afc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://deathball.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 21:07:00 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 140982
x-xss-protection: 0
server: cafe
etag: 12649071991677999010
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 15 Feb 2024 21:07:00 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240213/r20190131/ Frame 4CB0 9 KB
5 KB 81ms
23ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240213/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://deathball.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 75023
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 15 Feb 2024 00:16:37 GMT
etag: 3890843268177463596
expires: Thu, 29 Feb 2024 00:16:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0CA1 114 KB
41 KB 1102ms
1101ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3851982126860168&output=html&h=200&slotname=1616044294&adk=2365266410&adf=1507960139&pi=t.ma~as.1616044294&w=1200&fwrn=3&lmt=1697403635&rafmt=11&format=1200x200&url=https%3A%2F%2Fdeathball.net%2Fnotpron%2Fstart.htm&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708031219999&bpp=5&bdt=170&idt=168&shv=r20240213&mjsv=m202402080301&ptt=9&saldr=aa&correlator=7461468609034&frm=21&ife=1&pv=2&ga_vid=1245967325.1708031220&ga_sid=1708031220&ga_hid=454186621&ga_fc=0&nhd=1&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=862&biw=1600&bih=1200&isw=1600&ish=900&ifk=4019781112&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808397%2C31081141%2C95324581%2C95325069%2C31081134%2C95320376%2C95320868%2C95324155%2C95324161&oid=2&pvsid=4178544822168738&tmod=1165254812&uas=0&nvt=1&top=https%3A%2F%2Fdeathball.net%2Fnotpron%2Fnotpron.htm&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C900&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=132&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.cwshwys1zysd&fsb=1&dtd=176

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402080301/show_ads_impl_fy2021.js?bust=31081134

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0a992efd2f7bf114b99fc86c3912269f4ca3fad826bde67e6ad8b98a9d3b6250

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://deathball.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 41829
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 15 Feb 2024 21:07:01 GMT
expires: Thu, 15 Feb 2024 21:07:01 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 7228287740632626009
tpc.googlesyndication.com/simgad/ Frame 0CA1 17 KB
17 KB 188ms
49ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7228287740632626009?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qnKBYenLYDdvzju0jOc0nNzNPiPIw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3851982126860168&output=html&h=200&slotname=1616044294&adk=2365266410&adf=1507960139&pi=t.ma~as.1616044294&w=1200&fwrn=3&lmt=1697403635&rafmt=11&format=1200x200&url=https%3A%2F%2Fdeathball.net%2Fnotpron%2Fstart.htm&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708031219999&bpp=5&bdt=170&idt=168&shv=r20240213&mjsv=m202402080301&ptt=9&saldr=aa&correlator=7461468609034&frm=21&ife=1&pv=2&ga_vid=1245967325.1708031220&ga_sid=1708031220&ga_hid=454186621&ga_fc=0&nhd=1&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=862&biw=1600&bih=1200&isw=1600&ish=900&ifk=4019781112&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808397%2C31081141%2C95324581%2C95325069%2C31081134%2C95320376%2C95320868%2C95324155%2C95324161&oid=2&pvsid=4178544822168738&tmod=1165254812&uas=0&nvt=1&top=https%3A%2F%2Fdeathball.net%2Fnotpron%2Fnotpron.htm&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C900&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=132&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.cwshwys1zysd&fsb=1&dtd=176

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a644400369efa9b1296148f9f1b60fba142078e498a1a528e603d38daa9faf9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 09:00:13 GMT
x-content-type-options: nosniff
age: 216408
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17166
x-xss-protection: 0
last-modified: Thu, 15 Jul 2021 12:38:10 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 12 Feb 2025 09:00:13 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240213/r20110914/ Frame 0CA1 23 KB
9 KB 163ms
26ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240213/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d196aab20ec653c7f7dfc1e03cc9e2e3dd7f36ab63d756f7c436c93b26c1007

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 20:40:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1604
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8991
x-xss-protection: 0
server: cafe
etag: 11525033739721728465
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 29 Feb 2024 20:40:17 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 70A4 143 B
166 B 23ms
23ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3851982126860168&output=html&h=200&slotname=1616044294&adk=2365266410&adf=1507960139&pi=t.ma~as.1616044294&w=1200&fwrn=3&lmt=1697403635&rafmt=11&format=1200x200&url=https%3A%2F%2Fdeathball.net%2Fnotpron%2Fstart.htm&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708031219999&bpp=5&bdt=170&idt=168&shv=r20240213&mjsv=m202402080301&ptt=9&saldr=aa&correlator=7461468609034&frm=21&ife=1&pv=2&ga_vid=1245967325.1708031220&ga_sid=1708031220&ga_hid=454186621&ga_fc=0&nhd=1&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=862&biw=1600&bih=1200&isw=1600&ish=900&ifk=4019781112&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808397%2C31081141%2C95324581%2C95325069%2C31081134%2C95320376%2C95320868%2C95324155%2C95324161&oid=2&pvsid=4178544822168738&tmod=1165254812&uas=0&nvt=1&top=https%3A%2F%2Fdeathball.net%2Fnotpron%2Fnotpron.htm&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C900&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=132&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.cwshwys1zysd&fsb=1&dtd=176
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 1707
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 15 Feb 2024 20:38:34 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240213/r20110914/client/ Frame 0CA1 3 KB
1 KB 167ms
30ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240213/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 20:40:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1604
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 29 Feb 2024 20:40:17 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240213/r20110914/client/ Frame 0CA1 20 KB
8 KB 160ms
24ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240213/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

245cec0922828c15b3709eb696bb5a565f2f911f71e242024570698701c9540c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 16:55:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15080
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8220
x-xss-protection: 0
server: cafe
etag: 16176141338659805634
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 29 Feb 2024 16:55:41 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 0CA1 204 KB
61 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0263ae4f7e587123e23dd226393d624068f51722610bf0cb53c56c7e1e680ede

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 20:59:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 450
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62867
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 15 Feb 2024 21:59:31 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240213/r20110914/client/ Frame 0CA1 36 KB
14 KB 160ms
31ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240213/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

473f98fc0967c2c122456fc402d7db00d57d3fe3b46a12d075d10eb26a55dd5b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 16:55:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15079
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14610
x-xss-protection: 0
server: cafe
etag: 17234995959194474601
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 29 Feb 2024 16:55:42 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 70A4
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

39ms
39ms

Document
text/html

2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 15 Feb 2024 21:07:01 GMT
expires: Thu, 15 Feb 2024 21:07:01 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 15 Feb 2024 21:07:01 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 0CA1 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a60e8bd42fbeb7c16b61465a3ca5bdd9296ae0e714c119f76eacaba0bb743721

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 0CA1
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=Cxhyi9HzOZY-UFNfp7OsP0fO5uAbeob6ZdfrT04CtEgoQASCGyeYVYPWVzoHgBKAB7LPywAHIAQKoAwHIA8kEqgTZAU_QaN3MmyuAHP6_xbfyjhYNkqnoCcqdI955T1hleAiqC66YGDiVgl9...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x30c007eb7603aae0000000000000000%22,%222%22:%220xdfb29fe52afc38980000000000000000%22,%223%22:%220x2349c4f...

0
0

102ms
54ms

Fetch
text/css

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x30c007eb7603aae0000000000000000%22,%222%22:%220xdfb29fe52afc38980000000000000000%22,%223%22:%220x2349c4f7398b115a0000000000000000%22,%224%22:%220xa53f6a11aac68b360000000000000000%22,%225%22:%220xd8b052f9833e0310000000000000000%22},%22debug_key%22:%2216199693223611868317%22,%22debug_reporting%22:true,%22destination%22:%22https://madmuscles.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22404527596%22],%2222%22:[%22true%22],%224%22:[%2202-15%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2215545069373084343585%22}&andc=true

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 21:07:01 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0x30c007eb7603aae0000000000000000","2":"0xdfb29fe52afc38980000000000000000","3":"0x2349c4f7398b115a0000000000000000","4":"0xa53f6a11aac68b360000000000000000","5":"0xd8b052f9833e0310000000000000000"},"debug_key":"16199693223611868317","debug_reporting":true,"destination":"https://madmuscles.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["404527596"],"22":["true"],"4":["02-15"],"6":["true"]},"priority":"500","source_event_id":"15545069373084343585"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 15 Feb 2024 21:07:01 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 15 Feb 2024 21:07:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x30c007eb7603aae0000000000000000","2":"0xdfb29fe52afc38980000000000000000","3":"0x2349c4f7398b115a0000000000000000","4":"0xa53f6a11aac68b360000000000000000","5":"0xd8b052f9833e0310000000000000000"},"debug_key":"16199693223611868317","debug_reporting":true,"destination":"https://madmuscles.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["404527596"],"22":["true"],"4":["02-15"],"6":["true"]},"priority":"500","source_event_id":"15545069373084343585"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame AC8E 16 KB
12 KB 118ms
69ms XHR
application/json 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240213&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402080301/show_ads_impl_fy2021.js?bust=31081134

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0bc43867108c772dd33e047070689d1e3273a8f1a8d1bff5d7f173969fee0e0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://deathball.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 21:07:01 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12322
x-xss-protection: 0

GET
H3 200 -nfEL6nT6hMAPyjdoOzOb1jP1Zjk2lcitOv7Rt98uqU.js Show response
pagead2.googlesyndication.com/bg/ Frame 0DB5 50 KB
19 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/-nfEL6nT6hMAPyjdoOzOb1jP1Zjk2lcitOv7Rt98uqU.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fa77c42fa9d3ea13003f28dda0ecce6f58cfd598e4da5722b4ebfb46df7cbaa5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 17:34:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12727
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19793
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 14 Feb 2025 17:34:54 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 126ms
55ms Preflight
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 15 Feb 2024 21:07:01 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame AC8E 17 KB
7 KB 99ms
98ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402080301/show_ads_impl_fy2021.js?bust=31081134

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://deathball.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 21:07:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 15 Feb 2024 21:07:01 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D4B0 13 KB
5 KB 23ms
23ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://deathball.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 1592
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 15 Feb 2024 20:40:29 GMT
expires: Fri, 14 Feb 2025 20:40:29 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame A607 829 B
998 B 35ms
35ms Document
text/html 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d8318641d15c7fc883946bbd7b4d297449f9fb9dcfab5e644d172352fafa3781

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-g9L-shCzAWWnwAzvxMkdkQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://deathball.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-g9L-shCzAWWnwAzvxMkdkQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 15 Feb 2024 21:07:01 GMT
expires: Thu, 15 Feb 2024 21:07:01 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js Show response
pagead2.googlesyndication.com/bg/ Frame D4B0 39 KB
15 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29ef35d4653c0fda0fd74b8cbb9e040ea5ae2390c608e8c2eaf34819c649d9d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 18:04:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10947
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15261
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 14 Feb 2025 18:04:34 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame A607 0
0 54ms
54ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240213&jk=4178544822168738&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame D4B0 0
10 B 22ms
22ms Image
text/plain 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?sHBjFA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 21:07:01 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame AC8E 0
0 56ms
56ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240213&jk=4178544822168738&bg=!0dKl0p3NAAZN4L4YbeA7ADQBe5WfOKr6EDPiYJVsgz-D_ktXQGtrHiRgmwdFgr0kQcn91xYJKPHyQDkdCzMwlYknCG33AgAAACtSAAAAAmgBB5kC2qsVvYoaSZOMMkUxeNUyW6PUdAT8MlQc9RFW0n1W7FjrVKldat6R6U5LX6kJNT95N_VZtz1Qbz0iBTGu9zeC9laohelaNYowrdAcFli6w0KJEKBIl1P8puTMQmcguIjIKA5-Gwdx3S6nSODljVHbNCd60bUWJuzqPWjD3i3hosPo3NG8NII5UPW1aWUi2pc_qQ_SJ_RIP5Qs2NScEZcigFD7fXUU9ckIp3_If3b83iRhSDu5dmw1AzzFAQT2ciCkW4YHTOwht5ZhDXXMlSTG2IJ0rlo72Z1X7R2__7dK8hQSqUrTc01sElxO3TCua5evF6tKpgnRSYzTyFfjHQk2p7JZab5pz2tPTW8ZD7BHidGqwZTF4BfwOTwcySNoWc6kxBXpp8iymk9s2fXTQ0JcoAVTlBalcSuEHIY5dupAmWV3_xtjHO3lo1fBseXxi31Rid02JvT1mFb9xEb7EORqglF5UWZfUZH9v4p-DZmQ01JNiQwrEynvxgCJa-kK2BOXViWseqGiYtI0uJ_owBL7xTqZqdMjieiAaAqcd_PbTRT_skwBznIysTgiK5e38ShMvf-itDqATCyiefxVXdiuj0a4ZG6MxTHr4qdt_oTwjOpIpvAq2rYX2Mc3XaUVzlAxt-LQgSul1owKAO5nMPm1xtI7ZeN5CztI1V6a0ibGo3GbGXGFvDRKvT-kGIzVDS1SC8_hIe82VxNW1lATWjy3RTaReKLHufP0fdNxNMGiP_-YpsCKtp4gcOtZwqOptU9si38RzAHHxElPTfVOCoBXWNS8wJqOyE8U2fkQ4lLfI3Izj0ClfLdYYeM6j8IT91cuxUv6B0qEfNBSbCs78IetRJq4Myb6CTpfxGJhxQJ8wfAUhRaTMBzwdrGHHwqqSZox1NPJCWtVP3zej9gdg0JP_6G6gwu8zHaioLuApiUzQ5e_0EmeFF3g22_EGu30idBozoGYwWqQJiHvADA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://deathball.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 0CA1 42 B
64 B 57ms
57ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsusfnBUommvJsp__ojpUlIeOehGx1lBDTAQtw7qeMIWn5qOnIWfNyjTpbclfK-0c_NAiWFcViSug4at_3fF3MKgy2euIhvGXCG-RFVnEwcBA7l5giQvDpffcstqUZjD-EGWPBoggo5mvTJaBmcLD-gU3fhq-6eGEQI&sai=AMfl-YSajstMHXG1oto5wVQa3mcBF8dcWpa2AJbLU2rtgFYNE5b_s65OphTZf_M8CmcSYx-uZgRgd9l5R0s1Tpctha3N79xEXmQDr9snrbqsNqi6B5CsugkAkcgIt92WdfdEq5Aue2LSqO57_WII8wNw&sig=Cg0ArKJSzKWMQNJ9NUeFEAE&cid=CAQSTgAvHhf_Bj5D907aES4v_8t2LU_gwH2qxKM48GbP1pWgr6JExN4BAOcO2jeb4auzI8qIYeG5kSmt2r88ACCVoMzpmosew0cWwa43dJf4ZBgB&id=lidar2&mcvt=1000&p=0,98,124,1103&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240213&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=2365266410&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=396402100&rst=1708031220176&rpt=1316&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Feb 2024 21:07:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.deathball.net/	1970-01-21 03:48:47	Name: __gads Value: ID=082c29d93f63da0e:T=1708031220:RT=1708031220:S=ALNI_MY8-Ggwi0YFMDb9kHZKpdMMrVbLbg
.deathball.net/	1970-01-21 03:48:47	Name: __gpi Value: UID=00000d592a9c31dd:T=1708031220:RT=1708031220:S=ALNI_MZfqswcpEtVIw8HKwIzdMPw7KLAwQ
.deathball.net/	1970-01-20 22:46:23	Name: __eoi Value: ID=8b8d1ef87d14db19:T=1708031220:RT=1708031220:S=AA-Afjblen5JNWU43iszcb49FuUL
.doubleclick.net/	1970-01-20 18:27:14	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-21 04:03:11	Name: IDE Value: AHWqTUkMPrV8MmHbnpE7ScU7UqkvzmOOUbOGeXx1Tqli-ZyMKfU_maLZwGbT4dWuVhg
.googleadservices.com/	1970-01-20 20:36:47	Name: ar_debug Value: 1

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://deathball.net/notpron/notpron.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://deathball.net/notpron/notpron.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://deathball.net/notpron/notpron.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://deathball.net/notpron/notpron.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://deathball.net/notpron/notpron.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://deathball.net/notpron/notpron.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://deathball.net/notpron/notpron.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://deathball.net/notpron/notpron.htm Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

deathball.net
googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
www.google.com
www.googleadservices.com
142.250.181.226
2a00:1450:4001:80b::2004
2a00:1450:4001:828::2001
2a00:1450:4001:828::2002
2a00:1450:4001:831::2002
91.203.110.219
015d780a92e46d4bfe674b95feecd2d47f58f95d300b338cfc25827517cf095a
0263ae4f7e587123e23dd226393d624068f51722610bf0cb53c56c7e1e680ede
07a8f1aedc7d825b29185eb07aa260833d33ee1a8b4b1b6bcb17c6ad38c92229
07c0ad774fd682b82ee63b514e1165f402f3fe832fc4e9ad7523b9b17ee118e7
0a992efd2f7bf114b99fc86c3912269f4ca3fad826bde67e6ad8b98a9d3b6250
0bc43867108c772dd33e047070689d1e3273a8f1a8d1bff5d7f173969fee0e0d
17d9c47eb0490da4848cb5970191caf73fa24c9aa88cf4e54734163274022071
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1e619e89f3c5d82c4361765803c7d95aff9c9bd4df1983155dae4d9f2bd2df04
245cec0922828c15b3709eb696bb5a565f2f911f71e242024570698701c9540c
282499933eb741a8faa28ab8d1e0d3b99d4e447b1752c5992a474328583a4e5c
29ef35d4653c0fda0fd74b8cbb9e040ea5ae2390c608e8c2eaf34819c649d9d6
305417edaaf25938dc04fffa144df10ff4accac4ab167fc1942bad1055c24c6b
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3c21abe95ca4e1deb4b426cdbb7cb98ef4d6246f01d3baec7d0c5f862410d87f
473f98fc0967c2c122456fc402d7db00d57d3fe3b46a12d075d10eb26a55dd5b
4d196aab20ec653c7f7dfc1e03cc9e2e3dd7f36ab63d756f7c436c93b26c1007
523d424cff0dad92a9697d17a0ef020b907ff5c7582005ec60202153707122dd
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5b3d81c284bdfe5b6eecb2045358260b1d2f7bf983c8787da91c178912aff59e
60db3be456b81756307fbf577abc735fd0caf5ec655568a81f41994c53cb4fc5
61417582a6f1d19f170160350cdd324801c2392844b8b58409a41e6d1962c5a7
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
64428d416d966d65923bd3fc07fa1a3d275f51c49ade382dc609e04d07f950c1
66d8c00683e128e2f2241c3bf90675f7ac2ea07b59f2c8af9b2a05cd0d1ff380
6a644400369efa9b1296148f9f1b60fba142078e498a1a528e603d38daa9faf9
6fc332ba90da87be13accd5be282b32081bf3a55d662254de0c43969c85032d9
936a882f01649d3ec0d2d5af5bd95fc0645bfbdd2a4403cd0045143674c354ba
939d501e9e0fa27d2e54f382cb05ac9f9bba1e5e97d8aa3f92e38672c82f1f9a
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
a60e8bd42fbeb7c16b61465a3ca5bdd9296ae0e714c119f76eacaba0bb743721
a6ffe46bdc614d7792aee1ff4a675b775c64403a2ca8b1968e9a4d7fdd3d940f
b5cce6325cf001ec05ed9a06e04bb9232309ec2fddae5d2f2f521f997312e7c2
b9b3b3fe57bcd3af6a30edf78b06ffc2c5a6a3c4c54da126eaeb24c81e5daa5b
b9d03f293e4510707411bfc37abd6e6feb875a97d2f5acea18e65bfbd7b4586b
bb5e6623d97e1f8a9d349d96ef82b7970f2c91293f3850a3a17c1f5900215348
c2fe7ff2614949f65d7ce6aaab175df7deef92ad191a96acf38b246ed0f9afc6
ca3660f2dc238e99b9005a8e91af09c505acfa22afb95e6f472cc347294fb9d7
d4c98d273afd648e1f710da26376e0d7ceb4245caf66914261d4aeb6a4347766
d8318641d15c7fc883946bbd7b4d297449f9fb9dcfab5e644d172352fafa3781
d8cfd962bc12bcbad1467e02b8d468b16fe7ae6157ed767083932f467b6a0f9b
dfee336e9b7f8af42d0298c7314b07e049c74a06a6391184e324c325d4dac64d
e074f1288abacf2dfcd434af09fa079d162f200b3a10b0689d2cd4d50d44529e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eba8f6f5083919c45a0f31643984e72da78a8cae3d10ac5241c3b92d749c30c4
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f84ae32fefefcc2ae2a56a9905f040e8e2b6964c2630ba86957763482c641e64
fa77c42fa9d3ea13003f28dda0ecce6f58cfd598e4da5722b4ebfb46df7cbaa5

deathball.net Open in urlscan Pro 91.203.110.219 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

52 Requests

98 %HTTPS

67 %IPv6

5 Domains

6 Subdomains

7 IPs

2 Countries

717 kBTransfer

1425 kBSize

6 Cookies

0 Outgoing links

Redirected requests

52 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

deathball.net Open in urlscan Pro
91.203.110.219 Public Scan

Screenshot
Live screenshot

Full Image

52
Requests

98 %
HTTPS

67 %
IPv6

5
Domains

6
Subdomains

7
IPs

2
Countries

717 kB
Transfer

1425 kB
Size

6
Cookies

52 HTTP transactions
1 data transactions